This his how I type my password. Any lesson you can learn from it?

Watch this 16 seconds video first , and see the way I type my password. What can you learn from that?

The cursor goes forward, comes back, goes forward, comes back like Peter preaching in Jerusalem.

Wey kind "robbish" that?

Mostly, anyone who stands by to watch how I type my password will either say "check the cursor, it is not at the end of what you typing", or the person will shout "Eiiii Kaunda, what is that?"

Phew! Wapampaso is that!

You want make I use some yawa password so you can steal it just by observing my fingers abe?

Eii, 3ne3 wawe gya [then you chop fire].

Why this back-and-forward?

The advantage of typing password in this "back-and-forward" manner is that, you don't care whether someone is watching over your shoulder or not. The person will hardly get the flow. Even when the person is standing behind you recording it with his phone, it will take a while to track your finger movement when xhe sits to analyze the video.

So just by the way you type your password, you have avoided "over the shoulder" hacking.

So what exactly do I type like that?

Myself, I don't know ooo. It depends on the platform. Every platform and the nyamanyama (robbish) thing I type.

But all roads lead to Rome! All my passwords lead to a "pattern".

The passwords I type follows a formula.

Let's see if we all can figure it out with some clues.

But before the clues, let's go for a quick commercial break.

There is an important announcement I need to make:

And the announcement is that:

The idea that we must change our password every three (3) or six (6) months is plain robbish now. We must get rid of that 18th century advice from our mind. Do not change your password often. It is not practically possible sef. For example, my online accounts might be way over 100. How do you tell me to change all these passwords every three or six months?

Ah, you paa!

You tell me to use different passwords for each account. And you are telling me to change them every 3 or 6 months too.

How? How do I do that?

Or I should use a password manager, and secure the master password with all my might?

Eiii, mmboe!

It is not surprising that even Mr. Bill Blur, the one who recommended this "change password often" practice in 2003, said in 2017 that he has regretted given this advice.

"Much of what I did I now regret" - he said in a 2017 interview with Wall Street Journal.

"Changing your password every 90 days? Most people make minor changes that are easy to guess. Changing Pa55word!1 to Pa55word!2 doesn't keep the bad guys at bay" - he added.

So, what is the recommended practice now?

Get a long password. As looooong as you can.

And never change that until there is a sign that the account is compromised.

What password is considered long?

Minimum of 16 characters (not the usual "8 characters minimum" you see every system recommending. Those are legacy (old age) recommendations.

The "add number, capital letter, small letter, special character" recommendation is equally not that relevant.

Gee, just make sure the thing long waa. It is better to have a password like "i sent the lady momo last night but she no come" all spelt together as (isenttheladymomolastnightbutshenocome) than to have a password like "P{:Udiot23@".

But if you can have it long and with upper, lower, number and special character then eii, you be don!

More also, some platforms are still have those 18th century policies in place that forces you to use capital letter, small letter, number, and special character in your password. So sometimes it is a must to have them. No choice.

For those interested in further reading, I wrote extensively on this "change password often", about 4 years ago - You can read it here if interested.

https://www.modernghana.com/.../never-change-your...

Welcome back from commercial break.

That out of the way, let's see the "clues" I mentioned before the commercial break.

How I generate my passwords?

As said, I generate my passwords using a step by step formula (algorithm).

Let's see an example of such formula I was using in 2015.

Let's use that formula to generate one of my Gmail account's password then (not now, Udiot!).

Formula 1: Is the login account an online account or offline account?

If it is an online account, then the password will start with ON, and if it is offline account (eg, windows login) then the password will start with OFF.

Gmail is online account. therefore the password will start with ON.

Our password: ON

Formula 2: Add the last three letters of the platform, in reverse order, in small letters. The platform in this case is "GMAIL".

The last three letters are "AIL", and writing that in reverse order, in small letters, gives "lia".

Our password: ONlia

Formula 3: Add a "special symbol". In my case, I used the "@" sign. You can use any sign you want.

Our password: ONlia@

Formula 4: Add a constant number. In my case. I was using the year 2010. Currently, I use the year 2045 in the new formula I use.

Our password: ONlia@2010

Formula 5: What is the purpose for creating the account?

I classified my "purposes" into Good, Bad, Ugly.

Our password: ONlia@2010Good

Formula 6: We are done with our password generation. Let's wrap it so that it looks nice.

Here again, you decide what to use to wrap your password so that it looks nice.

In my case, I was using the open and close brackets. "( )".

Our password: (ONlia@2010Good)

Assuming you decide to use full stop to wrap it, then your complete password will be: .ONlia@2010Good.

And, if you decide to use the angle brackets to wrap it, then it becomes

Isn't it lovely? Do you now see why the cursor has to go forward and come back in the video?

What is the advantage of a formula like this?

As said earlier, you dont care about who is watching over your shoulder. And more importantly, using a formula like this, you get unique and long password for almost all your accounts. And the good thing is, you don't have to memorize anything except the formula. And you don't have to write any password on a piece of paper or in a text file.

Let's test what we've learn so far, by answering a question.

Question: Using the formula above, generate the password I was using for one of my yahoo email accounts.

Solution

The platform is "yahoo". The last three letters are "hoo". Writing that in reverse order gives "ooh". It is an online platform. Assuming I had a good intension for creating it.

The password therefore becomes: (Onooh@2010Good)

And if I had a bad intention for creating the account then the password will be (Onooh@2010Bad).

And if the intention is ugly, then the password will be (Onooh@2010Ugly)

Question 2: Can you generate the password I used on the evilzone[.]org platform?

And the final question, the compulsory question, the quetsion that carries 20gh credit.

What was the Facebook password the Online President used in 2015?

Let's go for our second commercial break.

Who else is doing this stupid thing?

I waked up around 2:30AM to complete the Email Marketing chapter of the "coming soon" book: Digital First: The Step by Step Online Business Guide for Digital Citizens.

Now the time is 6:30AM and I have not even written half a page on that.

Adey do something different koraa. This one, ebe "home people" wey dey do me or "outside people" dey do me?

Welcome back from commercial break, the final break.

It is 7:08 now and someone is causing vawulence, forcing me to go and bath. So let me do it quickly.

Just one more thing.

Another way I handle some passwords is not to handle them at all.

For example, I have an account on all websites I've created for people. This is to help me fix issues when the need arises.

I do not bother about these passwords at all. I have not saved them anywhere, and I do not use any formula to generate them.

Anytime I need to login, I just click on the "RESET PASSWORD". A link is then sent to the associated email. I login to the email and reset it to something like odgoiuwoers[ospo[sdfs;dflsdflsd;wier02isd.

I don't care what I type because I don't need to remember it. Anything I need to login again, I repeat the same reset process and set another shit password.

You can consider this too, especially for accounts you don't visit often.

To conclude, don't forget the question:

What was my Facebook password in 2015?

First winner gets 20gh credit. You can chat me on whatsapp (0234809010) or join the facebook comment

Needless to say, don't bother yourself with the email in the video. It is not associated with any Facebook account.

If this post is helpful, please share it.

On this note, I say Wasalaam!

Kaunda