About a year ago I posted a blog item elsewhere called 'They've got you covered'. This described an innovative new addressing system called 'what3words' which enabled any 3x3 metre square anywhere in the world to have its own unique address by using three words. This has now become a popular app and is used particularly by the emergency and rescue services and is even built into some new cars. You can test this out for yourself by going to their website what3words.com/ and clicking on "Explore the map site". Each square has been allocated a set of three words chosen randomly from a dictionary of 40,000 words.
40,000 words might not seem many to cover the world. However, the number of 3x3 metre squares on Earth is 57 trillion. The number of permutations of three randomly-selected words from 40,000 is 64 trillion, which is more than enough to cover everywhere including the vast oceans.
The three words are separated by a dot. Have a look for your own house and pick the best set of three words. Since these cover only a 3 metre square you will find that there are several to choose from depending on where you place the cursor on your property. Whichever ones you choose, your three words will be more accurate than a postcode since the average size of a postcode area in UK is a massive 776 square miles! Here is a good example of the words for No 10 Downing Street (no comment!).
What's this got to do with passwords?
I got to thinking about the perennial problem of creating secure passwords for internet sites - especially for older folk with difficulty remembering the complex set of letters and numbers that many sites are now insisting that you use. You will have seen how, trying to register on a new site, you are informed that your password is too weak, does not contain enough characters or does not contain a mix of upper case, lower case, numbers or other squiggles. This is why so many people I come across have passwords that (though they might conform to some of the rules) nevertheless are easy to "crack" eg Rover123. Worse still is the repeated use of the same password for different sites.
The Government-sponsored National Cyber Security Centre has been advising home users for some time now that using three random words provides a secure password that is both easy to remember and very hard to crack - even using powerful computers. Read these two related articles on this at
www.ncsc.gov.uk/blog-post/three-random-words-or-thinkrandom-0
and
https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online/use-a-strong-and-separate-password-for-email
It doesn't matter what the words are and you can choose three that are relevant to you. (You are not limited to 40,000 as in the what three words app. The English Dictionary alone has many thousands more). Don't be tempted to use the names of family, pets or your house. It is surprising how easily these can be discovered by criminals (commonly by looking through your Social Media posts) and this vastly reduces the number of words that a hacker has to work through. Also avoid words of less than 4 characters if possible since these tend to be commonly used words; but you can make the words as long as you like. When you choose your 3 words make sure, when you type them in, that there are no spaces between the words (the space character is not permitted in any password); however, you can use punctuation marks like full stops if you wish. Indeed, if you make sure that one or more of your words begins with an upper case letter and make the punctuation mark something like an asterisk, @ sign, £ sign or a number, then you will satisfy all but the most pernickety of web sites. Here is an example:
Balloon&volume9youth
A password constructed like this will be highly secure since the possible combinations of words will run into trillions and will take many years for even the most powerful of computers to "crack".
So far so good but...
Of course we are still left with the problem of remembering these passwords - especially if people have quite a lot of sites they visit and want to adhere to the good advice not to have the same password for different sites. So how can we devise a simple system that uses the three random words principle whilst helping failing memories? Here is one suggestion:
First of all write down in a single column 24 of the 26 letters of the alphabet but leave out X and Z (because there are far fewer words beginning with these letters). Then, against each letter, think up a word starting with that letter. Use a dictionary if you wish. You will then have a page looking something like this:
A Archway
B Balloon
C Citrus
...and so on down to
V Volume
W Whisky
Y Youth
When you want a new password pick three words from your list and insert a punctuation character between the first and the second and a number between the second and the third (as in my example up above Ballon&volume9youth).
So should I write those down in a notebook?
NO! That is wrong. You might as well not have passwords at all - especially if that notebook is left lying around.
So what do I do?
On a separate piece of paper, write down the web site title (forget the www and the .com). Thus you might write 'Amazon'. Against this write down the first letter of each of the 3 words you have chosen interspersed by the punctuation character and number. For added security, it is a good idea to use different characters and numbers on each new password and to vary the letter that you put in upper case. So, if I do this for my example above, I would write
Amazon B&v9y
Note that this is only a clue to your password; it is not the actual password. However, now you can write down this list of all your password clues and even put it by your computer and nobody would be able to guess the actual password. Important. Put the page with the actual 24 words on it safely away in a hidden place and refer to it when you need a reminder. You will probably find that, after a while, you will easily be able to remember what word you selected for each letter.
And finally.......
Apparently you can’t use beefstew as a password. It’s not stroganoff.