did anyone ever think about how well chess notation serves as passwords? Plusses are: - As it's no problem memorizing a chess main line for 6-10 moves (most here can do that), you can generate quite long passwords - since "+" "0-0" "0-0-0" "2.)" all contain special characters, 1.Nf3 also has caps and lower letters, it's quite random and it's got numbers in it -- all requirements for good passwords.
minusses: - If your adversary happens to know you're a chess freak he might be able to reprogramm his brute force attacking tool to try chess lines with higher priority. But you could get around this by simply starting you pw off with the first letters of some sentence (let's say: "I hope Paris Hilton finally get's arrested" would make "IhPHfga" and if you now append your Ruy main line, you're ok.
I ran a test at this site: https://passwortcheck.datenschutz.ch
for this pw: "1e4e52Nf3Nc63Bb5a64Ba4Nf650-0Be76Re10-07a4Bb78c3" That's a well known anti-marshall line in the Ruy Lopez.
The test says that my pw would need 3'199'181'570'129'864'390'646'397'960'825'739'929'488'950'949'692'361'864'750'159'866'764'428'019'507'592'369'520'534'109'716 tries on average to break, which would take approx. 202'890'764'214'222'754'353'525'999'545'011'411'053'332'759'366'588'144'644'226'272'625'851'599'410'679'374 years (with 500'000 tries/sec).
That's not too bad, is it? And I can recite that Ruy line even when drunk, asleep, etc. etc...
It doesn't hurt to start any sequence off with "@" or any other non-keyboard character. But the point is rather that with passwords, safety comes with numbers (of characters). _IF_ those characters are random, that is. Therefore something like "h%9K." is about as safe as "Irandowntotheshopformilk" even though the latter is much longer. But since it is made up of words in correct english syntax, it yields only about as half as much security _per word_. Given that a password of 20+ completely random characters is considered safe by current technology standards, that would translate to a "sentence" of more 40 words as a password. That's quite a bit to type and to remember (Some Hamlet monologue comes to mind ;o) )
The point with a chess line is now, that it is very easy to remember for a chess player and (for such a one) (almost) always consisting of a full move. But "1.)d4Nf6" is already eight characters of (in itself) very random fashion - and nothing an attacker would likely have in his dictionary (which _would_ probably have the most common english vocabulary - thus the decreased security of the above sentence). So even if you would have "1.)d4Nf6" as one "word" it would have a security that would approach that of the random string h%9K.". Now imagine using a basic chess puzzle (smothered mate) which is a 4-mover, and you'd end up with over 50 characters. If you now add your odd special character at the beginning and end with "IhPHfga", you'll have a _VERY_ save password, at least as safe as a 20 character random string but a lot easier to remember...
29 ( +1 | -1 ) Alberlie ...I like the solution to Chess problem password idea. But I forgot to mention, you also need to add some 'landmines' on your computer; virus & worm files for them to download ... !? Seems only fair, to me }B-) [And I have 2450 adware pop-ups on a very sick P-1, you can have cheap ... ] :))
40 ( +1 | -1 ) like thisI like this. I usually use nonsense passwords - hard to find but harder to remember. So I have to write them down. And as soon as I write them down - there they are. But the fact that we're talking about it - could some hacker browsw these boards and decide to add some chess opening passwords to his database? Could there be any hackers here at gameknot?