Problem solve Get help with specific problems with your technologies, process and projects.

Obfuscated password storage by fictitious telephone numbers

A searchSecurity members offers this handy tip for creating passwords.

Obfuscated password storage by fictitious telephone numbers

This tip was submitted to the searchSecurity Tip Exchange by user Chuck Steffel. Let other users know how useful it is by rating the tip below.

I have worked on several systems logins that require 14 digit passwords and password rotation every 60 days. I do not always remember passwords, so I use a code with a numerical beginning and ending concatenated to a name.

I keep passwords in the cell phone telephone listing and in my written phone book. The nonsense listings are real people whom I would never call and dead relatives with valid area codes, etc.

I have a listing of numbers (ready-made passwords) for when I get the annoying password expiration message.

For example, decoding the telephone listing:
Charlie Peterson 651 319 1761
produces passwords such as:
319charlie1761 or 1761charlie319
319charlie1761 or 1761peterson319.

For systems that screen for real words,
1671eilrahc913 or 319eilrahc1671
1671osretep913 or 319osretep1671

The reordered phone numbers are easy to find in a cell phone or datebook. A simple PDA program can do the sorting.

This was last published in September 2001

Dig Deeper on Password management and policy

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.