My mom asked me eariler what a good way to make a secure password was, and I had all kinds of ideas, including shocking nonsense, rot13, acronyms of random phrases, and so forth.
Personally, I prefer the randomly-generated approach – real random, of course. I’m not talking about frand here. Here’s what you do:
Find yourself an ordinary deck of playing cards (or several): 52 cards, no jokers. Shuffle well and draw some cards.
Use the following conversions to turn it into a string of lower-and upper-case letters (feel free to rearrange the suits – it doesn’t matter):
Key: Suit – A 2 3 4 5 6 7 8 9 10 J Q K
Spades – A B C D E F G H I J K L M
Clubs – N O P Q R S T U V W X Y Z
Diamonds – a b c d e f g h i j k l m
Hearts – n o p q r s t u v w x y z
So for example, I’m going to generate one now. I just drew 9S, QH, 9H, 4H, 2D, 6D, 9C, 6C. That converts to “IyvqbfVS”
For added entropy you can adopt a different rule and draw some more cards:
Color: A 2 3 4 5 6 7 8 9 10 J Q K
Black: ` 1 2 3 4 5 6 7 8 9 0 – =
Red: ~ ! @ # $ % ^ & * ( ) _ +
After doing this, I drew JS, AC, 2S, 2H, which would be “0`1!”
So just by drawing 13 cards from a deck, I generated the ludicrously complex password “IyvqbfVS0`1!”
Now, maybe you can’t remember something like that, but if you can, it vastly beats the crap out of “myspace1″ or “password”.