<h3>Background</h3> <p>While at the Gym the other day, I was working with my combination lock, and realized something that would be useful to me as a programmer. To wit, my combination is three seperate sets of numbers that either sound alike, or have some other relation that makes them easy to remember. For instance, 5-15-25, 7-17-2, 6-24-5. These examples <em>seem</em> easy to remember.</p> <h3>Question</h3> <p>How would I implement something similar for passwords? Yes, they ought to be hard to crack, but they also should be easy for the end user to remember. Combination Locks do that with a mix of numbers that have similar sounds, and with numbers that have similar properties (7-17-23: All Prime, 17 rolls right off the tongue after 7, and 23 is another prime, and is (out of that set), the 'hard' one to remember).</p> <h3>Criteria</h3> <ul> <li>The Password should be easy to remember. <code>Dog!Wolf</code> is easy to remember, but once an attacker knows that your website gives out that combination, it makes it infinitely easier to check.</li> <li>The words or letters should mostly follow the same sounds (for the most part).</li> <li>At least 8 letters</li> <li>Not use <code>!@#$%^&*();'{}_+<>?,./</code> These punctuation marks, while appropriate for 'hard' passwords, do not have an 'easy to remember' sound.</li> </ul> <h3>Resources</h3> <p>This question is language-agnostic, but if there's a specific implementation for C#, I'd be glad to hear of it.</p> <h3>Update</h3> <p>A few users have said that 'this is bad password security'. <strong>Don't</strong> assume that this is for a website. This could just be for me to make an application for myself that generates passwords according to these rules. Here's an example.</p> <blockquote> <p>The letters <strong>A</strong>-<strong>C</strong>-<strong>C</strong>-<strong>L</strong>-<strong>I</strong>-<strong>M</strong>-<strong>O</strong>-<strong>P</strong> 'flow', and they happen to be two regular words put together (<strong>Acclimate</strong> and <strong>Mop</strong>). Further, when a user <em>says</em> these letters, or says them as a word, it's an actual word for them. Easy to remember, but hard to crack (dictionary attack, obviously).</p> </blockquote> <p>This question has a two-part goal:</p> <ol> <li>Construct Passwords from letters that sound similar (using alliteration) or</li> <li>Construct Passwords that mesh common words similarly to produce a third set of letters that is not in a dictionary.</li> </ol>

<p>You might want to look at:</p> <ul> <li>The pronouncable password generation algorithm used by apg and explained in FIPS-181 </li> <li>Koremutake</li> </ul>

Phonetically Memorable Password Generation Algorithms

Background

While at the Gym the other day, I was working with my combination lock, and realized something that would be useful to me as a programmer. To wit, my combination is three seperate sets of numbers that either sound alike, or have some other relation that makes them easy to remember. For instance, 5-15-25, 7-17-2, 6-24-5. These examples seem easy to remember.

Question

How would I implement something similar for passwords? Yes, they ought to be hard to crack, but they also should be easy for the end user to remember. Combination Locks do that with a mix of numbers that have similar sounds, and with numbers that have similar properties (7-17-23: All Prime, 17 rolls right off the tongue after 7, and 23 is another prime, and is (out of that set), the 'hard' one to remember).

Criteria

The Password should be easy to remember. Dog!Wolf is easy to remember, but once an attacker knows that your website gives out that combination, it makes it infinitely easier to check.
The words or letters should mostly follow the same sounds (for the most part).
At least 8 letters
Not use !@#$%^&*();'{}_+<>?,./ These punctuation marks, while appropriate for 'hard' passwords, do not have an 'easy to remember' sound.

Resources

This question is language-agnostic, but if there's a specific implementation for C#, I'd be glad to hear of it.

Update

A few users have said that 'this is bad password security'. Don't assume that this is for a website. This could just be for me to make an application for myself that generates passwords according to these rules. Here's an example.

The letters A-C-C-L-I-M-O-P 'flow', and they happen to be two regular words put together (Acclimate and Mop). Further, when a user says these letters, or says them as a word, it's an actual word for them. Easy to remember, but hard to crack (dictionary attack, obviously).

This question has a two-part goal:

Construct Passwords from letters that sound similar (using alliteration) or
Construct Passwords that mesh common words similarly to produce a third set of letters that is not in a dictionary.

Which algorithm is used for random password generator?

The main algorithm for password generation contains a FOR loop, which does the following: generates a random number between 1 and 4 to choose the character set. once the set has been randomly selected, a random index will be generated for the selected character set.

You might want to look at:

The pronouncable password generation algorithm used by apg and explained in FIPS-181
Koremutake

Phonetically Memorable Password Generation Algorithms

Tags:

language-agnostic

security

algorithm

passwords

Background

Question

Criteria

Resources

Update

George Stocker

People also ask

1 Answers

Can Berk Güder

Recent Activity

Donate For Us

Phonetically Memorable Password Generation Algorithms

Tags:

language-agnostic

security

algorithm

passwords

Background

Question

Criteria

Resources

Update

George Stocker

People also ask

1 Answers

Can Berk Güder

Related questions

Recent Activity

Donate For Us