Since I’ve been futzing about with human-friendly security of various forms recently, it occurred to me that I ought to pass along a password-generation technique I’ve used for years now. Maybe it’s a well known technique, and maybe not. In any case, my best recollection is that I learned it from either John Sully or Jim Nauer back in my CWRU days.
The general idea is to pick a two-word combination you can easily remember. For example, suppose you’re a big fan of pizza and Pepsi, and would have no trouble remembering those words. Perfect: use them the basis of your password. No, you don’t make it “pizzaPepsi”—instead, you interleave the words. That would yield “pPiezpzsai”. It looks fairly random, and yet is very easy to recreate because the seed words are so easy to remember. If you have trouble remembering the exact sequence of letters, you can just write the words down on a piece of scrap paper and follow along.
In cases where your two words have different lengths, you can always tack on numbers. For example, maybe your seed words are “milkshake” and “fries”. That would normally yield “mfirlikesshake”, which is okay, but you could tack the numbers “123″ onto “fries” to get “mfirlikessh1a2k3e”. Alternatively, you could put the numbers at the beginning, so you get “m1i2l3kfsrhiaekse”.
I’ve found that when I start using a new password created this way, it takes me a few days to adapt to it. I usually have the seed words written down some place handy during that training period. Then my fingers take over, and from then on I can type it blindfolded in less than a second. I don’t even think about the actual characters I’m typing: I just start, and the muscle memory kicks in.
So if you’re looking for a way to generate harder-to-crack passwords, there’s one possibility. How about you—do you have any nifty human-friendly password-creation recipes?