Nono.MA
Sketch.Nono.MA

Algorithmic passwords: A simple method to secure your accounts

If you use a password often enough, you'll be able to type it without looking. Of course, the more complex, the harder it'll be for you to enter a password without looking at your keyboard, and some may be so long or complex that you won't ever get there. As we use digital devices more and more, passwords become part of our daily friction. They are barriers for others to steal information and assets from us. But we're the ones that deal with them on a daily basis.

I've been experimenting with algorithmic passwords and pass-phrases over the past years. In short, they are passwords that you can easily compute in your mind before you log into a site to avoid the lazy impulse of reusing the very same password on different websites and apps.

A dummy example could be grabbing the number of vowels in the app name (say, Google), which has three vowels, raising it to the power of two (3^2 = 9), adding the number of letters in the word (6 for Google), adding a text prefix (say, Vowels), then appending the third letter of the app name, uppercased, at the end (for Google, it'd be the letter O). The resulting password would be Vowels15O for google.com.

Here's how other computed passwords would look like.

Instagram  Vowels18S
Facebook   Vowels24C
Meta       Vowels8T
Twitter    Vowels11I

This would make your passwords safer by the simple fact that a malicious program stealing your key-phrase won't be able to re-use your email or username and log in anywhere. A human would have to reverse engineer the logic behind how these keys were computed, which wouldn't take too long in this case, as the rules we've used are extremely simple. So please don't use this rule! Make your own, and think that someone shouldn't be able to reverse-engineer your password-making rules by simply looking at it. What we can all agree is that any algorithmic rule yields more secure passwords than a single, reusable password. Also, note that the longer your passwords are, the safer they are against systems that can spend hours or days trying different combinations out.

January 18, 2022
Nono Martínez Alonso


My sketches and stories, in your inbox.

One email per week. No spam ever.

Pencil sketch of Nono Martínez Alonso.