Monthly Archives: April 2014

How to Devise the Perfect Password by Alan Pearce

The key to good cyber-security is a secure password that cannot be guessed at or cracked.

On no account write down your passwords and do not store them in a dedicated password safe as the very existence of such a thing can draw attention in itself.

A good password should be at least 12 characters long and should contain a mix of upper and lower case, numerals and symbols. Never use any word that you can find in a dictionary, nor names of pets, children or your mother’s maiden name. Do not use key dates. It should also be something that you can easily remember.

As unlikely as this may seem, an ideal password would look something like this:


On the face of it, this would appear impossible to remember. However, this password is derived from the rather memorable opening passage of the Jane Austen classic Pride and Prejudice, which begins like this:

It is a truth universally acknowledged that a single man in possession of a good fortune must be in want of a wife.

What we have done here is take the initial letter from each word in the first paragraph, which then looks like this:


Anybody of reasonable intelligence can easily remember this line. However, it need not be the opening passage of a book. It might be a line from a pop song or a favorite poem, or a simple phrase that you can commit to memory, such as: All work and no play makes Jack a dull boy.

You now need to add to this some upper case, numerals and symbols. In our chosen example we have added a smiley face at the very beginning and then at the ninth position we have added the number 9. The words Man and Woman have been given upper case characters. Then we have added a more complex emoticon at the end. All of this is simple to remember.

Additionally, if you have a keyboard with non-universal symbols such as the UK pound (£), the Euro (€) or Yen (¥), add one of these to complicate matters further. But bear in mind that these may not be accessible when using another person’s keyboard.

Hackers working to crack a password often employ a ‘brute force attack’ or ‘exhaustive key search’, but these are generally only effective against short passwords. For longer passwords, a ‘dictionary attack’ is often employed. The method shown here is highly effective against the most sophisticated attacks.

This, in turn, can also be used as a means of passing on a password. Once the recipient understands the principle, you just mention any book that can be found on Amazon. They look inside and read the relevant line to receive the password.

Alan Pearce is the author of “Deep Web for Journalists: Comms, Counter-Surveillance, Search” available from Deep Web Guides. He also gives regular workshops in cyber-security. See his website for details.

%d bloggers like this: