Hello all,

This is Flint's password guide and I will be guiding you on passwords.

There are three rules to passwords

1) They must be long enough

2) They must be easy to remember

3) They must not be easy to guess.

Now some like to say alpha, numeric, symbol is needed. I say hogwash. Alphanumeric is good enough so long as you have length.

Now I wish to show 3 passwords I have used in the past

1torulethemall
1victory4allmankind
Who1is2on3third4base

Notice how each of them uses numbers though in different ways in the case of the 3rd example? This is represents two different ways, of four, to incorporate numbers in a memorable way.

The four ways to incorporate numbers are:

1) Linguistic swaps
1 can replace the words won, one, or the sound one. For instane d1 sounds like done. 4 can replace for and four. 2 can replace to, too, and two. Other numbers work in this capacity. Feel free to use native language nuances for even higher security

2)  Fixed placement
By 1 placing 2 numbers 3 between 4 words.... I create a simple version of fixed placement. Fixed placement can also be odds only, evens only, between letters and not words,  spelled out (every other or all or other patterns)

3) Lucky Number
My lucky number is 1244194i74737272jf82xj2 (ok just kidding) and I can place it in a position based upon the value of the lucky number or otherwise incorporate it into the password

4)Math
Take your birth year, divide it by your birth month (round up) and subtract your birth day. Or devise a different math formula based upon numbers important in your life (social security, drivers license, etc.) and use a logical math process.

Now the rest of your password should incorporate either an easy series of phrases (my gmail, game site, paypal, and credit monitoring passwords all use things from books, movies, games, or other written material) with an easy to memorize sequence.

Using slang and shorthand is plausible as well.

In IC it was 1 to rule them all. Based upon lord of the rings. I used this back in 2001 for IC and never changed it.

Now there are other ways to increase security beyond that even however. Nicknames, names, friends names, and other nouns, mixed with verbs, and then titles, for instance... is one way you can increase variability.

Another way is to incorporate a short way to stand for the site in question. Say IC can be used in a "ICanbeatyou" passphrase

Say for instance I was trying to make a new PayPal Password.

I could use a line "the force be with you", my nick I wanted to be 'Raistlin', the number 7, and part of IC "Conflict"

Being paypal I want higher than normal security so I will use caps and numbers.

TehfarcebwituRaistlin7C1flict

That password, consisting of 29 characters is insane for a hacker to find. There are easier fish in the Ocean. Notice I used slang, shorthand, fixed number placement, number replacement, a commonly known statement and a nickname few (until now) would know.

If that was in fact my new password I could easily remember that (except the 7 since it is not my lucky number)

A password must be easy for you to remember, but not easy for a hacker. Your passwords should be unique to each site. Using easier ones for less important sites is ok. Imperial Conflict was never a "dangerous to lose my password" of a site so the password was very easy to use.

Now here is a list of things that may be usable in password

Pet names
Friends names
Cities
Nations
Activities
Verbs
Nouns
Adverbs
Proper nouns
Numbers
Car types you like
Your first gf
Your first bf
Your adress

The key to a top level password is to include several different things that wont be easily guessed about you.

For instance of a bad password:

People know I like Compression math, that I did security, that I drive a truck, that I am a Republican, and that I like Tia. Using those in any manner for a password is dangerous! In less than an hour a key word list specific to those can be generated and tried. A password of Peterbilt357i<3Tia could actualy be tested via commonly available matrixes

The idea is to use things you dont advertise on the net (like the name of my first lover). And always length helps but try to make it 3 or more words.

There is a brute force method where words, and slang, are randomly tried together (or pseudo-randomly where the words are tried in context). 2-3 words can be efficiently tried but 5 or more words starts to become an impossibility for a medium level hacker. Even then the best hackers wont even care to try unless they know your valuable.

I am Einstein, aka Flint Fireforge on this forum and this is a primer for proper password security!

P.s. written on tablet pc, forgive typos pls!