Obfuscated password storage by fictitious telephone numbers

A searchSecurity members offers this handy tip for creating passwords.

Obfuscated password storage by fictitious telephone numbers

This tip was submitted to the searchSecurity Tip Exchange by user Chuck Steffel. Let other users know how useful it is by rating the tip below.

I have worked on several systems logins that require 14 digit passwords and password rotation every 60 days. I do not always remember passwords, so I use a code with a numerical beginning and ending concatenated to a name.

I keep passwords in the cell phone telephone listing and in my written phone book. The nonsense listings are real people whom I would never call and dead relatives with valid area codes, etc.

I have a listing of numbers (ready-made passwords) for when I get the annoying password expiration message.

For example, decoding the telephone listing:
Charlie Peterson 651 319 1761
produces passwords such as:
319charlie1761 or 1761charlie319
319charlie1761 or 1761peterson319.

For systems that screen for real words,
1671eilrahc913 or 319eilrahc1671
1671osretep913 or 319osretep1671

The reordered phone numbers are easy to find in a cell phone or datebook. A simple PDA program can do the sorting.


This was first published in September 2001

Dig deeper on Password Management and Policy

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close