* Posts by PizzaMac

1 publicly visible post • joined 12 Apr 2021

UK's National Cyber Security Centre recommends password generation idea suggested by El Reg commenter

PizzaMac

Three random words:

- probably too constrained a space and some argue easy to dictionary attack as a hash.

- doesn't hit the complexity password rules without character substitution.

So add 'magic word' from a key phrase (My mate Boris -> Mm6)

Always prefix or suffix your three words with your magic word and punctuation : you subvert the attack space away from a straight dictionary space and meet the complexity requirements.

PLUS using regular words makes typing easier than 16 truly random characters and punctuation marks.

PLUS if you have sufficient trust in your magic word you can write down the _other_ words in an ordinary notebook (or app).

So:

Mm6=antimony+arsenic+aluminum

Mm6=taken+three+bottles

This is my 'granny' solution. It doesn't need a password app, and Granny can understand it. (YGMV - Your Granny May Vary).