Support SaysBrad
  • (Most Compact 20000mAh Portable Charger) Anker PowerCore 20100 - Ultra High Capacity Power Bank with Most Powerful 4.8A Output, PowerIQ Technology
    (Most Compact 20000mAh Portable Charger) Anker PowerCore 20100 - Ultra High Capacity Power Bank with Most Powerful 4.8A Output, PowerIQ Technology
    Anker

    This thing, you need. Run your smartphone for days.

  • Klear Screen iKlear Cleaning Kit for iPad, iPhone, Galaxy, LCD, Plasma TV, Computer Monitor and Keyboard (Cloth, Wipes and Spray)
    Klear Screen iKlear Cleaning Kit for iPad, iPhone, Galaxy, LCD, Plasma TV, Computer Monitor and Keyboard (Cloth, Wipes and Spray)
    Klear Screen

    I use this cleaner for my iPhone, iPad 3, iPad mini and MacBook Pro. It’s great all-around and won’t mess up the oleophobic coating on iOS device screens.

  • Arctic Silver 5 Thermal Compound 3.5 Grams
    Arctic Silver 5 Thermal Compound 3.5 Grams
    Artic Silver

    If you’re having problems with your Adonit Jot capacitive touch stylus or Hex3 Jaja, you can improve its performance and reliability with careful application of thermal paste! For more on this, check out my capacitive touch stylus how-to fix-it guide. Months later (Sep 2013), my styli are still performing great!

  • Adonit Jot Touch with Pixelpoint pressure sensitive stylus for iPad - Black
    Adonit Jot Touch with Pixelpoint pressure sensitive stylus for iPad - Black
    Adonit

    Adonit Jot with Pixelpoint, works with a lot of new drawing apps on iPad.

  • Klear Screen's iKlear 8 oz. Pump Spray Bottle 7351-IKHP, Others, Electronics & Computers
    Klear Screen's iKlear 8 oz. Pump Spray Bottle 7351-IKHP, Others, Electronics & Computers
    Klear Screen

    The stuff I use to keep my iPad screen nice and clean!

  • Cosmonaut: Wide-Grip Stylus for Capacitive Touch Screens
    Cosmonaut: Wide-Grip Stylus for Capacitive Touch Screens
    Studio Neat

    Awesome capacitive touch stylus created by Studio Neat. Great guys, great product. I use mine every day! Bradtastic Approved.

  • Adonit Jot Pro Stylus for iPad, iPhone, iPod Touch, and Other Touch Screens (ADJPG)
    Adonit Jot Pro Stylus for iPad, iPhone, iPod Touch, and Other Touch Screens (ADJPG)
    Adonit

    Adonit Jot Pro is an awesome capacitive touch stylus for iPad & other tablets.

  • Pencil by FiftyThree Digital Stylus for iPad Air, iPad Mini and iPad 3/4 - Walnut
    Pencil by FiftyThree Digital Stylus for iPad Air, iPad Mini and iPad 3/4 - Walnut
    FiftyThree

    Even if you consider yourself a casual doodler or note-taker, you’ll love this well designed stylus. Built for Paper by FiftyThree, the iPad app — however, many other apps support Pencil.

  • Bicycle Standard Index Playing Cards (Pack of 2)
    Bicycle Standard Index Playing Cards (Pack of 2)
    Sportsman Supply Inc.

    Playing Cards for your password creation or poker game!

My Amazon.com Wish List
If you’re looking for an app, need personal or corporate branding, marketing material, an illustration, logo, sketch or design — there’s a Brad for that!

Entries in tips (1)

Friday
Nov132015

Playing Card Passwords: Safe Passwords for Forgetful People

(Note: an edited version of this is available at Medium.)

An effective way to create great passwords with a built-in failsafe.

Recently I devised (at least independently) a method for password creation that is safe (effective), has steps to easily add extra layers of protection, and is usable by basically anyone, forgetful or not.

Sorry, p@ssw0rD is not “safe” and neither are Post-it notes.

Unfortunately many people still use passwords made from real words, and use the same passwords for everything. Not good, right? I think most people instinctively know this, but doing something about it seems too troublesome.

Complicated passwords are difficult to remember, so if you do create one, you create one… and use it for everything.

Here’s a simple solution: a pack of playing cards.

Your standard 52 card deck will give you four passwords, at least 13 characters in length. Here’s how to set it up, and why I think it’s effective. At the end, I’ll list out methods to make the passwords even harder to crack, and ways to make an easier to remember (though less safe) version.

1. Separate the pack into each suit.

Ace through King gives you 13 cards per suit. Designate one picture card or the Ace to be lower case. Use a Sharpie if you must.

2. Shuffle each suit thoroughly and separately.

Thirteen factorial alone gives you 13! = 6,227,020,800 possible configurations, but there’s actually many more possible password configurations per suit than this because you’ve randomly assigned one of the letters on the face cards to be lowercase, and you can either assign the Ace to be A, a, or 1 and the Ten as either T, t, or 10.

My sample shuffle gives me: 92k10835A7Q46J

Pretty decent password.

Repeated again in clubs, I get T7Q196Kj43825

For this example, I replaced the Ten and Ace with “T” and “1.”

Repeat twice more and you have four very good passwords.

Storage is simple. Cards go back into the box to be stored in a very safe place. Locked safe, or some out-of-reach place where you store valuables like jewelry, cash or important documents. Some place the pack isn’t likely to opened and shuffled. No one will suspect that the deck of cards is actually you’re passwords set — unless everyone starts doing this, and let’s face it, they won’t.

Your computer (or phone) likely stores a lot of these passwords so you won’t have to recall and type them out often.

Important note: It’s not important that the shuffles appear random, only that it actually is.

Actual randomness (or events near enough that it makes no difference) doesn’t really work the way most of us intuitively think it does. It often ends with what looks to us like patterns. Cards may end up regrouping with for example, two or three cards that form an ordered set, like 234 or 765. You can rearrange that if you want, but it’s not necessary for the password to be “randomized.”

Need more?

One red deck, one blue. That’s 8. Cards come in different back designs. For my example, I’m using Tally-Ho playing cards, but there are Bicycle, Bee, WSOP, Budweiser, cheap drug store cards and practically countless others to choose from.

On making the password even more tricky.

In case 13! isn’t good enough for you, your two Jokers can come into play. Just assign it a value and shuffle it in. Now with just adding one card creates a minimum 87,178,291,200 combinations.

You can also assign cards new values.

In my first sample, I created: 92k10835A7Q46J

But that could easily be 9dKt835a7Q46j or nDK1083fA7q46J with an intuitive substitution of “d” for 2 (deuce) and “n” for Nine and “f” for Five. If these changes aren’t intuitive to you, you can use a Sharpie to mark the cards you’re altering for your password. You could apply these changes to passwords of just the red variety, or maybe just hearts and spades.

Additionally, you could replace a number with a non-intuitive (or less intuitive) character or string. The Ten could become “qo” for the two keys underneath the 1 and 0 on the keyboard. “7” could become “&.” Or, change the Queen to “v.” Create a system that you’re likely to remember or mark the cards.

Here’s a sample result using a Joker:

8NkQ45Da6-310j&

With a few substitutions, I’ve created a fantastic 15-character length password.

Simplification for passwords you may not want to store on your devices that are easier to remember.

Though less safe, eight characters is still moderately strong.

Eight cards gives you just 40,320 possible combinations, but you choose those eight cards, creating many more possibilities.

My simplified 8 card password:

NA8-jq25 — a password I can remember as “North America 8 - jack-queen twenty-five.”

Another example:

A6wt5KQ7 — trickier to create a mnemonic for, but not impossible. “A6 wt5 ( “w” for “Wild,” five like “f,” wtf… what the five) Kwing 7.”

And there you have it, the Bradtastic Method of Password Creation!

What I’ve presented is really just the beginning of a scalable method for password creation with a built-in failsafe — a pack of cards kept in an actual safe!

Create your own coded system to enhance it, use ten or twelve cards instead of 13, or use the basic method.

Better still, set the system up for your parents who might still be using passwords like “OurDogsNameYearWeGotMarried.” And then send me presents when your inheritance isn’t stolen by a hacker.