The trouble with the password system described below is, what happens if you forget your calculator? That, in fact, is just what I did today and as a result could not enter several of my accounts.
But as I was out driving last night a wunderbar idea hit me. Select a license plate at random and then vary it a bit. The plate is easily remembered but, if not a vanity plate, presents an effectively random string.
In New Jersey, where I've been biding my time of late, the plates are six characters of the form XJG 23P, or, that is, LLLNNL, where L stands for letter and N for numeral.
Just in case an adversary might run all U.S. plates with six characters, we alter the string by adding a number or letter, making one substitution and tossing a coin to decide whether to transpose the two elements above. That is, we might write 23P XKG M or XKG 23P M or, we can place the M as the first or second element.
Even if the adversary discerns the order, as in LLLNNL(L or N), the number of combinations is (26^4 x 100 x 36)/6 = about 274 million. If the order is unknown, the adversary must contend with 36^7 = about 78 billion possibilities.
So, in order to combat identity theft, internet hacking and unwarranted government snooping, we should encourage Americans and indeed everyone to adopt this excellent password technique.
No comments:
Post a Comment