What3words (map app) helps create strong easy to remember passwords

Topic

New Reply

How math and language can combine to map the globe and create strong passwords, using the power of 3 random words

It’s hard to imagine that three random words have the power to both map the globe and keep your private data secure. The secret behind this power is just a little bit of math.

What3words is an app and web-based service that provides a geographic reference for every 3-meter-by-3-meter square on Earth using three random words. If your brain operates more naturally in the English measurement system, 3 meters is about 9.8 feet. So, you could think of them as roughly 10-foot-by-10-foot squares, which is about the size of a small home office or bedroom. For example, there’s a square in the middle of the Rochester Institute of Technology Tigers Turf Field coded to brilliance.bronze.inputs…

While the power of three random words is being used to map the Earth, the U.K. National Cyber Security Centre (NCSC) is also advocating their use as passwords. Password selection and related security analysis are more complicated than attaching three words to small squares of the globe. But a similar calculation is illuminating. If you string together an ordered triple of words – such as brilliancebronzeinputs – you get a nice long password that a human should be able to remember far more easily than a random string of letters, numbers and special characters designed to meet a set of complexity rules…

sing the “Corncob list” of 58,000 English words, you could generate more than 195 trillion “three random word”-style passwords…

Reply | Quote

Replies

One problem with this approach.

Almost all sites now require passwords contain at least one special character, one number and a combination of upper/lower case letters.

1 user thanked author for this post.

Alex5723

Reply | Quote

I don’t see a problem.
Always start with upper case letter and end with 1 & @ (or any other fixed combination).

Reply | Quote

Or just pick a nice long word (or three words) and capitalise and substitute suited letters for a symbol “alternative” (for example, might become @, U becomes ^ etc..) on an arbitrary pattern (so for more passwords, you change the word or the pattern)

So, for example, you could start with banality and derive B@n@L1ty.

Maybe you could use the same password in similar lower security areas with differing patterns, as hackers would have fun writing something to add “looks like” or “sounds like” substitutes on a dictionary hack and to then try all the patterns.. though I guess someone has probably done it but it slows the attack down a fair bit I suspect.

The take away there is pick an uncommon word or phrase to start with.. and maybe do something like remove or replace the spaces in a phrase with ascending numbers or something if you’re ever going to use it on a keyboard in public, to make it harder to shoulder surf (the spacebar usually makes a nice loud clack so you might as well advertise that character is a space if you’re using a library.)

Longer passwords are patently better but are can be fun to type- something with too many $s and at symbols in close succession can mean you take longer to type it, making shoulder surfing easier.. Be aware some remote support people might be able to see your password also (so they can check it’s really you by asking for the fifth character for example), so tempting as it is to make your banking password “T1ghTw@d$” it might not be the best choice..

 

 

 

 

Reply | Quote