Hello Sumit. It has been my experience that even using your algorithm, a brute force cracker will determine your password. Of course, most brute force methods will crack any password.
What I do is pick a word. The word must be six to eight characters (range of my mainframe). Most Is are replaced by ones, Os are replaced by zeros, and Es are replaced by threes (but not all because that's a detectable pattern). If the word has a number imbedded, like "intuitive" (two is imbedded), I replace the letters with the appropriate number (1n2itive). Sometimes I change the case of the first letter that also exists in the current month's name, but since my LAN and one app on the mainframe are case insensitive, it's a pointless change. Above all, I don't use any program or written procedures, which eliminates any detectable patterns. Cheers, L -----Original Message----- From: Sumit Dhar [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 8:35 AM To: [EMAIL PROTECTED] Subject: Password Generation Procedure? Hello Everyone, Generating a password that is hard to guess is a challenge most of us have to face sometime or the other. I initially used to think names of arbit characters from novels were a good password till a friend showed me the cracked version of my password. That got me thinking till I came up with a good way to generate passwords. What I would do would be to take a long song that I remembered easily and use the first letter of each word in that song. So Nothing's Gonna Change My Love For You became ngcmlfy. The advantage of this method was the password was certainly not "predictable" even if someone saw 75% of my passwd. What I mean is just yesterday, I saw a friend type f?o?o2??0. A few tries later, I could guess it was frodo2000. With password like ngcmlfy, such guessing becomes difficult. To make things even tougher, you could add initials of the singer George Benson to the password. ngcmlfygb is even better. You can remember it easily, but unless the other chap knows the concept behind it, he will have a hard time remembering it even if he sees all the letters. Given most of the people on this list must be paranoid, I am sure they have such algorithms to generate such passwords. So would you step forward and care to explain some nice methods by which you generate your passwords. The best algorithm wins a beer from me in India. :)) On a side note, I wonder why someone has not taken a list of songs, poems, famous movies, novels etc and fed it to a dictionary program for a password cracker. Cheers, <a href=http://dhar.homelinux.com/dhar/>Sumit Dhar</a> Manager, Business Development and Products, SLMsoft.com
