1337pages.com

Your Randomly Generated Simple Password Grid

ABCDEFGHIJKLMNOPQRSTUVWXYZ
0bO6VRYhjjo2t3TP2f7H62180PX0
18n81RZR44PeCYK195u454dp2HZ1
268V3d97WM10qPNjRXR5f8SjyMv2
34f6kVu5IJkw6B9a6k84hrbYokw3
460w8a508K9c16v9Tqu5r0T8lck4
5Ucl32IQIUWGBeQzAdGvvD6r9lK5
64D1460eSID5J1hc5nZpV24gfq66
7kRYGl3P8fV7k48VbNv5UwPzVR57
802Tf3St6QMErQ3KK187Nle65hh8
97i1SmGiv6Y5g20v7l79f3OOU7R9
ABCDEFGHIJKLMNOPQRSTUVWXYZ

What? How does it work?

There are lots of different ways to use a password grid. The most common is to pick a pattern in the grid and walk it for a total of 8-16 characters. People often create a new grid for every meaningful password (ie, one grid for your bank, one for your online stock account, one for your production web server account, etc).

That might be a little overkill for most people, especially for 16 character passwords -- that's a lot of typing and grid reference! -- So lets see if we can find an easier method that will still give us a measure of safety from dictionary attacks. You'll notice that this grid has letters and numbers on the axis, the alphabet along the top, 0-9 on the left, we re going to use that to make a simple, difficult to crack password scheme:

  1. Print a few copies of your grid. This is important even if you generated w/ a phrase. You might lose it and the site might not be around anymore to re-generate your grid.
  2. Choose a length for your passwords, 8 is normally good enough for most needs (62^8 is a big number (218,340,105,584,896 in case you were curious))
  3. Choose a way to find the start point for your password.
  4. Choose a simple pattern to follow to get your 8 characters. It doesn't really matter what it is, someone will have to have your card AND the pattern AND the startint point to determine your password, so keep it simple
  5. Combine the steps into a password

That's the general case -- does it make sense? Let's try with a real world example for facebook.com:

  1. Lets go with 8 characters for our password, if you want more you'll just have to accept that it'll take a while to memorize and type (we are talking about random letters here)
  2. Facebook starts with the letter F and has 8 characters, so we're going to use (F, 8) as the start of our pattern, nice and simple
  3. To keep the pattern simple, lets go with 4 characters to the right and 4 characters down
  4. Put the pattern into action:
    1. Go to F,8 in the random sample above.
    2. Grab that character and the 4 to the right of it {(F,8), (G,8), (H,8), (I,8)}
    3. Now grab the four characters below that {(I,9), (I,0), (I,1), (I,2)}

Simple and repeatable. Print out a new card every 3-6 months and swap all your passwords.

Just tape the grid to your computer and keep a copy in your wallet, it is doubtful that anyone cares about breaking into your house or stealing your wallet to hack your accounts :)

Password Grid FAQ

Why?

Because you can't make a good password.

Fidelity and Facebook are the same number of characters and both start with F, handle THAT!

What, do I need to solve all of your problems for you? Print two copies and mark one "Banks and important crap" and mark the other one "Everything else".

http://www.thedailyworsethanfailure.com/ is 24 characters, that is more than 9. What do I do?

You see 24, I see 4. Wrap it around (software people call it the Modulus operation).

Wait wait wait, print a new one every 3-6 months?

Yes. If you're springing forward or backwards, change your passwords (yeah, I just thought that up... no I know it doesn't quite work, but whatever).

References: http://www.vvsss.com/grid/