How to make great passwords

  1. Think of a memorable, eight or nine-word sentence like “Fred is a bad ninja but has 3 nunchucks”.
  2. Take the first word of every sentence to turn it into a password. Result: “Fiabnbh3n”
  3. Test your password using Microsoft Password Checker

That’s it. You’re done! You’ll find that this method results in remarkably easy to remember and strong passwords.

Read more about passwords

Researchers Crack KeeLoq Code for Car Keys

Read the whole story at Threat Level, a Wired blog:

This doesn’t mean Dunkelman can just walk onto a parking lot and open any car that’s the same model of the one he cracked. He still needs to crack the unique key used to open the other cars. But because he already knows the 36 bits that are common to all of the keys for one model of car, it takes only a few seconds to crack those other keys. He can do this by reading the keys wirelessly — for example, while sitting next to a patron at a restaurant or standing near a car when an owner opens it and sniffing the communication between the digital key and the car. Once he has a key’s unique code, he can encode it to a chip in a remote device (which he can do in a couple of seconds in the field) and use it to open and steal the car.

Very interesting. I wonder how car manufacturers will react. Will they recall old keys? Supply an upgrade to the encryption system? Do nothing at all?

P.s. I know I promised to post about how to create great passwords, but that will have to wait until Monday.

Read more about passwords

Defending the Kingdom eBook!

I’ve finished compiling the long-planned Defending the Kingdom eBook, and I’m really happy with it. I think you will be, too.

The book contains all of the best material from this blog (but in shorter, snappier form) as well as a lot of new material.

Download the first 5 pages free to get a taste of what’s inside.

As a bonus, you can download the free eBook Package that will guide you through the difficult (but completely doable) steps required to clear your good name if your identity is stolen. The package contains a list of every organization you need to contact and a worksheet to help you keep track of your efforts as you go. You’ll also find sample letters to creditors, collection agencies, and credit reporting agencies.

The book costs $10, and, in my opinion, it’s worth every dollar. Check out the eBook page to find out more and to buy it. I hope you like it, and I’d love to hear your thoughts and suggestions for a future edition or update.

Read more about Uncategorized

Bad passwords

Hackers and thieves love bad passwords because they’re easy to guess. You might be surprised at how easy it is to guess common password-types. And if a thief can guess your email password, she may be able to get at your bank account or other sensitive information, whether or not you use the same password for both accounts.

Consider this scenario. A hacker finds your personal email address somehow. Then, she guesses your email password. Next, she goes to your bank’s website and claims that she’s lost her password. “No problem,” says the bank website. “We’ll send your password to your email address”. And she’s in.

(continue reading…)

Read more about passwords