Universal password, unique for each server and service
Inspired by previous topics about creating a password, I decided to share my method of choosing and applying password protection. I have been using this method for a year, in the end I get a password that is unique for each server and even a service, while everything remains remembered and, if necessary, easily recoverable. I’ll just say that the method is most suitable for personal use, or for small organizations (about 5 servers), providing sufficient protection for the entire system as a whole, even if one password is lost / cracked, otherwise, I think the same system may be yours kind of threat because the attacker can calculate the remaining, unknown passwords. In the case of a large organization, the forces spent on changing passwords (in case of danger) can be much greater than the efforts spent on memorizing several passwords. In any case, this system is successfully used at least by me, and is much more optimal than a single password, or a bunch of constantly forgotten passwords.
So let's get started. To begin with, it is worth choosing a basic password, for example iMlh4P0Sde, by itself it is better to take into account both the change of the register, and the alternation of numbers with letters, the size and other recommendations were mentioned in detail in previous topics. After the base password is selected and remembered, it is no longer necessary to remember and remember anything new, then the system comes into play.
Consider two options: in the first case, we have one single computer, which is typical for an ordinary home PC. In this case, the most standard set consists of passwords for root, your account, icq, email, jabber, something else). In the second case, we have a small organization, and several servers, each with its own set of services / servers (with its own unique passwords). But then he and the method to be universal ...
The bottom line is:
1) select the position in the password that becomes a variable, say the fourth in our example (iMlh4P0Sde) there is a symbol h
2) substitute the first character of the service from which you want to remember the password (icq, email, jabber), for example, email - e
3) choose a position shift in the English alphabet, and it is better to choose a small value, which in a couple of seconds you can pick up in your mind, for example, just four, and choose the side in which we will count the position (at the beginning / end of the alphabet) for example towards the end alphabet, i.e. e + 4 , which results in i . We do this in the first place so that in case of hacking it is not obvious from which service the password was received, since the first letter of the service name will be lost in the rest of the random character set.
As a result, we get a password for email - iMl i 4P0Sde, where that same variable h is replaced by i
By analogy, we get passwords from other services:
root - iMlv4P0Sde
icq - iMlm4P0Sde
jabber - iMln4P0Sde
As a result, we have a unique password for each service, while remembering only the only and universal basic one. From my own experience I’ll say that remembering just any one password from something, everything else is calculated in seconds, Now, even if the attacker has our password, it will not be enough to gain access to everything else! This will give time to notice activity with our account and login, and change other passwords. As an example, we can recall all the same password theft from classmates and VKontakte, when in spite of the automatic change of password by the administration of these resources, new passwords were sent to the mail accessible under the same, already broken passwords.
If we have several servers, for example (mail, databases and monitoring, s_mail, s_bd, s_mon), you can select another position from the password, and, in analogy with the first case, make it a variable. For example, take the eighth position - the symbol S (our password is iMlh4P0Sde). As a symbol reminiscent of the corresponding service, the first character after s_, and as an offset two positions, now towards the beginning of the alphabet. Those. for s-mon, the substituted character is m-2 , the result is the character k . We make our character uppercase, in accordance with the base password. As a result, our new passwords on the s-mon server will look like: iMl * 4P0Kde.
Further, by analogy, we obtain passwords from other servers and services:
s_bd - iMl * 4P0Zde
s_mon - iMl * 4P0Kde
')
The password itself can be written down and memorized as a formula: iMl (* + 4) 4P0 (* - 2) de, everything ... I think you should not say that all the same can be used on the Internet, where site names g - google, y-yandex, h-habrahabr, etc.
So let's get started. To begin with, it is worth choosing a basic password, for example iMlh4P0Sde, by itself it is better to take into account both the change of the register, and the alternation of numbers with letters, the size and other recommendations were mentioned in detail in previous topics. After the base password is selected and remembered, it is no longer necessary to remember and remember anything new, then the system comes into play.
Consider two options: in the first case, we have one single computer, which is typical for an ordinary home PC. In this case, the most standard set consists of passwords for root, your account, icq, email, jabber, something else). In the second case, we have a small organization, and several servers, each with its own set of services / servers (with its own unique passwords). But then he and the method to be universal ...
The bottom line is:
1) select the position in the password that becomes a variable, say the fourth in our example (iMlh4P0Sde) there is a symbol h
2) substitute the first character of the service from which you want to remember the password (icq, email, jabber), for example, email - e
3) choose a position shift in the English alphabet, and it is better to choose a small value, which in a couple of seconds you can pick up in your mind, for example, just four, and choose the side in which we will count the position (at the beginning / end of the alphabet) for example towards the end alphabet, i.e. e + 4 , which results in i . We do this in the first place so that in case of hacking it is not obvious from which service the password was received, since the first letter of the service name will be lost in the rest of the random character set.
As a result, we get a password for email - iMl i 4P0Sde, where that same variable h is replaced by i
By analogy, we get passwords from other services:
root - iMlv4P0Sde
icq - iMlm4P0Sde
jabber - iMln4P0Sde
As a result, we have a unique password for each service, while remembering only the only and universal basic one. From my own experience I’ll say that remembering just any one password from something, everything else is calculated in seconds, Now, even if the attacker has our password, it will not be enough to gain access to everything else! This will give time to notice activity with our account and login, and change other passwords. As an example, we can recall all the same password theft from classmates and VKontakte, when in spite of the automatic change of password by the administration of these resources, new passwords were sent to the mail accessible under the same, already broken passwords.
If we have several servers, for example (mail, databases and monitoring, s_mail, s_bd, s_mon), you can select another position from the password, and, in analogy with the first case, make it a variable. For example, take the eighth position - the symbol S (our password is iMlh4P0Sde). As a symbol reminiscent of the corresponding service, the first character after s_, and as an offset two positions, now towards the beginning of the alphabet. Those. for s-mon, the substituted character is m-2 , the result is the character k . We make our character uppercase, in accordance with the base password. As a result, our new passwords on the s-mon server will look like: iMl * 4P0Kde.
Further, by analogy, we obtain passwords from other servers and services:
s_bd - iMl * 4P0Zde
s_mon - iMl * 4P0Kde
')
The password itself can be written down and memorized as a formula: iMl (* + 4) 4P0 (* - 2) de, everything ... I think you should not say that all the same can be used on the Internet, where site names g - google, y-yandex, h-habrahabr, etc.
Source: https://habr.com/ru/post/80171/
All Articles