## Monday, December 19, 2005

### How to remember web site passwords

If you, like me, have logins at many, many web sites you probably worry about password security for those sites. You probably chose one of these strategies:
• Use the same password everywhere
• Use a different password for each site and write it down or store it somewhere
• Use a program like quepasa to generate passwords when needed
I use a totally different approach: I remember an algorithm for creating passwords based on the site name, and a secret that only I know. Here's how it works.

Firstly I have a secret; the secret is a short phrase that I will easily remember. Let's suppose my secret is the phrase "Before I kill you Mr Bond" and I'm about to visit Amazon.com and need to log in (and my browser has forgotten my password). First I write down the name of the web site and my phrase like this:
Before I kill you Mr Bonda      m a    z   o  n
Then I calculate a number based on the number of words in my phrase and whether the letter in the site name is a vowel of a consonant. The first number is multiplied by three and every time we hit a vowel in the site name the multiplier is incremeted by one. The number is the number of letters in the corresponding word in my phrase times the multiplier. For example,
Before I kill you Mr Bonda      m a    z   o  n5      1 4    3   2  4 (from phrase)3      3 4    4   5  5 (multiplier)-----------------------15     3 16   12  10  20
So my number is 15/3/16/12/10/20. Now take that number and use it to read off characters 15, 3, 16, ... of the phrase (with the spaces replaced by special characters on the keys 1 through 9 (for the first space use !, second space @ etc.).