In the 1983 movie “A Christmas Story,” Ralphie sends away for a secret decoder ring so he can decrypt the secret message at the end of his favorite radio program. Ralphie was very disappointed in the message he decrypted, but hackers would be more than happy to decrypt your passwords. Passwords like Ralphie’s message are somewhat disappointing in their ability to protect our important data. Pass-phrases are a much better method when used with something called a cypher key like Ralphie’s ring. I will show you how to create a cypher and encrypt your pass-phrase to use to protect your data and accounts.
Let’s begin by choosing a phrase. For this exercise our phrase will be “The new black”. Now we need to determine how to encrypt the phrase. One fairly simple way is to replace certain letters with numbers and symbols. For example, all of the letter “a” will be replaced with the question mark. The letter “e” will have the dollar sign substituted for it. Spaces will be numbered using odd numbers starting with 3. The rules I have chosen to encrypt my pass-phrase were chosen fairly randomly and are fairly simple. Let’s have a look at our new pass-phrase now:
Th$3n$w5bl?ck
The phrase looks nothing like what we started with. If you use this new string of characters as your password, an attacker would have a very difficult time figuring out the password. You can record your password unencrypted under your keyboard where we all know you hide it any way, and it would be just as safe as if it were in a high security vault as long as the cypher for encrypting the phrase is not close by. You can even send your password by email to someone who knows your cypher without fear of it being stolen in transit. I’m not saying you should be posting your password on Facebook, but if you protect your cypher you probably could and still sleep soundly at night.
Like with your old passwords, it is important to change your pass-phrase regularly. You should also change your cypher, maybe not as often though. I would recommend changing your phrase once a month and changing the rules for your cypher about once a year. One last piece of advice, you should have more than three rules, but the rules shouldn’t be so complicated that you can’t use them. Find the balance that works for you and run with it.