[Cryptography] simple codebook for passwords
Andreas Junius
andreas.junius at gmail.com
Tue Jan 13 17:18:15 EST 2015
On 14/01/15 07:18, ianG wrote:
> Following is a simple codebook design for ordinary users. Discuss ;)
>
>
>
> https://www.qwertycards.com/
>
> The simple plastic card that goes in your wallet for easy to remember
> very strong passwords picture of qwertycard
>
> Step 1: Type in the code letters shown on the 'spacebar' of the card
> Password sh(/J3Hq
>
> Step 2: Choose a single secret word for all your passwords
> Example: ENIGMA. Type in the code characters for each letter of ENIGMA
> Password sh(/J3HqAfQsu.
>
> Step 3: Type in the code characters for each letter of the website you
> are using
> Example: www.AMAZON.com use the code characters for each letter of AMAZON
> Password sh(/J3HqAfQsu..u.rqf
I think it's a good idea to help the user creating passwords (although
I'm also sure it's too complicated for the average user). But I'm not
sure if the system actually adds entropy to the generated passwords as
promised. The first part combined with the second one will be a constant
value and even the third part is generated from a known value.
Why not just using the codebook to replace any easy to remember password
with the alphabet soup?
Relying on a third party to create the code card may also be a problem.
Even if they are trustworthy, they probably generate all those codes on
a computer that can be hacked.
More information about the cryptography
mailing list