I got a bit of a shock when firing up my notebook the other day.
I typed my password in wrong.
Nothing very unusual in that, though I wouldn’t say it happens often.
Although the password is quite long, by most people’s standards, & a little bit complicated in the range of characters used, it would not pass muster with the strictest security manager.
But I do have to think while I’m typing it because, in a sense, I am coding it as I go along, & that has the advantage of minimising the number of hurriedly careless slips of the fingers.
I was quite pleased with the system I developed for choosing passwords; I reckon that even my nearest & dearest couldn’t guess what it is; it generates passwords long enough to require quite a lot of crunching to crack; & yet I can keep ‘lists’ to remind me what they are. Certainly good enough to fend off all but the most cleverly determined would-be cracker of a computer which holds no secrets of any commercial or security value. Of course nothing can be safe against the hacker who can hoover up passwords.
But on this occasion I noticed that the computer (Windows?) had provided a helpful hint in small type underneath the log in box.
And that hint was actually the en clair expansion of the first 3 letters in my password, which are not the first three letters of a word.
Thinking about it however, it would not be too hard to write a piece of code to have a good guess at this, given the password (which this computer knows anyway) & given the amount of empirical information available about how people tend to choose their passwords & given that the language is English.
Not all my passwords would be this easy. And anyway, nobody else who was given this hint would be able to reconstruct even those first three letters, never mind the whole password.
Still, it makes you think
