Password Security in Genealogy and Your Life

We all have accounts on numerous genealogy sites as well as a plethora of other sites that are very important in our lives.   How many of us have a unique, secure password for each of these sites?

The folks I’ve talked to certainly don’t use a unique password for each site and few of them use a password that is strong enough so it can’t be cracked by a five-year-old in minutes.

Why?  Because it is hard to remember very strong passwords.  There is really no way we can recall a long list of them, especially if they aren’t used every day.

Hackers know that.  They exploit our human password failing and when we repeatedly use the same weak password, we aid and abet them in their nefarious activities.

Steve Gibson of Gibson Research Corporation has stepped forward to help us resolve our password failings.  He is smart.  He is clever.  He’s a security genius!

On 25 Aug 2011, Steve revealed his “Off The Grid” paper-based system his Security Now show episode 316 with Leo Laporte on the TWiT.tv network. 

The system can trace its genesis back to the Latin Square.  Steve has dramatically enlarged the encryption possibilities of that system in Off The Grid.  In fact, he noted that the system uses numbers so large that they simply can’t be deciphered by our current computer processing power.  He mentioned a number of 10388 times larger character combinations than most current security values.

Not only is the system strong, it is easy to use.   Steve has done a masterful job detailing the system on his site. 

The first page you’ll want to visit is the Off The Grid square page that shows a grid you’ll print and use to create your site specific passwords.  Use the one that is generated when you visit the page or regenerate a new one for your use.  

Hit PRINT now

Keep this grid to create your passwords from now on.  The passwords will all be created by hand off-line and thus with no chance of online hacking.  I laminated my grid.  It will be used constantly.  Your grid won’t be the same as mine and yours won’t be the same as those of any one else.  (No, this isn’t a graphic of my grid, it is just a screen capture of one for this post.)

When you create your passwords you’ll use the grid to find the characters.

Open a second tab in your browser and read how to use the grid starting on the Goals page.

Relax.  You’ll learn a TON and Steve will painlessly walk you through the concept and process of using the grid to create your passwords.   Have faith.  This small investment of time will result in some of the best rewards you’ll ever encounter minute for minute.  If you’ve ever had your I.D. stolen, you’ll fully appreciate this tool and wish you knew this information all of your life.

At the bottom of the page are links to the next section of instruction and information on using the system.  Read each section sequentially.  Your 1st grader can use the system, so don’t throw up the “It’s too hard” excuse.

Step 2: Go to the next page – “How It Works” so you can see how simply yet ingeniously the system works.  Steve walks us through the creation of a password based on the name of a web site (Amazon) using the grid.

The process is simple.  Start on the first row and find the first letter ( “a” )  in Amazon, then drop down that column to the 2nd letter ( “m” ), etc.

When you create your password you’d write down the two or three letters to the left of each of these letters.  Hence “a” would give you “ge”.  “M” would result in “oz”, etc.   Steve walks you through the process in graphics and text.

Do you want to use non-alphabetic characters in your initial site name?  It’s simple, just read the outside ring of characters on your grid and follow the same steps.

Steve notes that the security is fantastic: “So simply using seven domain name input characters to produce 14 alphabetic-only output characters yields 24007 = 458,647,142,400,000,000,000,000 possible combinations, which would require 14,533,651 years to test at one billion attempts per second.”

Off The Grid is THE password creation system to use folks.  It is simple.  It is virtually uncrackable if you have at least 12 characters in your resultant password.  There are no patterns, no words from the dictionary, no commonly used character strings.

Now that you have your grid and know how to use it, replace ALL of your old easy and duplicated passwords with new passwords that you’ve created using Off The Grid.  

Seriously consider managing all of your passwords by installing and using the LastPass program that I’ve written about before.  If you want to test the probable strength of your new password, go to Steve’s “How Big is your Haystack” page and check them out. 

Last note.  If you print your grid a week or more after this note was posted, Steve said that he is going to include some printing commands on his site that will allow font sizing, colors, etc.  

Get started reading the Off The Grid pages and learning the system today.  Many Kudos and Thanks to Steve Gibson.

Copyright (c) Lee Drew 2011-08-26 08:00:00
The URL for this post is:
http://www.famhist.us/2011/08/26/password-security-in-genealogy-and-your-life/
Tags:
avatar

About lineagekeeper

Family history research is a favored avenue of relaxation. It is a Sherlock-like activity that can continue almost anywhere at any time. By leveraging a lifetime involvement in technology, my research efforts have resulted in terabytes of ancestral data, earning me the moniker of Lineagekeeper. And yes - We are all related to Royalty.