[Tfug] 8. Re: Authentication procedures
Bexley Hall
bexley401 at yahoo.com
Thu Mar 19 10:48:19 MST 2009
Hi, Charles,
> What I have is a secret formula that I use to answer all secret
> questions and use for all passwords.
>
> I use the same formula for all secret questions.
>
> Let's see: for parameters
> a) the musical scale,
> b) palindromes,
> c) the periodic table of the elements:
> If the secret question is "What is the name of your favorite sister?"
>
> You can do this: "hmmm, W is not in the periodic
> table, Ha is... Halium, uhhh ... wait a minute, W is an
> element, it's Tungsten!"
Almost all interrogatives begin with W -- then followed by H. :>
(Who, What, Where, When, Why... *How*!)
> So the answer is:
>
> TungstenmiulaH74...
>
> Rule2: I just made Halium up. It's not really an
> element. Spelled it backwards. Added 74
>
> So, there are really a large number of possible formulas
> one can use for all passwords for all secret
> questions. Your formula, however, if you're worried
> about security... like someone getting into your email
> account; should be as random and complex in appearance as
> anyone's password.
>
> Rule3: Skip every other letter.
>
> Tnsemua74
>
> Rule4: Transform the letters of musical scales up a note.
> And capitalize them.
>
> TnsFmuB74
>
>
> The four rules are:
>
> Rule1: Spell out the letters, symbols, as the names of
> elements in the periodic table. If none exist, make
> one up according to certain rules...for consonants preceding
> vowels, etc.... add lium, or pium, etc.
>
> Rule2: Spell the last element backwards at the end and add
> the atomic number of the first element.
>
> Rule3: Skip every certain numbers of letters.
>
> Rule4: Transpose the letters corresponding to musical
> scales.
Wow, this is *way* too complicated for my little brain! :>
It seems easier (to me) to just commit a bunch of random
character sequences to memory (so long as you don't have
to *change* them often!)
In the past, I have used simple hacks: like swapping the
last two digits in the birth year (works for years other
than 55, 66, 77, 88, 99, etc.); associating secret with
"account name" (e.g., "dispicable" for "daffyduck"); etc.
Of course, it also depends on *where* the account resides.
E.g., I use different strengths for 'net accessible
accounts vs. accounts on my home machines vs. accounts on
my laptops (which can more easily be accessed by third parties).
So, for example, a laptop may use a password that has lots
of punctuation and control characters in it whereas one
of my home machines might just use a license plate password.
> This is just a random set of rules, you can have three or
> two rules depending on your needs... my example is a certain
> "formula" that I copyrighted,...so please don't use it to
> login to my bank account. Thank you
<grin>
More information about the tfug
mailing list