Nope, it’s not “password,” sorry. Back to the drawing board….
The perfect password must be both secure and memorable. And that creates a big problem for just about everyone.
That’s because very secure passwords—like “{mk_S*b0r2xZ;9YW”—are also very hard to remember.
And very memorable passwords—like “password” or “12345678”—are also very insecure.
The perfectly secure, perfectly memorable password is rarer than the unicorn, writes Alexandra Petri: “Like the Holy Grail, the Fountain of Youth, the philosopher’s stone…no one has ever found it, and some doubt it exists at all.”
Not so fast, Alex. Two researchers from the University of Southern California have recently discovered what they call the perfect password solution: a randomly-generated poem. You know, something like:
A peanut never classified
expected branches citywide
Huh? Like many great ideas, on first glance this one seems bizarre. Marjan Ghazvininejad and Kevin Knight got the idea from the popular Web comic XKCD, which showed that a password composed of four random words—like “correct horse battery staple”—is both more secure and easier to remember than the typical alphanumeric jumble that most people consider a safe password.
xkcd.com
This is because there are 327,868 words in a standard English dictionary. It is very difficult for even a powerful algorithm to calculate the correct relationship between random words. To guess the correct sequence, says Knight, a computer would have to test billions of billions of billions of possibilities before it hit on the right one.
To increase the cryptographic complexity, the researchers took it a step further. They proposed a password comprising between six and eight words, selected randomly and arranged in a short poem of two lines. Then they designed a computer program to ensure that each password’s governing metre is rhyming iambic tetrameter. (This is what gives it the beat of poetry, making it a cinch to remember.)
A tidy market compromise
agreement oysters butterflies
Read too many and the minds starts to reel, but the poems are often whimsical and fun, hinting at some deeper relationship between individual words.
His tariff curbing studio
includes a gripping cameo
A cookie Interpol survey
by Telecom hotel today
Polanski visible inside
pergola torturing a bride
Martina needle satisfied
ancestral readers nationwide
These passwords may seem odd, but they are very, very secure. At current computer speeds, Knight estimates, cracking them would take around 5 million years.
The researchers have created an online generator that creates these little poems. Take a look for yourself and see what happy accidents it spits out.
NOTE: The site is for demonstration only. Because hackers could potentially download all the poems and try them out, you shouldn’t use one as your password. (Try substituting some words in and out if you want to create your own.)
Another way to get a unique secure poem is to enter your email address here. Their program will send you a secure password, then automatically delete it from their server.
Happy secure computing!
Here’s the problem — most sites want you to use a password with at least one Uppercase letter, and a number, and they often have limits for both minimum and maximum characters.