Search AccuSolve

Privacy

Copyright © 2002-2008
AccuSolve, Inc.
All Rights Reserved

Comments, questions about this web site? Send email to webmaster.
accusolve.biz


Masking Password Generator Pronounceable Password Variations

 

In Masking Password Generator Professional Edition you are able to generate "pronounceable" passwords by alternating consonants and vowels in a mask to produce a word that can be pronounced even though it is not a real word.  For example, a mask such as <WVWVVWV would produce passwords like the following:

ledoixi
fuzoiga
lofauji
hajoofi

Because the words can be pronounced, they can be memorized much more easily than a purely random string of characters, but they are just as difficult to guess for an attacker.

If you like this arrangement, but need to have one or more numbers included, you can tweak the system a bit by slightly changing one or more of the character sets Masking Password Generator uses to choose random characters from based on the mask you define.  In this example we're going to substitute the numbers 1 and 0 for the lowercase vowels i and o.

To change character sets click on "File/Configure Mask Character Sets".  In this case look down the list for the set named "Vowel Lower Case".  In the "Character Set" column for that row change it from "aeiou" to "ae10u".  Click on "Done" and click on "Yes".

Now, either enter a pronounceable mask into the "Mask" field, or pick an existing one from the Saved Masks list and click on "Use".  For this example we will use the same mask that we used above - <WVWVVWV.  Because of the leading '<' character all the characters chosen will be from lowercase character sets.  Where there is a 'W' a lowercase consonant will be chosen, and where there is a 'V' a lowercase vowel will be chosen.  Because you've modified the lowercase vowels character set slightly you will get slightly different results now, as in the following examples:

taw0uja                instead of tawouja
c1suute                instead of cisuute
zugaule                no change
yuh00z1               instead of vuhoozi

The problem with this is that it doesn't guarantee there will always be at least one number in the password.  To guarantee that you would either need to replace all of the vowels with numbers, or you can add a number to the end of the mask, such as <WVWVVWV#.  This latter mask will produce passwords like the following:

vat0uj10
r1m00ge1
bekuufe3
q0ba1pe1

You may find that certain combinations are still quite difficult to memorize.  Feel free to tweak the character sets further; for example, if people find it hard to memorize a word with the letter 'q', as in the last example above, you could remove the letter 'q' from the lowercase vowels character set, and any others you wish.  You can change character sets all you want in order to get the desired results.

You can easily revert character sets back to their factory settings by going into the character set dialog and clicking on "Restore All Defaults".  Sorry, but there is currently not a way to save certain combinations and restore them later, but if we have a demand for such a feature we will include it in the future.

We are looking into adding a dictionary of words to our next major release which will allow you to create these kinds of passwords using real words.  For now, you are limited to the nonsense words that Masking Password Generator creates based on your mask.  The problem with using dictionary words is that even if you substitute numbers for certain letters, if they are the most common substitutions then password crackers know about this method and will check for these variations, making them significantly less secure than nonsense words.

Home   Products   Support  Downloads   Store  About   Privacy   Links  Site Map