|low graphics version | feedback | help|
|You are in: UK|
Friday, 29 June, 2001, 13:23 GMT 14:23 UK
What your log-on says about you
Your password may reveal a clue to your personality - and your computer literacy - in just six characters or less, writes BBC News Online's Megan Lane (password: goKiWi).Disclaimer: The BBC will put up as many of your comments as possible but we cannot guarantee that all e-mails will be published. The BBC reserves the right to edit comments that are published.
Picking a password is a split-second decision for some computer users, while others ponder long and hard to come up with a suitable log-on.
Yet chances are, no matter how long you take to choose a password, your secret sign-on may be easier to crack than you think.
About a quarter of those surveyed use their own name or nickname, while one-third pick a favourite star or football team.
So that guy who slopes about the office in his Arsenal scarf, blathering away about the team's latest bid for pitch glory, may well have a password such as "g-u-n-n-e-r" or "s-e-a-m-a-n".
The poll found four distinct categories of computer users when it came to picking passwords.
Almost half of those surveyed - 48% - fell into the family category, choosing names, nicknames or birthdates of those special to them.
Psychologist Professor Helen Petrie says: "The family users appear to be people who are not particularly computer-literate but who have incorporated occasional computer use into their everyday lives."
Another 11% start the day by tapping in "s-t-u-d" or "s-e-x-y" or similarly saucy moniker they most likely will never enjoy - these are the fantasists.
The smallest group are the cryptics - typically the most computer literate of those surveyed - who take a leaf from the "for your eyes only" school of thought.
In an attempt to confuse and confound, these security conscious individuals pick obscure passwords that mix letters, numbers and punctuation.
A similar survey last year, commissioned by Visa, found that 67% of passwords chosen to protect information were easy-to-guess names or numbers.
Stephen Dyer, chairman of CentralNic, says most people subconsciously choose a password that they hope will sum up the essence of their being.
"This makes it potentially very simple indeed for anyone to access their computer or secure internet sites."
So if passwords are indeed a modern-day personality test, this proves at least one trait - that most people are more transparent than they might care to think.
And if anyone should wonder, goKiWi is no longer my password. I've just changed it.
After I reconfigured my company's password policy to
disallow blank passwords, the helpdesk was flooded with
Past girlfriends names are good - if you don't need more than three passwords.
A useful password is your last car registration. This is a memorable mixture of numbers and letters which is hard to guess.
A former colleague (chemistry grad) started at the top left of the periodic table. So I (French grad) started with Medieval French authors I studied and have now made it to the 16th Century.
A reasonably easy way to increase the security of your password is to incorporate non-visable ASCII characters into the middle of them. For example, hold down ALT and type 007 to include an audible beep.
The most 'unique' password I've seen was "**********" where the user just typed 10 *'s in for the password. Oh, the laughs we have here in technical support...
I usually go for simple words in obscure foreign languages I happen to know (eg: Indonesian, Swahili) - which might be less likely to be in Western password databases.
I misspell flower names, eg: narceizus (narcissus).
Why you people are prepared to post your password selecting schemes to a public web site is beyond me. And just so you know, anything that is based on a word out of the dictionary (and language is irrelevant) is cracker fodder...
I'm involved in a mock hacking game with a group of friends, and we constantly try cracking each other's passwords. I can tell you that the best thing to do to confuse a password generator is to include upper and lower case letters, numbers, and symbols in your password. Also note that the cracking time increases exponentially when you increase the length of your password. For example, a nine-letter password could take three times longer to crack than an eight-letter one.
It is interesting to note that a number of passwords that are assumed to be cryptic by their authors are more often than not contained in password databases used for brute force cracking attacks or frequently guessed. Most commonly these are the letter substitution kind: for example 1amp05t (lampost); pe551m15t etc... You'd be suprised how many passwords made
up of first letters in a favorite phrase are in these lists as well... TRISFMOTP. Any guesses?
Adam Brooke has a poor knowledge of climatology if he thinks that the rain in Spain falls mainly on the plain.
Without revealing anything that might compromise you (bank account numbers and passwords etc), what are the most - or least - imaginative passwords you've ever come up with?
Let us know by using the form below, or if you prefer to use your own e-mail program, send them to firstname.lastname@example.org
17 Jul 00 | Sci/Tech
When hacking is guessing
20 Apr 00 | UK
You must remember this ... that and the other
Top UK stories now:
Links to more UK stories are at the foot of the page.
Links to more UK stories
|^^ Back to top
News Front Page | World | UK | UK Politics | Business | Sci/Tech | Health | Education | Entertainment | Talking Point | In Depth | AudioVideo
To BBC Sport>> | To BBC Weather>>
© MMIII | News Sources | Privacy