Library@Kendriya Vidyalaya Pattom

Where Minds meet and Ideas pop up !

Passwords aplenty

Dec 18th 2009 | LOS ANGELES


How to stay sane as well as safe while surfing the web

AT THIS time of the year, your correspondent crosses the Pacific to Japan for a month or so. He repeats the trip during the summer. He considers it crucial in order to keep abreast of all the ingenious technology which, once debugged by the world’s most acquisitive consumers, will wind up in American and European shops a year or two later.

Each time he packs his bags, though, he is embarrassed by having to include a dog-eared set of notes that really ought to be locked up in a safe. This is his list of logons and passwords for all the websites he uses for doing business and staying in touch with the rest of the world. At the last count, the inch-thick list accumulated over the past decade or so—your correspondent’s sole copy—includes access details for no fewer than 174 online services and computer networks.

He admits to flouting the advice of security experts: his failings include using essentially the same logon and password for many similar sites, relying on easily remembered words—and, heaven forbid, writing them down on scraps of paper. So his new year’s resolution is to set up a proper software vault for the various passwords and ditch the dog-eared list.

Your correspondent’s one consolation is that he is not alone in using easily crackable words for most of his passwords. Indeed, the majority of online users have an understandable aversion to strong, but hard-to-remember, passwords. The most popular passwords in Britain are “123” followed by “password”. At least people in America have learned to combine letters and numbers. Their most popular ones are “password1” followed by “abc123”.

Unfortunately, the easier a password is to remember, the easier it is for thieves to guess. Ironically, the opposite—the harder it is to remember, the harder it is to crack—is often far from true. That is because, not being able to remember long, jumbled sets of alphanumeric characters interspersed with symbols, people resort to writing them down on Post-it notes left lying around the office or home for all and sundry to see.

Apart from stealing passwords from Post-it notes and the like, intruders basically use one of two hacks to gain access to other people’s computers or networks. If time and money is no problem, they can use brute-force methods that simply try every combination of letters, numbers and symbols until a match is found. That takes a lot of patience and computing power, and tends to be the sort of thing only intelligence agencies indulge in.

A more popular, though less effective, way is to use commercial software tools such as “L0phtCrack” or “John the Ripper” that can be found on the internet. These use dictionaries, lists of popular passwords and rainbow tables (lookup tools that turn long numbers computed from alphanumeric characters back into their original plain text) to recover passwords.

According to Bruce Schneier, an independent security expert, today’s password crackers “can test tens—even hundreds—of millions of passwords per second.” In short, the vast majority of passwords used in the real world can be guessed in minutes. And do not think you are being smart by replacing the letters “l” or “i” in a password with the number “1”; or the letter “s” with the number “5” or the symbol “$”. Cracking programs check all such alternatives, and more, as a matter of course.

What should you do to protect yourself? Chose passwords that are strong enough to make cracking them too time consuming for thieves to bother.

The strength of a password depends on its length, complexity and randomness. A good length is at least eight symbols. The complexity depends on the character set. Using numbers alone limits the choice to just ten symbols. Add upper- and lower-case letters and the complexity rises to 62. Use all the symbols on a standard ASCII keyboard and you have 95 to choose from.

The third component, randomness, is measured by a concept borrowed from thermodynamics—the notion of entropy (the tendency for things to become disordered). In information theory, a tossed coin has an entropy of one “bit” (binary digit). That is because it can come down randomly in one of two equally possible binary states.

At the other extreme, when you set the encryption of a Wi-Fi link, you are usually given the choice of 64-bit or even 128-bit security. Those bit-numbers represent the entropy (or randomness) of the encryption used. A password with 64 bits of entropy is as strong as a string of data comprising 64 randomly selected binary digits. Put another way, a 64-bit password would require 2 raised to the power of 64 attempts to crack it by brute force—in short, 18 billion billion attempts. A 64-bit password was finally cracked in 2002 using brute-force methods. It took a network of volunteers nearly five years to do so.

The National Institute of Standards and Technology, the American government’s standards-measuring laboratory in Gaithersburg, Maryland, recommends 80-bit passwords for state secrets and the like. Such security can be achieved using passwords with 12 symbols, drawn from the full set of 95 symbols on the standard American keyboard. For ordinary purposes, that would seem overkill. A 52-bit password based on eight symbols selected from the standard keyboard is generally adequate.

How to select the eight? Best to let a computer program generate them randomly for you. Unfortunately, the result will be something like 6sDt%k&3 that probably needs to be written down. One answer, only slightly less rigorous, is to use a mnemonic constructed from the first letters (plus contractions) of an easily remembered phrase like “Murder Considered as One of the Fine Arts” (MCa1otFA) or “To be or not to be: that is the question” (2Bo-2b:?).

Given a robust 52-bit password, you can then use a password manager to take care of the dozens of easily guessable ones used to access various web services. There are a number of perfectly adequate products for doing this. In an early attempt to fulfil his new year’s pledge, your correspondent has been experimenting with LastPass, a free password manager that works as an add-on to the Firefox web browser for Windows, Linux or Macintosh. Versions also exist for Internet Explorer on Windows and Safari on the Mac.

Once installed and given a strong password of its own, plus an e-mail address, LastPass encrypts all the logons and passwords stored on your computer. So, be warned: forget your master password and you could be in trouble—especially if you have let the program delete (as it urges you to let it do) all the vulnerable logons and passwords on your own computer.

Thereafter, to visit various web services, all you have to do is log into LastPass and click the website you wish to check out. The tool then automatically logs you on securely to the selected site. It will even complete all the forms needed to buy goods online if you have stored your home address, telephone number and credit-card details in the vault as well.

Your correspondent looks forward to using the service while travelling around Japan over the next month or so. To be on the safe side, however, his dog-eared list of passwords will still go with him.

Courtesy: The


Filed under: Online safety Tips, ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

कृपया हिंदी में पढ़ें

Live updates

Library@KV Pattom


Welcome to the official Library blog of Kendriya Vidyalaya Pattom, Thiruvananthapuram, Kerala, India, launched in September 2007.

7 Million Hits and counting..

Thank you all for making this blog a great success.

You are the visitor, No

  • 7,370,786 hits

Upcoming Events

No upcoming events

Visit your Library

Browse Books and Periodicals. Read Newspapers. Pick a New Book from the ‘New Arrivals’ rack. Search the Internet and the OPAC. Refer for assignments and projects. Suggest a book. Ask a question.Write your comments. And more…Visit the Library Today itself. You are most welcome.

KVS Innovation and Experimentation Award 2011 & 2016

"Library Junction" and "Face a Book Challenge" have won the KVS Innovation and Experimentation Award in 2011 and 2016 respectively.

All India Competition on Innovative Practices and Experiments in Education for Schools and Teacher Education Institutions 2010-’11

'Library Junction' won the "All India Competition on Innovative Practices and Experiments in Education for Schools and Teacher Education Institutions 2010-'11" conducted by NCERT.

Website of the Week

Telephone Reference

+91 9447699724 (Librarian)

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 5,868 other followers

Ask your Librarian

Subscribe SMS updates

Send: ON Library_KVPattom to 9870807070


RSS This day in History

  • Pompey defeated by Julius Caesar at the Battle of Pharsalus: 9 August 48 - This Day in History
    During the Roman Civil War of 49–45 , Julius Caesar's troops on this day in 48 decisively defeated the army of Pompey at the Battle of Pharsalus, causing Pompey to flee to Egypt, where he was subsequently murdered.More Events on this day:1945: The second atomic bomb dropped on Japan by the United States in World War II struck the city of Nagasaki.1 […]
  • Amedeo Avogadro: Biography of the Day
    Amedeo AvogadroBorn this day in 1776, Amedeo Avogadro of Italy showed that, under controlled conditions of temperature and pressure, equal volumes of gases contain an equal number of molecules—what became known as Avogadro's law.
  • Concise Encyclopedia Book and CD-ROM: Special Price from The Britannica Store
    For RSS subscribers The Britannica Store presents a special 20% discount on the Concise Encyclopedia and free CD-ROM. This thoroughly revised and expanded edition of Britannica's most popular publication worldwide is a one-volume encyclopedia containing 28,000 articles accompanied by colorful photographs, diagrams, maps, and flags. The Britannica Concis […]

Library Bookmark

InfoLit India: Information Literacy Project for Young Learners

<!– Global site tag (gtag.js) – Google Analytics –>

window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag(‘js’, new Date());

gtag(‘config’, ‘UA-110661763-1’);

<!– Global site tag (gtag.js) – Google Analytics –>

window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag(‘js’, new Date());

gtag(‘config’, ‘UA-11842201-1’);




Real time News on Kendriya Vidyalayas on the web

RSS kVS News Digest

  • Friends come together to help NDA candidate's social media campaign
  • STC BSF observes Martyrs week, honors Inspector Alex
  • Admission process under way at new Udumalpet KV
  • Three bike-borne men snatch govt. official's mobile phone
  • DC chairs Vidyalaya Management Committee meeting of KV Bhadarwah

Little Open Library (LOLib)

Tools for Every Teacher (TET)

KV Pattom in Media

FaB Best Performers 2017-’18

Meera Nair & Kalyani Santhosh

Face a Book Challenge

e-reading hub @ Your Library

Follow Us on Twitter

Learn anything freely with Khan Academy Library of Content

A free, world-class education for anyone, anywhere.

Interactive challenges, assessments, and videos, on any topic of your interest.

Child Line (1098)

CHILDLINE 1098 service is a 24 hour free emergency phone outreach service for children in need of care and protection.

CBSE Toll Free Tele/Online Helpline

Students can call 1800 11 8004 from any part of the country. The operators will answer general queries and also connect them to the counselors for psychological counseling. The helpline will be operational from 08 a.m to 10 p.m. On-line counseling on:

Population Stabilization in India Toll Free Helpline

Dial 1800-11-6555 for expert advice on reproductive, maternal and child health; adolescent and sexual health; and family planning.

Kendriya Vidyalaya (Shift-I)
Thiruvananthapuram-695 004
Kerala India

Mail: librarykvpattom at

%d bloggers like this: