THE PERFECT MASTER PASSWORD
Coming up with a master password can be tricky. It should be obscure enough that it won’t be guessed, and long enough that it can’t be easily cracked. At the same time, it needs to be something you won’t forget, and which isn’t a complete pain to type in. That rules out the long strings of random characters that password managers routinely generate.
One approach is to derive your password from a phrase that’s memorable to you. For example, you might start with a line of poetry, such as “You are old, father William, the young man said”. Take the first letter of each word, and you get “yaofwtyms”. Not very guessable, right?
Unfortunately, while an opportunistic attacker probably wouldn’t think to try that particular combination of letters, the free password-checking tool at www.security.org/how-secure-is-my-password/ warns that a computer could crack it in about two minutes. We can make it harder to crack by adding in some capital letters, digits and punctuation marks: “YoafW!tyms81” would take an estimated 34,000 years to break.
Unfortunately, in making the password more secure, we’ve also made it harder to remember and type. An alternative approach therefore is to use a passphrase made up of normal English words – and just make it a bit longer.
You can generate suitable phrases at xkpasswd.net, a site inspired by an xkcd.com cartoon on this very topic (it’s reproduced above on the XKPasswd page). In fact, the site offers a wide range of password templates, but if you click the “XKCD” button at the top it will restrict itself to sets of four words series separated by hyphens. On our first try it suggested “IRELAND-sent-APRIL-FARMERS”. That’s a lot easier to remember and type than “YoafW!tyms81” – and according to security.org, it would take 200 octillion years for a computer to crack.