Regular readers of Bach Seat know that passwords suck. The better a password is, the harder it is to remember. So most people just end up choosing passwords they think are safe, but are pretty bad (rb- I have covered crappy passwords many times). University of Southern California researchers Marjan Ghazvininejad and Kevin Knight, have come up with a new solution that they believe solves the crappy password problem.
The USC researchers’ paper “How to Memorize a Random 60-Bit String” (PDF) presents a unique solution for creating passwords that are hard to crack and relatively easy to remember: randomly generated poems.
The researchers believe that the most secure and memorable method for creating a strong password is a short rhyming poem of random words. The Washington Post explains that, even if you pick a fairly uncommon word, like “Troubadour,” and replace some of the letters with other symbols, this combination might only take a computer seconds, minutes, or hours to guess.
The idea of a short rhyming poem of random words as a password might seem a little odd, but they’re actually very, very secure according to USC’s Knight. At current speeds, he estimates that cracking these rhyming poems of random words passwords would take around 5 million years. By which point, we probably won’t be using Facebook anymore.
As part of their research, the USC team created their poems by assigning every word in a 327,868-word dictionary a distinct code. The article explains they then use a computer program to generate a very long random number, like
110111000111100100100010100010101100001100010000010010100100, and break that number up into pieces, and then translate those pieces into two short phrases of four or five words. The computer program they use ensures that the two lines end in words that rhyme and that the phrase is in iambic tetrameter, like so:
A techno salmon Benedict
performing under derelict
or:
The baby understand curtailed
a wooden synagogue prevailed
or:
The Oracle email update
equipment pinning demonstrate
rb-
While seemingly nonsensical quips like
Whereas Chanel control McQueen
accusing glamour magazine
don’t make a lot of sense to 21st-century humans, we should be able to recall 7 or 8 words to better protect our personal information. The oral record is how most information passed from human to human for generations before Guttenberg. Someone told you something and you remembered it. There are a number of oral traditions that have lasted in one form or another into the 21st century.
One big problem with the rhyming poem of random words idea is the webserver operating systems. There are a number of web servers out there that cannot take passwords longer than 12 characters. Hey, webmasters wake up – Update your operating systems.
The researchers have set up an online generator for these poem/password, which you can try here or you can enter your e-mail here, and their program will send you a poetic password.
Related articles
- What If the E! Network Covered Engineering? (insidehighered.com)
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.