Re: Encryption - How to Choose Password

David Eather <eather@xxxxxxxxxx> writes:

Paul Rubin wrote:
Stephen@xxxxxxxxxxxxxx writes:
I'm playing with Truecrypt and am not sure how best to choose a good
password. Anyone have any advice on how best to do this? I can use a
random sequence of characters but how do I remember them in the future
without writing them down?

Generate a passphrase using the diceware method (www.diceware.com).
Write the phrase down on a little slip of paper and put it in your
pocket. Refer to the slip of paper when you need the phrase. After
you've done this a few times you'll find that you remember the phrase
and you need to refer to the paper less. Once you're confident that
you remember the phrase, rip up the paper into small pieces and throw
them away. Or if you want to be like a real secret agent, then
instead of throwing away the pieces, you can eat them.

I have a web script that generates diceware phrases that you can use:

http://www.nightsong.com/crypto/dice.php

Really really terrible idea. YOu want a passowrd to protect your secrets
and you then have a web page run by someone you know nothing about
generating that passphrase for you and
transmitting your secrets over the net unencrypted.

Nit pick - if you want to throw the piece of paper away make sure the
password is something you use *regularly*.

Agreed. Unused passwords are extremely raplidly forgotten. And even if you
know it perfectly if you do not use it for a month you will have forgotten
it.


.

Quantcast