Security

So, this post goes under a new category, creatively named the same as this post: Security.

Security has been on my mind a lot recently. I’m not for sure entirely certain why. Snowden has certainly been a part of it. There’s something remarkably unsettling about the thought of people, even the “good” people at the NSA, reading private correspondence, having access to any account you own, etc. The idea that privacy is a fiction somehow strikes me at my core. As such, following Snowden has become, kind of unintentionally, a pet hobby of mine. And as a result, I’m finding myself more interested in cryptography and security.

None of this is to say that I have any actual expertise in the field. Straight up: I don’t. I know more than your average Windows user, perhaps, but that only comes from reading articles on security. I really don’t know the technical stuff yet. I find myself repeatedly feeling like knowing more about this stuff is damaging to my health since it makes me nervous. Rather than feeling more secure, the more I read the less secure I feel. But that’s OK. I think I’m actually learning and/or will learn such that it won’t make me less worried. Time will tell, I suppose.

Anyway, today’s learning told me that feeling secretive about my methods of choosing passwords or how I store passwords is foolish. It essentially constitutes security through obscurity, which every security expert I’ve read says is stupid. So today, despite my misgivings, I installed a password manager and had it create a “secure” password for me, which was certainly more nonsensical than any I’ve had before. Of course, for that, I still have to have an actual password to unlock it. For that, I continue to use a method that I’ve since seen recommended by security experts repeatedly (mainly because it makes sense). Take a phrase that means something to you but is largely unknown (i.e., not Psalm 23), and take some letters from the words in a meaningful way to you, such as the first letters. Then add randomness in it. So, if the 23rd Psalm, it might be “tlims$isnwHmmtldigp”. Which, if you aren’t familiar with the Bible (and you should be), is, “The Lord is my shepherd (random bit), I shall not want. He maketh me to lie down in green pastures…” Obviously, if you choose an obviously famous quotation (like the 23rd Psalm), and if this method becomes popular, you’re potentially screwed. It’s still better than 12345, of course. But if you were to take another random sentence, such as “I like to drive to Montana Tech College, and eat dried prunes,” assuming that means anything to you, you could convert that to iltdtMTCaedp, and add some randomness in it, and it’d be fairly easy to recall, but difficult to crack.

Anyway, I want to become more knowledgeable about this subject and will likely post more here as I go along.

This entry was posted in Security. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *