There’s an article on Lifehacker entitled “Geek to Live: Choose (and remember) great passwords”. It’s an okay read, and presents a generally good way to come up with secure passwords. Coming up with secure passwords is actually quite the tall order to ask anyone who isn’t constantly paranoid about security, which is most everyone on the face of the earth except those of us willingfully strapped with the onus of said paranoia.
That said, no password is 100% safe… given access to the machine, plenty of time, and a healthy brute-force script… but that’s the game we play, and those are the rules we’re willing to accept.
The end of the article asks: “How do you choose your passwords?” Well, allow me to retort.
While I will use the same password for multiple, inconsequential accounts such as online news website subscriptions, etc. (where I provide the wrong ZIP code purely for the sake of subversion), if the account could in any way affect my personal or professional life, I use a different tactic.
I let my environment pick my passwords.
For example, at the moment I’m typing this sentence, it’s 12:38am on Thursday, July 6, 2006. Yes, I should be going to bed soon, but that’s beside the point. “True Romance” is on the TV (my minor OCD condition dictates that I must watch if it’s on), and “In Dying Days” by As Blood Runs Black is playing via iTunes. Given that information, I could choose any number of seemingly random, yet fairly secure passwords:
Of course, I could also choose to screw with those letters and numbers to come up with an even crazier password (in the same order as above):
But—and here’s the key—how do I remember all of these environmentally-precipitated passwords?
It’s easy. I don’t have to. Because I run Macs, I take advantage of the built-in, encrypted disk image capability offered by OS X’s “Disk Utility” application.
Basically, it partitions off a certain amount of space from your hard drive, and allocates it to this virtual disk that you can mount and eject just like any peripheral disk drive or network mount. Thing is… it’s encrypted and unreadable until you supply the proper password to access its contents. I have a single text file with all my batshit passwords saved on this encrypted disk image… which means that I only have to remember a single password to gain access to tens, hundreds, even thousands of other account passwords that I may own.
And, of course, the password I use to set up this encrypted disk image is never used anywhere else, and is hard as fuck to guess… even with the rules of engagement outlined above.
Seriously, if all the viruses and trojans and keystroke loggers aren’t reason enough to abandon Windows…