'Password' Passwords Are Bad: Poetic Passwords Are Good - Takes 5 MILLION Years To Crack

Kyle Nofuente, Tech Times 24 October 2015, 05:10 am

"Password" is not a good password.

"1234567890" is also not a good password (though it is really really convenient if one simply drags their fingers across their keyboard from 1 to 0).

The problem with passwords (that aren't our faces) is two-fold. First, we have to make sure it's secure. Second, we have to make sure to remember it. Password managers like LastPass manage both of those conveniently, but convenience has its costs.

Password managers tend to auto-fill passwords on browser pages which is actually difficult to do securely and opens up password managers to attack. Besides, who can really remember 12 to 60 character passwords made up of a random string of letters, numbers, and symbols? On top of that, to be usable, password managers need to be accessible everywhere. Thus, the best password manager and keeper is, still, the human brain.

Two researchers from the University of California have found the perfect solution: poetic passwords. Their solution for creating the perfect password is both hard to crack and is easy on the brain since it'll be relatively easy to remember.

Ghazvininejad and Knight's poetic password generator creates password poems by assigning every word in a 327,868-word dictionary an exclusive code. Their specialized computer program then generates a lengthy random number. That number then is broken down into chunks of grouped numbers of which is translated into two short phrases. The program makes sure that the final word of each phrase ends in a rhyme, thus completing the poem constructed in iambic tetrameter.

Users can actually try it out now and see what kind of rhyming passwords they can create by constantly refreshing the site. The researchers advise, however, that the site is just for demonstration purposes and may be insecure. If someone does want a perfected poem password, they can enter their email and the pair's program will email back with a more secure password before it gets securely deleted from their server.

According to the duo, the poetic passwords will be extremely difficult to break. They're so secure that at the current state of technology, it will take five million years to crack a poem password.

Photo: Christiaan Colen | Flickr