This blog is for the purpose of sharing a method of creating passwords and PINs that are easily recalled yet not easily hacked. Unfortunately, this blog will also be read by hackers. A well thought out and well-protected constant is perhaps the best defence. There may be other strategies that can help make life more difficult for hackers. I would like to offer a few here.
First, let’s look at the listing of variables. Some may not be comfortable with the idea of putting the variables in a list. It may be seen as a give-away. But, think about it, it can also be used to mislead hackers. Here are some of the ways to do it:
- Only the first, say, 5 letters of the variables are applicable. For example, the variable “I am a great guy”. It becomes “mgrtgy” when the vowels are left out. The real variable is “mgrtg”, the first 5 letters. It can of course be the last 5 letters instead. Also, instead of 5, it can be 3 or 4, or whatever. Set your own rule and apply it to all cases.
- List some of the letters in CAP, like “I am a GReat guy”. The uppercase letters may only be a deception and do not mean anything. Or, it may mean there is an uppercase letter somewhere. Again, set your own rule what it means, i.e. the letter at which position shall be in the uppercase.
- Make some exceptions to the rule of dropping the vowels. Two examples of what we can do:
- Only vowels in one part of the constant-variable components are left out
- Only certain vowels are dropped. For ease of application, keep only one, the rest are dropped
- If you know the written scripts of another language other than English, you can add a few such other language scripts in your entries. For example, I can add the Chinese character for flower to my entry of “beautiful” to become “beautiful 花”. It may be partly or fully significant, or not at all. If it is to be significant, you can encode it as follows:
- 8 by stroke count
- 4421 by the 4-corner dictionary code
- 11 by adding the 4 digits in “4421”
- 4 by recognizing only the first digit in “4421”
So “beautiful花”can be any of these:
- Btfl (the Chinese character is only a red herring)
- btfl8
- btfl4421
- btfl11
- btfl4
- 4421 (when there is a Chinese character, ignore the English word)
Second, change the CONvariablestant format. I can mix the components about like these:
- variaCONstantble
- CONvstantariable
- Cvariableonstant, etc
Third, encode one part of the constant + variable components into a number. The main article suggests two ways to do it. The letter positions in the alphabet method (para 14) can be used to convert both the constant and the variable. The number counts of the letters in the words method (para 8) is suitable for a memorable phrase. We can always use this method to create statements even referring to the particular website/portal so that it is easier to construct and remember. Here are some examples:
- I like to bank with Hongkong Shanghai Bank – (convert to 14244884)
- We can get good bargains on ebay – 2334824
- Amazon.com is my favorite online store – 922865
- Thanks Google for Gmail, I can communicate with the world – 66451311435
Again, to make it more difficult for hackers, use only, say, the first 4 or 5 digits (similar idea to the first bullet point in para 2 above).
The above examples are essentially to make the method more hack-proof even when the hackers know the method. As for applying the system, we will have to set our own rules so that we know exactly what to do when we have to think of a password and then when we need to recall it. I have given several examples how to go about encoding the passwords but you have only need to decide on one combination of two methods – one for the constant and one for the variables – and use just this one combination throughout. Do not use more than one combination to prevent confusion and uncertainty when you have to recall them.
I would like to invite contributions from readers if they have other strategies for encoding. The more varieties of ways there are, the more we are making the job of hacking difficult.
The more we share, the more we gain!