creating and using strong passwords author : less than zero current version : 0.1 last updated : 120502 ------------------------------------------------------ Disclaimer : This file is only for information purposes on how I create, store and use passwords. If you follow this document and something happens such as one of your accounts gets hacked, or something really dumb, like you lose or destroy your disk, don't cry to me. It isn't my fault. ------------------------------------------------------ Contents: Section 1 - Introduction Section 2 - Tools you need Section 3 - What to do Section 4 - Notes ------------------------------------------------------ Section 1 - Introduction ------------------------------------------------------ 1.1 Basics Too many people simple passwords, things such as names of people they know, dictionary words, and simple variations on standard words. In this document I will present the things I do to create strong passwords, store them safely, and give several other options to my method. In the end though, the choice is up to you on your password habits. Be smart, use better passwords and change them often. Section 2 - Tools you need ------------------------------------------------------ 2.1 The tools The following is a list of tools I recommend you have and use. If you find any others, that you would like to suggest, email me at freeloader187a@yahoo.com and I will add them to the list as soon as possible. Quicky Password Generator - http://www.quickysoftware.com/ This is a great tool for creating unique passwords. It allows you to create passwords from 4 to 20 characters in length, store the passwords in a file it outputs or your own, and best of all it's free. This is the one I use and recommend. Do a search on download.com to find others. They're all pretty much the same in my opinion. PGP - http://www.pgp.com/ I use this to secure my password file after I create it. Feel free to use your favorite encryption tool though. A cd writer, zip drive, or some kind of stable media that is transportable. I use small 3in. rewritable cd-roms. I like these because they are small, lightweight and usable in just about any computer you find these days. It will also work in older cd-rom drives. I use these also because not every computer has a zip drive or USB ports. Section 3 - What to do ------------------------------------------------------ 3.1 Getting ready First thing to do is make sure you have the tools you need. If you don't have them, get them first and then proceed. 3.2 Create your passwords Open your password tool and create a file of passwords. I like mine to be at least 10 characters long and alphanumeric. Save this file somewhere easy to get at and name it passlist or some crap like that. This is file is important only so that you don't have to creat passwords all the time. 3.3 Create YOUR password list Create a new text document. This will be your password list with your usernames and passwords. This is the file you have to keep safe once it is created. I always name mine something like blank.txt or new.txt . . . this is so that it's not related with passwords except in my own mind. In this file I use the following format which is easy to use helps me when I use other computers. /* begin account listing // yahoo mail account 1 http://mail.yahoo.com butthole@yahoo.com 0h05cl322s // butthole forums http://www.butt.com/hole/index.php dorkboy yBf9k3nS5a // next account I do this for all my accounts and update the file as needed. Personally, I like to change my passwords every month or so. It can be a pain at times, but it's worth it if you are paranoid about people getting at your stuff. 3.4 Secure your password list Open your encryption program and encrypt that bad boy. I like to create self extracting files that are portable. After you have done this, copy this file to your portable media of choice. I dislike floppy disks because they are too unpredictable. Sometimes they just up and die on you for no reason and be erased by magnets accidently. That could be a good thing if you want to be able to get rid of your list in hurry, but it also fucks you if you don't have a backup copy somewhere. After you have a backup of your list and you're sure it works, delete the original off your computer. Make sure you store your passwords in a safe place. Leaving the disk on your desk labeled "Password File" is dumb. Somebody could steal it or use it themselves if they are able to copy it and hack the encrypted file. Section 4 - Notes ------------------------------------------------------ 4.1 After the fact Once you start creating and using secure passwords, do what you with them. Because I'm lazy, I leave an open copy on my computer's desktop so that I don't have to search for it when I need a password. However, nobody else uses this computer or has access to it. I don't recommend doing this if you share your computer. I keep my disk in a safe place as well and update it as needed. When I go someplace, I take it with me, so short of beating the fuck out of me, there's no way you could get my disk. Some other options for storing passwords : use a passwordsafe of some kind. That's what I've done in a way, but there actually programs out there that will store them for you and you only have to remember the password to open it. I guess that works, but I like my file much more. ----------------------------------------------- This document is brought to you by the letters h, a, t, e, and the number zero. Questions and/or comments: freeloader187a@yahoo.com a war is being waged and i intend to win because i have the knowledge, the power and something to fight for - less than zero Visit the following or you are a peice of shit: http://www.killthechildren.com/ - kill the children http://www.stileproject.com/ - guts, gore, and disgusting porno for the masses http://www.2600.com/ - phones are so cool -----------------------------------------------