Posted by The Natural Philosopher on 10/22/07 22:40

Sanders Kaufman wrote:
> "The Natural Philosopher" <a@b.c> wrote in message
> news:1193054390.75710.0@iris.uk.clara.net...
>> Sanders Kaufman wrote:
>
>>> Suppose my every password is "GOOGLE"
>>> And the site I'm logging into is "google.com".
>>> I might interlace the two as "GgOoGgLlEe".
>>>
>>> That way - I have a unique password for every site and never have to
>>> write down a password ever.
>>> All I gotta do is remember ONE password, and the algorithm.
>>>
>> I'd say that is even stupider. They crack your algorithm, they have all
>> your sites.
>
> So you think that cracking an algorithm is easier than cracking a password?
> Do the math - the forumala is harder to crack.
>
>

It entirely depends on the algorithm.

For example one which merely reverses the order of the sitename would be
trivial

>> I don't use the same password everywhere and i certainly don't use the
>> same user name everywhere.
>
> Of course not. You just have a couple of usernames and passwords... that
> you use everywhere.

I hope you are not involved in security.
First you deduce things from write data that are incorrect, secondly you
assert as fact that which you cannot know.


> When you do that - you *deliver* your credentials to for dozens of sites to
> every webmaster - honest or otherwise.
>

I don't. Do that. I merely asserted that memorable but hard to guess
passwords are actually easy to think up.

[Back to original message]