How to use a dictionary to keep you safe

In light of the recent data breach at the credit reporting company Equifax that affects one in two adults in the United States and other instances of security breach in the last several years, many consumers just want to throw up their hands and give up. Systems that store sensitive personal information seem to get hacked on a regular basis. How do we keep our information safe?

It is true that certain aspects of the digital security are out of our hand. Doing this one thing will go a long way to help safe guard our information safe – using a strong password for each of our online accounts. In addition, do not reuse password across multiple accounts and change passwords on a regular basis.

We highlight two ways to create passwords. It is not commonly suggested that dictionary words are used in forming a password. If done right, a dictionary such as the following will be a useful tool for creating strong passwords.

Using familiar words or proper pronouns is a no no. People may get lazy and use proper nouns such as their favorite movies or sport teams. Two examples are:

    PirateOfTheCaribbean

    LosAngelesLakers

Hackers may use a prebuilt list of common words and familiar proper pronouns to hack such passwords. Such list may be just 20,000 words long, not long enough to offer security. In this blog post in the All Math Considered blog (a companion blog), we show how to randomly select 5 words in the dictionary shown above. The following is the example demonstrated in that blog post.

    idioticwideopenevulsionpinheadtheodolite

The above example is a 41-character password. How much better are such passwords? The dictionary in question has about 65,000 words. There would be over 1 septillion 5-word strings that can be formed out of this dictionary. One septillion is 1 trillion times 1 trillion. If a computer or a network of computers can check 1,000 of the 1 septillion possibilities per second, it would take over 1 million years to exhaust all the possibilities. So a brute force attack is not a feasible approach. The hacker will have to find other ways. In this case, the safety of large numbers is on your side.

Remember, for dictionary words to work as passwords, the words must be randomly chosen. See this blog post to see how to select words at random.

Another approach is to use a sentence or sentences that are memorable. Then use the first letter from each word. For example,

    MfmiPoTCaIaadhLALf

The above string is taken from the first letters of the sentence “My favorite movie is Pirate of the Caribbean and I am a die hard LA Lakers fan”. So the same two familiar proper nouns mentioned above can be turned into a memorable phrase for a strong password. See the discussion in this blog post in the companion blog called Talking about Numbers.

combinatorics

strong passwords

Cyber Security

math

Daniel Ma

mathematics

\copyright 2017 – Dan Ma