|
Synopsis: For infrequently used passwords, use a password-creating algorithm.
For a medium to high-risk Account Category, a single password isn't appropriate, because you might compromise all accounts in that category. On the other hand, if there are too many accounts in that category, you may not want to come up with an individual password for each of them, in particular if you use the accounts only infrequently.
Therefore, develop a password-creating algorithm for such a high-risk but infrequently used category.
For example, the account name or service provider may serve as the input to the algorithm, and a password unique to this account is the output of the algorithm.
Also, other elements of the context may seed a simple password-creating algorithm based on a personal category such as sibling initials and birth dates plus non-alphanumeric Password Salt. These can be easy for a particular individual to generate, but fairly difficult for an outsider to regenerate, without resorting to an intrusive search of personal information regarding the generators of said passwords.
Previous pattern: Password Salt
Next pattern: Codebook
Contributors: Dirk Riehle, Anonymous Contributor
|