[Tfug] 8. Re: Authentication procedures

Bexley Hall bexley401 at yahoo.com
Thu Mar 19 10:48:19 MST 2009


Hi, Charles,

> What I have is a secret formula that I use to answer all secret
> questions and use for all passwords.
> 
> I use the same formula for all secret questions.
> 
> Let's see: for parameters
> a) the musical scale,
> b) palindromes,
> c) the periodic table of the elements:
> If the secret question is "What is the name of your favorite sister?"
> 
> You can do this:  "hmmm, W is not in the periodic
> table, Ha is... Halium, uhhh ... wait a minute, W is an
> element, it's Tungsten!"

Almost all interrogatives begin with W -- then followed by H.  :>
(Who, What, Where, When, Why... *How*!)

> So the answer is:
> 
> TungstenmiulaH74...
> 
> Rule2: I just made Halium up.  It's not really an
> element.  Spelled it backwards. Added 74
> 
> So, there are really a large number of possible formulas
> one can use for all passwords for all secret
> questions.  Your formula, however, if you're worried
> about security... like someone getting into your email
> account; should be as random and complex in appearance as
> anyone's password.
> 
> Rule3: Skip every other letter.
> 
> Tnsemua74
> 
> Rule4: Transform the letters of musical scales up a note.
> And capitalize them.
> 
> TnsFmuB74
> 
> 
> The four rules are:
> 
> Rule1: Spell out the letters, symbols, as the names of
> elements in the periodic table.  If none exist, make
> one up according to certain rules...for consonants preceding
> vowels, etc.... add lium, or pium, etc.
> 
> Rule2: Spell the last element backwards at the end and add
> the atomic number of the first element.
> 
> Rule3: Skip every certain numbers of letters.
> 
> Rule4: Transpose the letters corresponding to musical
> scales.

Wow, this is *way* too complicated for my little brain!  :>
It seems easier (to me) to just commit a bunch of random
character sequences to memory (so long as you don't have
to *change* them often!)

In the past, I have used simple hacks:  like swapping the
last two digits in the birth year (works for years other
than 55, 66, 77, 88, 99, etc.); associating secret with
"account name" (e.g., "dispicable" for "daffyduck"); etc.

Of course, it also depends on *where* the account resides.
E.g., I use different strengths for 'net accessible
accounts vs. accounts on my home machines vs. accounts on
my laptops (which can more easily be accessed by third parties).
So, for example, a laptop may use a password that has lots
of punctuation and control characters in it whereas one
of my home machines might just use a license plate password.
 
> This is just a random set of rules, you can have three or
> two rules depending on your needs... my example is a certain
> "formula" that I copyrighted,...so please don't use it to
> login to my bank account.  Thank you

<grin>


      




More information about the tfug mailing list