-1

I am interested in creating a formula to create unique passwords for every website that I am going to use. These passwords should be easy to figure out (not necessarily remember) for me at any point in the future, but not be vulnerable to any form of reverse-engineering with today's technology: the formula shall remain secret forever.

The passwords of two different websites should not be closely related (somewhat loose definition) so that if one finds out the password of my account on StackExchange, the security of my e-mail account remains intact (even though the usernames are the same in both places).

The reason behind all this is that I want to prevent personal privacy/security issues overall, even though I personally am not a target of anyone's malpractice (yet).

Do not be mistaken: I have heard the legend of the password-manager, but however welcomed and appealing its services might be to others, I am not interested.

My questions/worries with the formula are these:

  • I do not know if it actually is easy to make a non-reverse-engineerable formula. Let me give an example-formula and you tell me how hard it would be to figure it out:

    • Let a = 1, b = 2, c = 3, etc. Note the value of the second letter of the name of the website (stackexchange would give t = 20), note the number of letters of the name of the website (stackexchange would give 13). Combine these numbers (2013). Now write the original name but replace every letter with the one to the left of it on the QWERTY-keyboard and make sure the N:th letter is upper-case (N being the last digit in the numer of letters (in this case 3) (stackexchange would give arLxjwzxglbfw). Combine these and you have your complete password (stackexchange would give arLxjwzxglbfw2013). If someone sees that my password on stackexchange is arLxjwzxglbfw2013 and that my password on gmail is fnluK135, would he be able to figure out that my password on facebook is dlxwViiJ18 even with the help of a computer, or is this virtually impossible?

    • If the generated password is too short, is simply repeating it good enough? For example, the password for gmail would be fnluK135 (very short). Is fnluK135fnluK135 a much more secure password? (this isn't really protection against reverse engineering, but more against guessing)

schroeder
  • 125,553
  • 55
  • 289
  • 326
Gendarme
  • 199
  • 5
  • 3
    The general concept of keeping an algorithm secret is usually regarded as a bad thing: see https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle You'll also run into issues where sites have differing restrictions on passwords, resulting in exceptions: what if a site requires a symbol? What if a policy prevents sequential characters, but your formula produces them? Seems likely to happen eventually... – Matthew Mar 02 '16 at 21:23
  • 1
    @Matthew: the requirements of the site vs. the output of the algorithm is a very good point. – WoJ Mar 02 '16 at 21:27
  • I have never encountered a site not allowing consecutive characters. And if I include `aZbY!%12` at the beginning of every password, I probably pass all requirements. The point here is not to create hashed passwords - it is to come up with a way of having unique passwords for every site instead of using the same password everywhere as I am currently doing. – Gendarme Mar 02 '16 at 21:31
  • What about a site which requires a numerical PIN (only digits)? I know (and have to use) two of them. This is a stupidity on its own but, well, they exist. – WoJ Mar 02 '16 at 21:32
  • @Gendarme Unfortunately, I have. Don't agree with it, but it wasn't my site, so had no say in it. There are more dodgy password rules out there than you might think! – Matthew Mar 02 '16 at 21:39
  • 2
    Might also want to read http://security.stackexchange.com/questions/1222/is-there-a-method-of-generating-site-specific-passwords-which-can-be-executed-i , http://security.stackexchange.com/questions/104482/is-it-a-good-idea-to-to-use-secure-hashing-functionmypassword-url-as-my-passwo and http://security.stackexchange.com/questions/55592/password-managers-encrypted-database-vs-hashing-strategy – Matthew Mar 02 '16 at 21:42

1 Answers1

7

Without going into cryptoanalysis of your algorithm, whenever you use one which relies on secrecy it is a mistake. What happens if it stops to be a secret? All your sites are compromised.

As noted by @Matthew in his comment, you will also be in trouble if your algorithm generates a passwords incompatible with the site requirements.

There are mathematical one-way functions, an example are hashes.

however welcomed and appealing [password managers] services might be to others, I am not interested

I would strongly suggest to reconsider this position. You will gain in the long term. If you are worried about security/confidentiality of such systems, you can always use Keepass which is not the most ergonomic one but is open to scrutiny.

Community
  • 1
WoJ
  • 8,968
  • 3
  • 33
  • 51
  • Is there any reason the formula would stop being a secret any more than my current password on StackExchange would stop being a secret? The formula will not be written down anywhere, not even with pen and paper. – Gendarme Mar 02 '16 at 21:22
  • 2
    For one, it can probably be reverse-engineered. You would need to ask an expert cryptographer. As for how can a password or algorithm be recovered, [XKCD has some hints](https://xkcd.com/538/). – WoJ Mar 02 '16 at 21:26