Tag Archives: internet security

Run You Clever Boy and Remember

When email first came to this campus, I had to walk from my office–then in Yates Hall–over to the computer services office in Kelce to check whether I’d received anything.  I did this every week whether I thought I was going to get an email or not.  If I had and if it had a file attached, then I had to use the special program Kermit in order to download it.

That was more than twenty years ago and a lot of things have changed.  But not the password I used to get into that account, it is the exact same one. I’ve gotten away with it because I am singularly unimportant, but the truth is my days are numbered.  The game has changed.  There are server farms in China and Eastern Europe which are at work trying to hack everything that can be hacked.  A million monkeys on a million typewriters will eventually produce the works of Shakespeare. A server farm and advancing technology will eventually hit any fixed target.

This means you have to present them with a moving target, i.e. you have to change your password frequently.  “Frequently” is somewhat nebulously defined, but unless you are a Joshua Tree, it probably means more than every twenty years.  The issue with changing passwords frequently is that you have to remember them.  Frequent change can make you want to write it on your wall with a sharpie.  But don’t do this because it is bad.

The solution isn’t a sharpie, but rather, a mnemonic.  This is a trick for remembering, like a pass phrase.  In Doctor Who, the comely Clara Oswin Oswald, one of the Doctor’s companions, was challenged with remember rycbar, so she devised the phrase “Run you clever boy and remember.” That is one way, but not all of us are as creative as the comely Clara;however, this does point to another way.  Come up with the phrase first and make the password from it.

For example, “Run you clever boy and remember” can become rycb&r.  You can also choose to capitalize one or more of those letters in some fashion you can remember.  Inserting extraneous numbers in some memorable way is also good.

Of course, you don’t want to use the phrase that I just did. You need to come up with your own.  Be cagey and don’t let anyone know it.  People can be very clever how they get information from you.  Your phrase should also be longer than this and allow for putting numbers and special characters like &%# and so forth.

Bobby Winters

Associate Dean