Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Encryption Your Rights Online

Generate Memorizable Passphrases That Even the NSA Can't Guess 267

HughPickens.com writes Micah Lee writes at The Intercept that coming up with a good passphrase by just thinking of one is incredibly hard, and if your adversary really is capable of one trillion guesses per second, you'll probably do a bad job of it. It turns out humans are a species of patterns, and they are incapable of doing anything in a truly random fashion. But there is a method for generating passphrases that are both impossible for even the most powerful attackers to guess, yet very possible for humans to memorize. First, grab a copy of the Diceware word list, which contains 7,776 English words — 37 pages for those of you printing at home. You'll notice that next to each word is a five-digit number, with each digit being between 1 and 6. Now grab some six-sided dice (yes, actual real physical dice), and roll them several times, writing down the numbers that you get. You'll need a total of five dice rolls to come up with each word in your passphrase. Using Diceware, you end up with passphrases that look like "cap liz donna demon self", "bang vivo thread duct knob train", and "brig alert rope welsh foss rang orb". If you want a stronger passphrase you can use more words; if a weaker passphrase is ok for your purpose you can use less words. If you choose two words for your passphrase, there are 60,466,176 different potential passphrases. A five-word passphrase would be cracked in just under six months and a six-word passphrase would take 3,505 years, on average, at a trillion guesses a second.

After you've generated your passphrase, the next step is to commit it to memory.You should write your new passphrase down on a piece of paper and carry it with you for as long as you need. Each time you need to type it, try typing it from memory first, but look at the paper if you need to. Assuming you type it a couple times a day, it shouldn't take more than two or three days before you no longer need the paper, at which point you should destroy it. "Simple, random passphrases, in other words, are just as good at protecting the next whistleblowing spy as they are at securing your laptop," concludes Lee. "It's a shame that we live in a world where ordinary citizens need that level of protection, but as long as we do, the Diceware system makes it possible to get CIA-level protection without going through black ops training."
This discussion has been archived. No new comments can be posted.

Generate Memorizable Passphrases That Even the NSA Can't Guess

Comments Filter:
  • by hatemonger ( 1671340 ) on Thursday March 26, 2015 @04:01PM (#49349375)
    Diceware is a great recommendation, but you're missing one key consideration: password reuse is a larger danger to users than is having a weak password. The Apple iCloud hack is one of the few in recent memory where a password-related breach wasn't tied to password reuse. What happens most of the time is that a site is vulnerable to SQL injection gets their users table stolen, and "bad guys" use that information to try accounts on related sites. If the compromised website was using a bad (i.e. fast) password hashing algorithm, then having a good password will protect you a little, but you're playing with fire. Password cracking techniques have been advancing exponentially, as has GPU power. But if this site is using reversible encryption or storing passwords in plaintext (which still happens with alarming frequency) then all your other accounts are at risk from the one breach regardless of how great your password is. Of course, if they're using a good password algorithm like PBKDF2 or bcrypt, even a mediocre password will be relatively safe. But what are the chances that every site you've registered with is using a good password algorithm? Probably zero. How can you check the password storing technique of a site you're about to register with? You can't.

    Yeah, you could make an algorithm to modify your password across sites so that you can memorize it yet it'll be different, but as "bad guys" combine information from multiple leaks, any algorithm you come up with will be vulnerable to reverse engineering. Especially if your online identity is valuable. The real solution is to use password management software like KeePass, LastPass, or 1Password. Lock your password program with your good password from Diceware, and use unique, truly random passwords for all the websites you've registered on.
    • by mlts ( 1038732 ) on Thursday March 26, 2015 @04:09PM (#49349459)

      I prefer 2FA when possible. Even a very tough password means nothing if by some means, it gets sniffed by some keylogger, or the password database on a cloud provider gets brute-forced.

      For storage where one is using a passphrase for encryption, as opposed to authentication, I like using cryptographic tokens. TrueCrypt used to work with a PKCS#11 library so I could store a keyfile on a set of Aladdin/SafeNet eTokens. This not just made the key immune to brute force guessing... someone who physically possesses the token has three guesses of my unlocking passphrase before the token locks itself forever and zeroes out the stored keyfile. This also works with Symantec's PGP version, except that generates a public/private keypair, the private keypair always remaining on the token, while the public part is used for the file/drive encryption.

      If 2FA isn't possible, then as above, some mechanism to help with password reuse is very wise. This is useful just in case some website decides to store passwords in plain text, so a person's secure "correct horse battery staple" is now compromised and added to every blackhat's brute forcing library.

      • by ghmh ( 73679 ) on Thursday March 26, 2015 @04:50PM (#49349827)

        "correct horse battery staple"

        That's amazing! I've got the same combination on my luggage!

      • by tepples ( 727027 ) <tepplesNO@SPAMgmail.com> on Thursday March 26, 2015 @05:24PM (#49350077) Homepage Journal

        someone who physically possesses the token has three guesses of my unlocking passphrase before the token locks itself forever and zeroes out the stored keyfile

        If fat-fingering your passphrase thrice will make your data permanently inaccessible, then you better have damn good backups and a damn good data plan with which to restore them when and where you need your data.

        • by mlts ( 1038732 ) on Thursday March 26, 2015 @05:36PM (#49350169)

          I have a third option: An admin passphrase that is a lot longer than my user passphrase, but had more retry attempts. That way, if the short passphrase gets typoed, I can still unlock the device with the admin one.

          You are right about backups... that is why I have three of the USB tokens, just in case.

          • by rtb61 ( 674572 )

            I have a even simpler option. Use a pass phrase that you can easily remember. Now before you use that pass phrase, pass it through an encryption program that will encrypt it in the same manner every time. Then use that encrypted content as the actual password. Now that encryption is done locally on the fly and it never passes across the internet nor is it stored any where, except locally. By the addition of one step it becomes very complex whilst still in reality being easy to remember. When you want to acc

        • by AK Marc ( 707885 ) on Thursday March 26, 2015 @07:59PM (#49351057)
          Yeah, the kids locked my wife out of her iPhone. She put on a password, not thinking it through. The kids kept trying to get in past all the warnings and such, and not reading anything they were doing. It was only after it stopped letting them try to log in that they gave up. I didn't put a password on my phone because the version of Android I'm using makes 911 a 1-click when you are on the login screen. After having to say "sorry misdial" a few times (can't just hang up when you realize what happened, or the police come looking for you), I removed the password, so that 911 isn't a single click away.
    • A way to get "halfway there" and increase your security without having a separate password for every single site is to have passwords by security level. For all the crapware websites you have one password, for work use one password, then use frequently changed high security pass phrases for certain specific sites, like one for each major bank you use and one for each major email account, etc. You don't need a hundred passwords just because you have been forced to create useless profiles on low security site
      • Treating numerous accounts as "low security" and reusing your passwords across them is still dangerous, in my opinion, but it's up to you whether the effort of storing those extra passwords in your password management program is worth the added security. Information gleaned from multiple "low security" accounts could potentially be combined to get access to your high security accounts. And once you get password management software set up, I've found it's much easier than remembering and typing, even for the
      • by TWX ( 665546 ) on Thursday March 26, 2015 @04:23PM (#49349579)
        I stopped using Groklaw back in the day because they started requiring excessively complex passwords. They seemed to feel that their forums were rather important, when in fact the only really important part was what people could read, not what they would post.

        I'm sure that most of us would be upset if our accounts on various forums or bulletin board systems were compromised, but it wouldn't be life-altering for the vast majority of us. Social Media that's designed to avoid anonymity like Facebook would be worse but still ultimately doesn't affect one's bottom-line, but things like banks and e-mail services where everyon's stuff ultimately consoldiates are much more important.

        I wish that we could trust central ID systems, where we could create an account on a forum site with a unique user ID and then link that user ID to a central authentication database so that our central credentials give us acces via that unique user ID, but I just don't trust the authentication databases. I'm already leery enough of Active Directory that I don't use work passwords anywhere else to begin with, but companies providing such a service don't necessarily know what they're doing, and they're probably too willin to hand over information for what sites people would need authentication to as well.
        • by Fwipp ( 1473271 )

          I wish that we could trust central ID systems, where we could create an account on a forum site with a unique user ID and then link that user ID to a central authentication database so that our central credentials give us acces via that unique user ID, but I just don't trust the authentication databases. I'm already leery enough of Active Directory that I don't use work passwords anywhere else to begin with, but companies providing such a service don't necessarily know what they're doing, and they're probably too willin to hand over information for what sites people would need authentication to as well.

          You mean OAuth?

        • by dbIII ( 701233 )

          I stopped using Groklaw back in the day because they started requiring excessively complex passwords.

          People were being paid to disrupt Groklaw and even stalk and shame the founder. It's not paranoia when serious cash is being splashed to deface your website and a fucking insane horror writer (who pretends murdering ghosts are real) is parked across from your house watching your front door.
          It's a special case.

    • by PetiePooo ( 606423 ) on Thursday March 26, 2015 @04:11PM (#49349473)

      ... password reuse is a larger danger to users than is having a weak password.

      The best of both worlds: use a six-to-eight word diceware password for your password manager, and generate a long, random password for everything else.

      • by AikonMGB ( 1013995 ) on Thursday March 26, 2015 @04:23PM (#49349561) Homepage

        ... password reuse is a larger danger to users than is having a weak password.

        The best of both worlds: use a six-to-eight word diceware password for your password manager, and generate a long, random password for everything else.

        This. I also use a separate diceware password for my primary email. That way if someone does manage to break/steal my password manager database, I still have secure and sole access to my email, which many sites will require for you to re-gain control of your account.

        • Re: (Score:3, Interesting)

          Your personal email is the most important account you have for the reason you set forth: you can use it to reset passwords to all of your other accounts! That's why I use Google Mail along with the FIDO U2F dongle. This makes my email really secure.

          • The U2F project is one of the really good things google did. I hope it becomes successful. I hate mobile phone "2 factor" authentification because you give them basically your identity, its hard to work with (entering weird numbers?!), and relies on 3rd parties (telcos, security of the mobile network).

      • reminds me of a guy who posted to the bitcoin section of reddit, he stumbled on some 67 bitcoins because he'd miss-typed in one one of those long passphrases with supposedly random words.

    • And it is still vulnerable to the crowbar hack. Especially if you have to carry a piece of paper with you while you're trying to commit it to memory.
    • by Kjella ( 173770 )

      The real solution is to use password management software like KeePass, LastPass, or 1Password. Lock your password program with your good password from Diceware, and use unique, truly random passwords for all the websites you've registered on.

      At the cost of travelling around with the keys to the kingdom. Imagine you're on vacation and you want to pop into an internet cafe and log into /. because abstinence. Except it has a keylogger/trojan that'll steal your key file and your master password. Now you've compromised your email, online bank, ebay, paypal, steam and all the other passwords that might really matter. Personally I tend to keep three:

      1) My mail, because it gets all the password resets.
      2) My bank, but it's using two-factor anyway.
      3) My

      • Re: (Score:3, Funny)

        by hatemonger ( 1671340 )
        No, when you're traveling you use the mobile app to access your password database, read it off your phone, and then you type it into the infected computer. No need to be stupid about it.
        • by jonwil ( 467024 )

          Or better yet, dont use an internet cafe or other public computer to do anything sensitive and just read websites on your phone if you really have to.

    • A site dependent key to your phrase?

      Base: correcthorsebatterystaple
      Site specific(first thrid and fifth chars of the domain (sah for slashdot.org)): sahcorrecthorsebatterystaple

      Seems pretty ironclad even if the password gets exposed. I guess someone who really wanted *your* particular password could figure out the method but all of those things coming into alignment seems like the edge of edgiest cases.

      The biggest problem I see is that a lot of the sites that really should have the most secure passwords (

    • Re: (Score:2, Funny)

      by Anonymous Coward

      Now I know where Pink Floyd got early song titles from.

    • This is an interesting approach, but I see one flaw: If this sort of technique be comes common, wouldn't an attacker just need to know what word list you 'rolled' your password on and then can just brute force all the password combinations from that list?

      Example, pretend that you had to pick a password for a new website that only allows all uppercase English characters, with no numbers or symbols allowed (just to keep the math simple). A normal ten character password gives an attacker 26^10 possibilities
      • by suutar ( 1860506 )

        Math issue: 6 words from a list of 1000 is 1000^6 possibilities, not 1000^4, so you're looking at a million seconds rather than 1, or 11 and a half days. Not a whole lot better, but one more word makes it a billion seconds, or 31+ years. (I think you got the 4 from the number of letters per word, which as you point out is not really a relevant factor.)

  • Yes, but.... (Score:5, Insightful)

    by djbckr ( 673156 ) on Thursday March 26, 2015 @04:03PM (#49349391)
    What about the sites that restrict the length of the password? The only thing I have to say to them is, "You're doing it wrong".
    • ...or even worse, sites that require you to use a specific combination of alphanumeric, numbers, special characters, the blood of a newborn kitten, etc.

      • My bloody bank required 8-12 characters, and required uppercase, lowercase, digits and special characters.

        Obviously the lovely scheme that is suggested here isn't going to work with that. On the other hand, when you are using an iPad, a 30 character all lowercase password is quicker and easier to type and more likely to get right than 8 uppercase/lowercase/digits/special characters. Now imagine if they allow space characters in the password and turn the spelling checker on as well.
    • Or the other sites that simply truncate your input without telling you, so when you put in 40 characters it only takes 16?
      8 character limits were common up until a few years ago. Today I still see 16 (and 15 because of broken front ends) effective limits. 32 seems to be the most common.

      • 8 character limits were common up until a few years ago. Today I still see 16 (and 15 because of broken front ends) effective limits. 32 seems to be the most common.

        I still see them far too often. My normal password patterns are different than the ones presented but still several words long. Many places requiring accounts still greet me with "Password must be between 6-8 characters, and must contain at least one uppercase letter, lowercase letter, number, and symbol."

        I also too-frequently get "Passwords must not contain a space". It prevents me from entering my password of "correct horse battery staple", which is really annoying.

    • Re:Yes, but.... (Score:4, Interesting)

      by khasim ( 1285 ) <brandioch.conner@gmail.com> on Thursday March 26, 2015 @04:46PM (#49349791)

      Let's be a bit more specific about that.

      If they're restricting the length to something like 8 or 12 or 16 instead of 128 or 256 then they are PROBABLY not hashing the passwords.

      Which means that your password is PROBABLY being stored in plain text (or possibly encrypted). NEITHER of which are acceptable methods today.

    • What about the sites that restrict the length of the password? The only thing I have to say to them is, "You're doing it wrong".

      There is something deeper behind this. There is no technical reason why password length should be restricted as the resulting hashes are the same length effectively. Every time I see a max password length I can't help but wonder if the reason is limited space in a database column and that some braindead idiot is storing the passwords in plaintext.

      Every time I come up with a password that has a maximum entry I ensure I use a strictly unique password.

      • There is no technical reason why password length should be restricted

        Other than that a user has to finish accurately typing the passphrase on a mobile device's on-screen keyboard before the CSRF key for the login form times out.

  • by Joe Gillian ( 3683399 ) on Thursday March 26, 2015 @04:03PM (#49349395)

    Many websites, especially those designed to be more secure (banking, education, employment) still require passwords in a certain form (usually requiring some combination of caps, numbers, and special characters) and don't allow passwords like these.

    • by mlts ( 1038732 )

      I wonder if the ideal password manager would be one that would use a typed in password as a seed/IV (hash a seed and the sitename), with exceptions stored for sites which don't allow passwords generated with that tool to work. Some sites require a number, a capital letter, lower case letter, a symbol (well, not all symbols work), or some other random, annoying combination of the above.

      Of course, the ideal password manager would store the password database with a master volume key, then each device accessin

  • Dosent the NSA have backdoors in every encryption algo we know ?
    • Re: (Score:3, Informative)

      by hatemonger ( 1671340 )
      Exactly the opposite: "Encryption works" was one of the key points made by Edward Snowden. The NSA found it much easier to just bypass encryption. There are some instances where we suspect the NSA has had a hand weakening or backdooring some algorithms (like recommending odd seed values for elliptic curve cryptography) but nothing definitive.
    • by ArcadeMan ( 2766669 ) on Thursday March 26, 2015 @04:10PM (#49349463)

      ROT13 is pretty safe, especially if it's used twice.

    • Probably. The concept of a useful one-way function is absurd on the face of it.
      Sure, f(x) = 0x is one-way - given 0 as an output you'll never guess the input. But it's not useful because all we need to do is guess any input that leads to the desired output.

      • by suutar ( 1860506 )

        yep. Which is why hashes are long and getting longer - more inputs to try in order to find the output needed.

  • Hey Dice, go teach your grandmother to suck eggs.

  • xkcd... (Score:2, Insightful)

    by Anonymous Coward

    How's that any different from http://xkcd.com/936/?

    • Well, the obvious difference is you can't use "correct horse battery staple", because the NSA knows about that one. Their CIA colleagues probably managed to extract it using the $5 wrench decryption algorithm. [xkcd.com]

    • by Kjella ( 173770 )

      How's that any different from http://xkcd.com/936/ [xkcd.com]?

      And if you want to make it exceptionally strong, you combine those techniques. "correct horse battery staple" is strong, "correcT horXe batt6ery st&ple" is heat death of universe-strong and actually not much harder to learn.

      • It's difficult to quantify "hard to remember-ness" but I strongly suspect that if you could normalize for difficulty remembering a password, adding more words is more efficient that mutating existing ones for a looooong time.

        It's not that hard to memorize Shakespeare's "To be or not to be" soliloquy character-for-character even though it uses terms and turns of phrase that are no longer current or even grammatical. I had to do that in grade 11, I thought it was dumb, but I remember it to this day, complete

  • by ArhcAngel ( 247594 ) on Thursday March 26, 2015 @04:06PM (#49349419)
    I thought we were just supposed to use

    CorrectHorseBatteryStaple
  • is usually the only reason i have one. passwords are the inter-nets TSA.
  • 6 sided dice? (Score:5, Informative)

    by 31eq ( 29480 ) on Thursday March 26, 2015 @04:18PM (#49349535) Homepage

    makepassphrase()
    {
    # Requires GNU sort
    grep -vF "'s" /usr/share/dict/words |
    sort -R --random-source=/dev/urandom | head -${1-5} |
    while read word
    do
    printf "%s " "$word"
    done
    echo
    }

  • change your username (Score:5, Interesting)

    by jd142 ( 129673 ) on Thursday March 26, 2015 @04:20PM (#49349545) Homepage

    I forget where I first read it, but this sounds like a good workaround. Pick a nice secure-as-you-want password. But each website gets a different username. It sounds like most attacks are of the kind "joe_bob uses P4$$word on amazon, let's see if joe_bob uses P4$$word on this banking site too." They don't seem to be looking to see if joe_bob_amazon is the same account as joe_bob_wellsfargo. Or you could be joe_a_bob and joe_wf_bob.

    Even better is if you have some control over your email accounts. They are probably smart enough to see joe.bob@gmail is j.o.e.bob@gmail(although that does let you filter incoming mail a little easier). But if you have control over the domain you have a catch all address and be me_amazon@myplace.com and me_wellsfargo@myplace.com.

    • by khasim ( 1285 )

      Seconded on the different email addresses. And you don't have to own your own domain for that. Just make some random'ish gmail account and use that ONCE for more secure requirements (like your bank).

      The trick is to prepare them in advance. And write them down in a PHYSICALLY secure location.

      If you're using the same email account for your bank as you use on Facebook then your security could be improved.

  • well.. there's also watchout4snakes [watchout4snakes.com]. I think it succeeds at being memorable more often with some tuning choosing the parts of speech and the commonness of each

  • by Bo'Bob'O ( 95398 )

    Sorry, I'll only use my lucky D20.

  • "You should write your new passphrase down on a piece of paper and carry it with you "

    Boy, that is NOT a security risk, is it? Of course, you always hide your hands under a towel when you enter the PW, right?

    That keeps your screen's 'selfie' camera from allowing reading the key clicks off of the reflection on your cornea. Good, right?

    Pick the start of the sentence or book title you have on your shelf all the time to serve as a reminder and PW source or a short sentence on a card in your wallet.

  • I'll stick with my script, that generates strings based on passphrases :-)
    cap liz donna demon self ---> ÍÅÏÜvÉ?#{c?>î/Û'7£Ûó¾n>Vî

    Of course, here on slashdot that string will get reamed (6 characters removed), as not only does slashdot not do Unicode or UTF-8, it can't even handle upper-ansi characters properly either.
  • aj bq cccc dhabi exxon fmc ... zx ##

    Yeah, lots of English there.
  • You should write your new passphrase down on a piece of paper and carry it with you for as long as you need.

    Whole point of this news article = pointless.

  • by hawguy ( 1600213 ) on Thursday March 26, 2015 @04:36PM (#49349709)

    This procedure assumes fair, unbiased dice. For years, the NSA has required precise machining of dice to generate predictable rolls. Once someone cracks the code, Casinos will lose billions.

    What, other than precision machining, would explain why plastic dice with a materials cost of pennies cost over $2/each [amazon.com]?

  • All you have to do is remember a SYSTEM. One system for turning some known information into a password.

    Lets say you want a password of Slashdot and you username is someuselessshithead15 .

    A simple password could sD!sUSH15

    The system I just made up is the first letter of word in the name of the site. Nouns are all capitalized. An exclamation point to seperate the name of the site from the screen name. And the screen name is written the same way as the name of the site with only the first letter of every word i

  • Word was 'apathy"

  • As someone who dabbles in genealogy, one approach I've used for creating hard-to-crack yet easy-to-remember passphrases is to base them on one or more of my ancestors who have unusual, antiquated names. (Any genealogist will memorize those without even trying.) Of course, to make these passphrases harder to crack, you can throw in numbers such as their birth year, capitalize certain letters from a small memorized list, add your favorite symbol, etc.

    I don't have any way to prove that this really works, but

  • by Irate Engineer ( 2814313 ) on Thursday March 26, 2015 @04:52PM (#49349843)

    https://xkcd.com/538/ [xkcd.com]

    If they can't afford enough computer to crack your passphrase, they can still afford a $5 wrench

    • https://xkcd.com/538/ [xkcd.com]

      If they can't afford enough computer to crack your passphrase, they can still afford a $5 wrench

      If they can't afford someone to reply to the correct article [slashdot.org], they can still afford a $5 wench.

  • Rather than that one, long, randomly generated password that then gets used on every site (or few passwords over many sites), I use a standard password, and modify it for each site. For instance, my slashdot pass might be horsebattery!SLASHDOT!staple, while my bank might be horsebattery!CHASE!staple. Easy to remember, and stealing the password from one site won't help on another.

    (Yes, a person looking at the data might be able to figure it out, but I figure that unless I'm personally being targeted that w

  • Thanks for compiling a character sequence list and explaining the algorithm...

  • the CIA can get with a rubber-hose.
  • Ok, if I'm writing a webapp that accepts a password, presumeably if I wanted to increase security somewhat I would put in a guessing rate limiter.
    5 strikes and you're out (for a while).

    So assuming (a reasonable assumption still in most cases, I hope) that the adversary does not have the file of password hashes, how exactly do they try the trillion guesses per second?

    Explain please. I'm sure I'm missing something obvious.

    • by Asgard ( 60200 ) *

      Lacking access to the password data base AND assuming a rate-limiter, the attacker can't realistically try a brute-force.

      However, most of the time the password list is exposed in some way and attacked offline to get the original passwords.

  • Comment removed based on user account deletion
  • "7,776 English words"

    So, less than 1/40th of the English Language.

    What a short surface for a dictionary attack.

    Slashdot needs to get some real people with REAL technical capability on-board. Timothy obviously can't figure out that HughPickens.com is a complete fucking idiot that can't determine whether or not the stories are worth a fuck for reporting (plus, the fag is shilling in his username alone.)

    • by suutar ( 1860506 )

      7776^7 possibilities (in a seven word phrase) is a "small surface"? That's 15 million years to brute force, on average; what duration are you looking for?

  • Using Diceware, you end up with passphrases that look like "cap liz donna demon self", "bang vivo thread duct knob train", and "brig alert rope welsh foss rang orb".

    This is easy to remember?

    Oh, and by the way, did anyone try this out using the touch keyboard of a smartphone or tablet?

  • You are not going to type a sentence every time your screen locks after 10 minutes of inactivity. The solution is really 2 factor authentication with a decent conventional 8 character password. Maybe even 3 factor - something you are (fingerprint), something you have (bluetooth-enabled phone in the pocket) and something you know (simple pin).

  • My dice just came up with:

    35356
    43231
    12551
    65212
    46355

    Now I gotta look up the words, right?
  • The whole point in using passwords and passphrases is that the point of entry (the screen or page where you enter it) can't be reproduced millions of times per second. If a human can only press "enter" once per second, it will take a long time for a hacker (NSA or otherwise) to brute force through. If the attacker can get his hands on the password stored in the system (encrypted or not) the game is already lost.

    Besides: anyone can think up a poem or a mnemonic for a password using random letters and/or numb

Let's organize this thing and take all the fun out of it.

Working...