I ran across this reading the Washington Post and thought it pretty funny. I know all of you can relate..lol.

"The perfectly secure, perfectly memorable password is absolutely pure and rarer than the unicorn. It is like the Holy Grail, the Fountain of Youth, the philosopher's stone, or a model that will get users on the Internet to pay for curated content. That is to say, no one has ever found it, and some doubt whether it exists at all.

Recently Linkedin.com announced that something like 6.5 million passwords had been hacked. If you have a Linkedin account, you had better act quickly and come up with something secure before your identity gets stolen! Or you could just quit Linkedin. That might be easier. Coming up with a secure password is harder than it sounds. And it sounds hard!

Tips abound, but they are even worse than the problem.

The usual rules for picking a password go something like this: Combine a whole bunch of letters and numbers in the precise order you are least likely to remember. This forces you to write them down on a sticky note somewhere visible in your office, defeating the point entirely. (On the bright side, this makes it easier for the investigators to find out about your extramarital affair if you are ever murdered.)

As XKCD points out, this situation is absurd.

I spent the past several months in prayer and meditation on the subject, and finally inspiration struck. Here are some of the Internet's top tips for secure passwords -- and what to do about them.

1. Use a combination of alphanumeric characters and symbols that does not depend on actual words.

A Web site billing itself as "Perfect Passwords" suggested this one: BD052EA025643096595CD1A217658B10374242DC59DB397D9088C24DAEAF9059.

Perfect!

2. Use the first letters of the lyrics of a song that you like. For instance, "Billie Jean is not my lover" becomes "bjinml."

This assumes a great deal -- for instance, that you actually remember the lyrics of the songs you like. I love "Smells Like Teen Spirit," but for years I thought the lyrics were "Awastuuuka, keratin augh, amakneeler, zindahealer! YAEERGH." And I am still not convinced that they aren't.

I also like that new Rihanna song, but lyrically it has little to offer. Here is the main line of the chorus in its entirety: "cake cake cake cake cake cake cake cake cake cake cake cake cake cake cake" ("ccccccccccccccc").

And if your favorite song is "La Bamba," you might as well turn in the keys now.

3. Use phrases that speak to you but no one else, like "My '94 Hyundai Excel Is Blue."

Look, if you are still driving a '94 Hyundai Excel, I doubt anyone wants to steal your identity.

4. Mix two memorable words together. They suggest dcoagt, as in 'dog cat'.

This is easier if you are dyslexic, I think. I tried this and got whorewantstoseeyou, combining the two familiar words "woe" and "hr wants to see you," and now HR wants to see me.

5. Don't use a phrase that is popular or common.

So a good, secure password might be, "That Michael Buble is so edgy" or "I have few qualms about the quality of Fox reporting" or "The Washington Redskins are uniquely competent."

6. Use your anniversary as a password. "That way, you'll never forget either!" the people who write this sort of advice say, a little too optimistically, I think.

Who are these people, anyway? You have the sense, reading their advice, that they have beautiful, organized homes and children whose names are good, sturdy, alphanumeric blends, and they seal all their leftovers in carefully labeled plastic containers. They amuse themselves by reciting long strings of numbers and song lyrics to their spouses while sitting in their blue Hyundai Excels. We are not like them.

For most real people, using your anniversary as a password guarantees that you will forget both. "Honey," you will be forced to say, "I can't seem to get into our bank accounts."

"What's the password?"

"Our anniversary."

"So what's the problem?"

"Well," you say. "I think perhaps a malicious time traveler changed the date in my timeline, and I was wondering if you would tell me if it is the same day that I remember?"

This will be the best you can do under pressure, and it is not enough. You'll wind up on the street without access to funds as someone cries and flings Tupperware containers of leftovers at your head.

7. Use something memorable, like a historical date.

This would be good advice if I had not been in conversations where people asked, with no irony whatsoever, "When was the Compromise of 1850?"

The memorable things are never the things you actually remember. Your anniversary? Your child's birthday? Of course not. You are too busy remembering all the lyrics to a song about recycling that you were forced to memorize as a small child, or the fact that Michael Fassbender and Zoe Kravitz briefly dated, or anything negative anyone has ever said about you.

And the sad, specific sentences aren't even unique. At least one other person, Buzzfeed found, has "foreveralone" as a password.

If there is one thing I have learned in all this research, it is that there are memorable passwords and secure passwords, and never the twain shall meet. No, the only thing to do is try to get the sympathy of the hacker. My password is "Pleasesirormadammyidentityisworthlessbutitisallihave8." (They make you put a number in.)"

Source-Alexandra Petri, Washington Post writer

I've actually read this and it is not that bad of a read.

I suggest in my own experience KeyPassX. (http://www.keepassx.org/) It is a nifty program that houses a database of your login's and passwords (or just passwords) for you on your computer. It is an encrpyted file and the only way to enter the database is finding a key file that you place on your computer or having a master password (or both). The main point I am getting at though is there is a feature of the program that can make the password for you. You can decide the length and the byte of encryption and what is including. It will randomly generate a password then that you can use. Basically you can just copy paste it into your password area in the login.

That article is awesome. I thought my password was secure I mean its just random numbers letters capitals and syllables. Guess I might need to start rethinking

that password is too long for me to remember :P

no way I could ever remember a long password.

I always believed in this...

god my brain hurts now

That password is looooong man. No way I can remember that. But that is a great password. If someone hacks that, they deserve some praise. Lol.

i wont ever forget my passwords

definewikipedia said: I always believed in this...

I will try to explain it:

Your personal passwords are the most important thing. You have to choose them wisely in order to make them safe. Simple words, that can be found inside a dictionary, no matter which language you've chosen, are fairly easy to brute-force. Even words with numbers at the end or in the front like 123Master666 are completly useless, because brute-force also works with a combination of full words and numbers, although the use of numbers makes it a bit harder for a hacker to brute-force your password. But in fact, it's still pretty easy and fast to crack it. The following table shows the entropy of symbol-sets.

Symbol Set Symbol Count Entropy
Arabic numerals (0-9) 10 3.322 bits
hexadecimal numerals (0-9,A-F) 16 4.000 bits
Case insensitive alphabet (a-z or A-Z) 26 4.700 bits
Case insensitive alphanumeric (a-z or A-Z,0-9) 36 5.170 bits
Case sensitive alphabet (a-z,A-Z) 52 5.700 bits
Case sensitive alphanumeric (a-z,A-Z,0-9) 62 5.954 bits
All printable ASCII characters 95 6.570 bits
All exenteded ASCII printable characters 218 7.768 bits



Edit: Table somehow got fucked up: See http://livelol.blogspot.de/2012/05/it-security-facebook-dropbox-co.html


But what does this "Entropy-Thingy" mean?
Entropy is pretty easy to explain: It is pretty common that a password strength is measured by a so called "Entropy". Entropy is measured in bits. Instead of using the number of guesses that are needed to find the exact same password, the base-2-logarithm of that number is used.


The Entropy-Bits showed in the table above are the base-2-logarithm numbers explained before. They indicate the strength of the password. The higher the entropy, the stronger the password. A password with a strength of 200 bits would require 2^200 attempts to traverse through all possibilities during a brute-force attack.

The best combination for a password is random numbers and letters including special characters like $%&§". Make also use of upper- and lowercase letters. This kind of passwords are very hard to brute-force and would be considered as very strong (last one in the table).

Common guidelines for password considered as "strong"

1) Choose a password length of 12 to 14 characters if possible. Larger passwords are often not necessary, but increase the strength in terms of brute-forcing (see section before).

2) Generate your passwords randomly! And with random I think of real randomness, not the randomness provided by programming languages.

3) Avoid passwords based on dictionary words, letter or number sequences, username, pet/relative/friend names, romantic context (like "love", "sex" etc.), birthdays, ID numbers and other personal information.

4) If you cant generate a password randomly, choose numbers, symbols, lower- and uppercase letters like lets say "23DGHa$/Fhao1$=cfoplk".

5) Avoid using the same password for multiple sites or purposes! Make also sure to change your password like every 60 days.

Geez you guys.. the article was supposed to be just humorous...lol

Nice Text and picture. But how good is a password like the one in the picture "correct horse battery stable"? In the picture it says that it is hard to hack, but what do you say?

The perfect password is the one even you can't crack!

wilbymilstone said: The perfect password is the one even you can't crack!

That is normally the case with my passwords ... looks for the password reset function as I type...

I hate how google won't allow you to use a old password when you change :(