![]() ![]() So I designed a password which was "Easy to type", following these suggestions (based in my own experience):ġ) Better if I don't have to use the "pinky" fingers (they get tired after a long use). A) since you type your passphrase many times a day, it's a natural reminder to do the thing, and B) once you accomplish the thing, you have a natural reason to change your passphrase! The following would be examples that would naturally want to change after a month or so:Įveryday I have to type my password like hundred of times. I'm an advocate that we should ditch "password" from the English language - since it encourages people to think in terms of single words - and with the exception of a few especially moronic banks, all systems accept spaces in passwords now, so why not think in terms of "passphrases"?Ī clever trick that I heard of is to set a passphrase that represents some personal-life goal you want to achieve or fact you want to remember. rice immorally worrisome shopping traverse rechargerĪlso: mandatory XKCD advocating passwords of this style.conjoined sterling securely chitchat spinout pelvis.Wikipedia gives these examples as typical diceware passwords: Grab yourself a copy of the Diceware word lists, and roll some dice! This list of 6 5=7,776 unique words was carefully selected to be easy to remember. Two systems that come to mind are: Diceware In my experience, "easy to remember" and "easy to type" typically means "full English words" my fingers/brain have a much easier time with words than they do with arbitrary sequences of characters. But you seem to already be aware of this. (My average was 3.3 seconds vs 4.0 seconds.) Add to this the slightly higher probability that an easy to type password could end up in a dictionary list, and I'd shy away from it. My conclusion: it's likely to be the case that if you choose any passphrase that is easy to remember, it won't be much slower to type than one that is seemingly more "easy to type". ![]() ![]() The first couple of times I messed up the "easy to type" password because I was going too fast and bumped other keys. I actually tried it a few times and the time shown above was my last set of 3 for each. Option 2: (10 seconds to type it 3 times) 1234qwerasdfzxcv7890yuiohjklnm. Option 1: (12 seconds to type it 3 times) This password is easy to remember In order to more easily measure the timing with my stopwatch, I typed both passwords 3 times and compared: I just tried an experiment where I choose two passwords, both were easy to remember, and one is (seemingly) much easier to type than the other. The reason is it's not worth it unless you are an extremely slow typist. How to generate easy to type passwords without sacrificing security? I point this out because none of the other answers appear to interpret the question this way. That said, the other answers (and the accepted one) have made me realize that I have been thinking about this the wrong way.ĭisclaimer: I'm interpreting "easy to type" in this question literally to mean consecutive characters or similar typing patterns, which is different from passwords that are "easy to remember". My original intent for "easy to type" was something along the lines of near each other on the keyboard or alternating hands with smooth transitions between, which is why I accepted the answer I did. ** After reading all the answers and comments here. I am aware that a password manager or something like that would be a more ideal solution but not everyone is willing to incorporate something like that. I am hoping this will take a little bit of the "usability" aspect out of the old adage "Security at the cost of usability comes at the cost of security". How can one generate a password that is easy to type but does not sacrifice security? An example of a password that is easy to type but sacrifices security (I imagine) would be this question, we'll use a pretty lax but standard password policy. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |