Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

As our reading make quite clear there are problems with the use of passwords for

ID: 3755121 • Letter: A

Question

As our reading make quite clear there are problems with the use of passwords for security. A long enough password to be truly hard to use (I once had a 16 digit random generated password. Anyone think I could remember it?). Passwords short enough to be usable (typically 8-11 digest) are not very strong. For this question do not consider badges, tokens or biometrics).

Discussion question:

What can we do to make passwords a stronger authentication mechanism. (Consider length, complexity, character sets, challenge response etc --- anything but cards, tokens and biometrics).

Explanation / Answer

As mentioned, large passwords with randomly generated characters are difficult to remember. As rightly said by Bruce Schneier, a renowned security technologist, one of the best ways to choose a secure password is to take the first letter of each word of a rare sentence, preferably something made-up than something found in a book, then add some variation, such as substitution with non-alphanumeric characters. Me personally, I use a similar method with a little variation. I use a 4 word sentence, capitilizing certain key characters in these words, and using numbers and symbols as replacement for certain characters, and the variation that I add is that for every different website, who's password I create, I use something from that wesite's name and add it to my password. This way each website that I sign up for has a unique password, all the while being easy to remember as I can quickly derive the addition to my standard password from the website's name. For example, when I sign up for a Yahoo! mail account I may use a password like Frodo@LOTRYH#4, for the email address bilbo.baggins@yahoo.com. This password becomes easy to remember as it is related to the email address name, and YH tells me it is a Yahoo! password and #4 indicates that it's my 4th Yahoo! account. Similarly I would use a password like Sauron@LOTRYH#5 for another Yahoo! account gandalfkitchen@yahoo.com. For a Proton Mail account with a similar name like bilbo.baggins@protonmail.com, I would use a password like Frodo@LOTRPM#2, where PM would indicate a Proton Mail account. Similarly, one can come up with many such creative ways to create a secure password which uses characters, numbers and symbols from a larger domain, while being easy to remember.

Related Questions

As of December 31, 2018, Valley Company has $17,020 cash in its checking account
Question #2581834
As of December 31, 2018, Warner Corporation reported the following: Dividends pa
Question #2523543
As of December 31, the following information for Baldwin Company is provided: Ad
Question #2403379
As of December 31st, year 1, Moss Company had total cash of $165,000, notes paya
Question #2332920
As of December the adjusted trail balance of Tracks company reports equipment of
Question #2339170
As of Decmeber 31, 2011, Eber Company had a total assets of $156,000, total liab
Question #2361805
As of February 2016, you are researching HouseDepot, Inc, a hypothetical company
Question #2466066
As of February 2016, you are researching HouseDepot, Inc, a hypothetical company
Question #2761461

Navigate

Previous
As originally conceived, the web was an information source for people to browse.
Next
As our society\'s need for economic mining and metallic ores increases, will we

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.