CLOSE
Original image
iStock

The Perfect Password Is Six Words Long And Rhymes

Original image
iStock

There’s a Catch-22 involved in choosing an online password: it’s either easy to remember and easy to break, or tough to hack and even tougher to remember. As life moves increasingly online, this quandary becomes an increasingly urgent one to resolve; luckily, two researchers at the University of Southern California Information Sciences Institute think they have the answer. Marjan Ghazvininejad and Kevin Knight of the computer science department, using a random number generator and some ingenuity, have come up with a way to make a password that’s not only memorable and secure, but also has a bit of artistic flair.

The researchers proudly attribute their inspiration to an XKCD comic by creator Randall Munroe, whose uniquely intellectual cartoons stem from his background as a physics graduate and former NASA roboticist. The six-panel comic in question introduced a novel system for password creation based on increasing the number of bits (units of information) involved in a brute-force attack, which would randomly try all possible permutations of the given number of bits until it found the right one. Even if a user were to follow all the suggestions for strengthening a password—including choosing an uncommon word, replacing letters with numbers, adding special characters, and capitalizing certain letters—a so-called strong password might only take a sophisticated computer a matter of minutes to break. Munroe’s comic suggests avoiding such pitfalls by opting for four common but randomly selected words instead, and creating a story around the nonsensical phrase to render it meaningful. The original comic gave the phrase “correct horse battery staple” as an example. Silly, but as Munroe cheekily points out, most readers will already have memorized it within the minute it takes to read the comic.

In their recent paper [PDF], Knight and Ghazvininejad take Munroe’s method a step further by converting a computer-generated 60-bit string of characters into corresponding words from a 327,868-word dictionary. These words are then assembled into either ungrammatical prose “sentences” or, even better, rhyming iambic tetrameter couplets. Their rationale for the latter approach stems from humanity’s long history of remembering the past by turning it into poetry (see, for example, Beowulf, Ovid’s Metamorphoses, the Mahabharata, etc.). Unlike these epics, Ghazvininejad and Knight’s passwords are only two lines long with eight syllables each, and yet, at current computing rates, the scientists calculate that it could take as long as 11.3 years to guess it.

The paper gives a sample poem password—“The legendary Japanese/ Subsidiaries overseas”—that demonstrates how meter and rhyme work in tandem to increase the phrase’s memorability. In a test of real-world practicality, 61.5% participants who returned two days after having been assigned a poem-password were able to recall it correctly. The paper makes no mention of any incentive for the participants to put any effort into remembering their assigned passwords, but it seems reasonable to assume that they would have put at least as much work, if not more, into remembering a simple couplet when their own personal information was on the line.

For anyone eager to see what other kinds of password masterpieces Knight and Ghazvininejad’s method might turn up, they’ve provided an online generator that creates a new couplet upon every refresh. The results range from silly to sillier:

Domestic business limousine 
the flashy shopping unforeseen

The damage meekly enterprise 
requested swirling butterflies

Mercedes infant absentee 
militia matter Tennessee

The winter ratio reside 
the fragrances or homicide

The promises McCain Louie 
incumbent Democrat McKee

The researchers stress, however, that the site is only for demonstration purposes; a potential hacker could easily download the entire database of options the site provides, thereby defeating the purpose of using any of those passwords. For actual secure use, there’s a different site, in which users can input their email addresses and be sent a private password, which will then be deleted from the system entirely.

[h/t Washington Post]

Original image
Kano
arrow
fun
Control the World With a Wave of Your Hand Using This $30 Motion Sensor
Original image
Kano

"Learn to code" is all the rage in kids' toys—even those aimed at preschoolers. As educational toys go, though, Kano's are pretty fun. Earlier this summer, Kano released the Lite Brite-esque Pixel Kit, an LED board that kids (or anyone, really) can program to change and visualize information using the coding tutorials on the Kano desktop app. Now, the company has come out with a stand-alone motion sensor that allows you to see the impact of your code with a wave of the hand.

The $30 sensor kit is only a little bigger than a 50-cent piece, and set-up is as easy as attaching two pieces to a USB port and plugging the cable into a computer. The Kano app will show you what to do next, walking you through a series of "challenges" that hold your hand through the process of coding the sensor to change what you see within the app, whether it's changing the color of an image or playing a virtual game of Pong by waving your hand in front of your computer. The sensor can register three axes of movement, so that you can control different actions by moving your hand left-right, up-down, and forward-backward.

A blue Kano booklet of instructions sits next to a small blue sensor that looks like a periscope.
Kano

The tutorials vary from the very simple (make an arrow rotate according to gestures) to the slightly more involved (build a Pong game). But all of them are made extremely simple with drag-and-drop blocks of JavaScript code, step-by-step instructions, and highlights on the correct choices. If you put your code in the wrong place, the tutorial won't move on. No matter what your real level of understanding of the underlying code, you're going to build that Pong game. Hopefully, you'll pick up a few tricks on the way, though, which will eventually allow you to build your own games.

The motion sensor kit is the most accessible of Kano's products, both in terms of its price (the Pixel Kit is $80 compared to the motion sensor's $30) and the number of things you can do with it. The gesture-based controller can be used to play games, make moving art, or control music. You don't have to have any other Kano equipment, but if you do, you can plug it into other kits to make, say, a motion-activated Pixel Kit light show.

You can buy the Motion Sensor Kit on Kano's website starting today.

Original image
iStock
arrow
technology
Meet the 17-Year-Old World Champion of Excel Spreadsheets
Original image
iStock

If you spend hours creating spreadsheets in Microsoft Excel for your office job, that work may one day pay off. The Excel World Championship recently awarded its winner a $7000 prize for demonstrating his “skills and creativity” while completing a series of tasks in the program. But the new champion doesn’t come from the professional world—he’s a student at Forest Park High School in Woodbridge, Virginia.

As the New York Post reports, John Dumoulin has won a total of $10,000 in prize money for his Excel expertise. He first discovered his talent when he took a Microsoft Excel 16 certification exam for an IT class at his high school. His score was the highest in the state and it qualified him to join other spreadsheet aficionados at a national competition in Orlando, Florida.

After snagging the $3000 cash prize at that event, he moved on to compete with pros from around the world at the Microsoft Excel World Championship in Anaheim, California. The competition included 150 participants from 49 countries. Never in its history has an American taken home the grand prize, but this year Dumoulin became the first.

The teenager first became acquainted with Excel in middle school, when he made spreadsheets to track the performance of his favorite baseball team, the Los Angeles Dodgers. He told the Associated Press that he’d like to one day make a career out of doing data analytics for baseball teams. For now, his focus is on graduating from high school.

[h/t New York Post]

SECTIONS

arrow
LIVE SMARTER
More from mental floss studios