[Cryptography] simple codebook for passwords

Andreas Junius andreas.junius at gmail.com
Tue Jan 13 17:18:15 EST 2015

On 14/01/15 07:18, ianG wrote:
> Following is a simple codebook design for ordinary users.  Discuss ;)
> https://www.qwertycards.com/
>   The simple plastic card that goes in your wallet for easy to remember
> very strong passwords picture of qwertycard
> Step 1: Type in the code letters shown on the 'spacebar' of the card
> Password sh(/J3Hq
> Step 2: Choose a single secret word for all your passwords
> Example: ENIGMA. Type in the code characters for each letter of ENIGMA
> Password sh(/J3HqAfQsu.
> Step 3: Type in the code characters for each letter of the website you
> are using
> Example: www.AMAZON.com use the code characters for each letter of AMAZON
> Password sh(/J3HqAfQsu..u.rqf

I think it's a good idea to help the user creating passwords (although 
I'm also sure it's too complicated for the average user). But I'm not 
sure if the system actually adds entropy to the generated passwords as 
promised. The first part combined with the second one will be a constant 
value and even the third part is generated from a known value.

Why not just using the codebook to replace any easy to remember password 
with the alphabet soup?

Relying on a third party to create the code card may also be a problem. 
Even if they are trustworthy, they probably generate all those codes on 
a computer that can be hacked.

More information about the cryptography mailing list