Secure password creation strategies
Published: 8-20-2012 2:50 pm
Greetings all,
With the new password policies that went into place this spring, we've
fielded a number of comments from folks who struggle to create compliant
passwords. We thought it might be nice to do a mini educational series on
strategies for password creation. We'll be sharing a brief note each day this
week, starting today, both here and on the NATS facebook page: https://www.facebook.com/NATSatWSC
Password creation tip #1: Leetspeak
Take a common word that you can easily remember, perhaps a middle name,
model of car you drive, a favorite restaurant, or the street on which you live,
and substitute visually similar symbols (homoglyphs) for the letters.
For
example:
McDonalds would become: McD0nalds
The o has become a capital zero. Notice that this qualifies under WSC's
password rules (longer than 8 characters, upper case, lower case and
digits).
For a more interesting example:
Oakview would become 0akv1evv
The O has becomes a zero, the i has become a 1 and the w has become two
v's, stretching the word from 7 characters to 8 and qualifying under the
password rules.
Leetspeak is, essentially, a simple form of character-substitution cipher
cryptography, based on the premise that the "person" you are trying to keep your
data from doesn't understand the cipher pattern. Since most hacking systems use
dictionary-based attacks and don't consider visually similar homoglyphs,
leetspeak is an effective way to foil them and still leave you with a password
that is relatively easy to remember!
We hope this helps you create secure, easy-to-remember passwords!
JD
