The Perfect Password Is Six Words Long And Rhymes


There’s a Catch-22 involved in choosing an online password: it’s either easy to remember and easy to break, or tough to hack and even tougher to remember. As life moves increasingly online, this quandary becomes an increasingly urgent one to resolve; luckily, two researchers at the University of Southern California Information Sciences Institute think they have the answer. Marjan Ghazvininejad and Kevin Knight of the computer science department, using a random number generator and some ingenuity, have come up with a way to make a password that’s not only memorable and secure, but also has a bit of artistic flair.

The researchers proudly attribute their inspiration to an XKCD comic by creator Randall Munroe, whose uniquely intellectual cartoons stem from his background as a physics graduate and former NASA roboticist. The six-panel comic in question introduced a novel system for password creation based on increasing the number of bits (units of information) involved in a brute-force attack, which would randomly try all possible permutations of the given number of bits until it found the right one. Even if a user were to follow all the suggestions for strengthening a password—including choosing an uncommon word, replacing letters with numbers, adding special characters, and capitalizing certain letters—a so-called strong password might only take a sophisticated computer a matter of minutes to break. Munroe’s comic suggests avoiding such pitfalls by opting for four common but randomly selected words instead, and creating a story around the nonsensical phrase to render it meaningful. The original comic gave the phrase “correct horse battery staple” as an example. Silly, but as Munroe cheekily points out, most readers will already have memorized it within the minute it takes to read the comic.

In their recent paper [PDF], Knight and Ghazvininejad take Munroe’s method a step further by converting a computer-generated 60-bit string of characters into corresponding words from a 327,868-word dictionary. These words are then assembled into either ungrammatical prose “sentences” or, even better, rhyming iambic tetrameter couplets. Their rationale for the latter approach stems from humanity’s long history of remembering the past by turning it into poetry (see, for example, Beowulf, Ovid’s Metamorphoses, the Mahabharata, etc.). Unlike these epics, Ghazvininejad and Knight’s passwords are only two lines long with eight syllables each, and yet, at current computing rates, the scientists calculate that it could take as long as 11.3 years to guess it.

The paper gives a sample poem password—“The legendary Japanese/ Subsidiaries overseas”—that demonstrates how meter and rhyme work in tandem to increase the phrase’s memorability. In a test of real-world practicality, 61.5% participants who returned two days after having been assigned a poem-password were able to recall it correctly. The paper makes no mention of any incentive for the participants to put any effort into remembering their assigned passwords, but it seems reasonable to assume that they would have put at least as much work, if not more, into remembering a simple couplet when their own personal information was on the line.

For anyone eager to see what other kinds of password masterpieces Knight and Ghazvininejad’s method might turn up, they’ve provided an online generator that creates a new couplet upon every refresh. The results range from silly to sillier:

Domestic business limousine 
the flashy shopping unforeseen

The damage meekly enterprise 
requested swirling butterflies

Mercedes infant absentee 
militia matter Tennessee

The winter ratio reside 
the fragrances or homicide

The promises McCain Louie 
incumbent Democrat McKee

The researchers stress, however, that the site is only for demonstration purposes; a potential hacker could easily download the entire database of options the site provides, thereby defeating the purpose of using any of those passwords. For actual secure use, there’s a different site, in which users can input their email addresses and be sent a private password, which will then be deleted from the system entirely.

[h/t Washington Post]

IBM Unveils the World's Smallest Computer

The latest piece of technology to be zapped by the shrink ray of progress was recently revealed during IBM Think 2018, the computer giant’s conference that offers a sneak preview of its latest hardware. According to Mashable, IBM’s newest computer is so small that it could disappear inside a salt shaker.

An IBM computer on a motherboard and atop a pile of salt

That tiny black speck on the right? That’s the one. (It's mounted to a motherboard on the upper left of the left photo.) IBM claims the computer has several thousand transistors and has roughly the same kind of operating power as a processor from 1990. While that may not sound impressive, any kind of artificial intelligence in a product that small could have big implications for data management. IBM believes it has a future in blockchain applications, which track shipments, theft, and non-compliance. Its tiny stature means it can be embedded into materials discreetly.

As an example, IBM noted that the processor could be injected into a non-toxic magnetic ink, which can then be stamped on a prescription drug. One drop of water could make the ink visible, letting someone know it’s authentic and safe to take.

The tiny little motherboard and its processors are still in the prototype stages, but IBM predicts it could cost less than 10 cents to manufacture. The company hopes it will be commercially available in the next 18 months.

[h/t Mashable]

Apple Wants to Patent a Keyboard You’re Allowed to Spill Coffee On

In the future, eating and drinking near your computer keyboard might not be such a dangerous game. On March 8, Apple filed a patent application for a keyboard designed to prevent liquids, crumbs, dust, and other “contaminants” from getting inside, Dezeen reports.

Apple has previously filed several patents—including one announced on March 15—surrounding the idea of a keyless keyboard that would work more like a trackpad or a touchscreen, using force-sensitive technology instead of mechanical keys. The new anti-crumb keyboard patent that Apple filed, however, doesn't get into the specifics of how the anti-contamination keyboard would work. It isn’t a patent for a specific product the company is going to debut anytime soon, necessarily, but a patent for a future product the company hopes to develop. So it’s hard to say how this extra-clean keyboard might work—possibly because Apple hasn’t fully figured that out yet. It’s just trying to lay down the legal groundwork for it.

Here’s how the patent describes the techniques the company might use in an anti-contaminant keyboard:

"These mechanisms may include membranes or gaskets that block contaminant ingress, structures such as brushes, wipers, or flaps that block gaps around key caps; funnels, skirts, bands, or other guard structures coupled to key caps that block contaminant ingress into and/or direct containments away from areas under the key caps; bellows that blast contaminants with forced gas out from around the key caps, into cavities in a substrate of the keyboard, and so on; and/or various active or passive mechanisms that drive containments away from the keyboard and/or prevent and/or alleviate containment ingress into and/or through the keyboard."

Thanks to a change in copyright law in 2011, the U.S. now gives ownership of an idea to the person who first files for a patent, not the person with the first working prototype. Apple is especially dogged about applying for patents, filing plenty of patents each year that never amount to much.

Still, they do reveal what the company is focusing on, like foldable phones (the subject of multiple patents in recent years) and even pizza boxes for its corporate cafeteria. Filing a lot of patents allows companies like Apple to claim the rights to intellectual property for technology the company is working on, even when there's no specific invention yet.

As The New York Times explained in 2012, “patent applications often try to encompass every potential aspect of a new technology,” rather than a specific approach. (This allows brands to sue competitors if they come out with something similar, as Apple has done with Samsung, HTC, and other companies over designs the company views as ripping off iPhone technology.)

That means it could be a while before we see a coffee-proof keyboard from Apple, if the company comes out with one at all. But we can dream.

[h/t Dezeen]


More from mental floss studios