INTRODUCTION TO PASSWORD SQUARES

You probably have hundreds of passwords by now, for Facebook, Twitter, your social club, bank and who knows what else. You are told to use secure passwords for all of these, and you are also told to never use the same password on more than one site. Well, we all know this is just impossible to achieve.

Well, I have come up with a way of allowing you - the security concious person the ability to remember all of these passwords - by printing them out. Yes - you heard me, by printing them out.

Some of the advantages of printing them out:

If your computer breaks, or your hard drive dies - you no longer need worry about the passwords stored in your browsers, now long lost.
If you are out and about - having a printed copy lets you use ANY of your passwords without concern.
You can leave the printed copy in your documents, in the case of your death or disability - they can be accessed by your estate.

If you already know, then you have a couple of options:

You can just generate a random set of password squares, print them out ... by clicking here.
If you want to use a phone number, licence number or some other number you remember (not the same as your password squares PIN) to generate a fixed password square (which you use to access the same set each time), then click generate.

I'll explain how password squares work.

Firstly - you get some password squares software (I'll be developing a windows application soon which will be free, and hopefully other people can start developing applications for other systems), this software generates a matrix which looks like the following:

START		@,.	ABC	DEF	GHI	JKL	MNO	PQRS	TUV	WXYZ
START		1	2	3	4	5	6	7	8	9	0
	0	a	t	u	O	P	9	0	s	t	M	1	@,.
WXYZ	9	b	s	v	N	Q	8	a	r	u	L	2	ABC
TUV	8	c	r	w	M	R	7	b	q	v	K	3	DEF
PQRS	7	d	q	x	L	S	6	c	p	w	J	4	GHI
MNO	6	e	p	y	K	T	5	d	o	x	I	5	JKL
JKL	5	f	o	z	I	U	4	e	n	y	H	6	MNO
GHI	4	g	n	A	H	V	3	f	m	z	G	7	PQRS
DEF	3	h	m	B	G	W	2	g	l	A	F	8	TUV
ABC	2	i	l	C	F	X	1	h	k	B	E	9	WXYZ
@,.	1	j	k	D	E	Y	Z	i	j	C	D	0
		0	9	8	7	6	5	4	3	2	1
			WXYZ	TUV	PQRS	MNO	JKL	GHI	DEF	ABC	@,.

The central 10x10 grid of letters are the randomly generated letters (from A-Z, a-z and 0-9). The outer area is your navigation assitant (which you wont need once you get the hang of it. The red squares are just for the example below, normally all the 10x10 squares would look identical.

Secondly - you need to think of either a 5 or a 7 digit PIN - which YOU DO NOT write down (even on this paper). It is important that the PIN is 5 or 7 (or 9, 11 if you are game). Do not use a 4 or 8 digit pin.

Thirdly - for each website or organisation you know, you need to just work out its name. This can be done in several ways - but just make sure you know what it is.

The generic function of the instituion, e.g. BANKING for your bank
The actual name of the institution, e.g. COMMONWEALTH (for my bank).
The email address of someone you deal with there e.g. j.smith@microsoft.com

The important thing here is to remember this name for each of your companies. Feel free to write these names on the password squares print out.

Finally - work out your password. This is harder to explain than it is to do. For my example, I will use the password squares above ... with BANKING and a PIN of 12379.

Start where it says 'start', and work your way clockwise around the password square. When you are familiar with how thing work, you can choose your own starting corner (just be consistent).
Look along the first edge (top) for the first letter of your name 'B', now get the first number of your PIN (in our case '1'), you need to get the letter '1' down in the 'B' column. This is 't'.
Now look along the second edge (right) for the second letter of the name 'A', now get the second number of your PIN (in our case '2'), you need to get letter '2' in from right in the 'A' column. This is 'u'.
Now look along the third edge (bottom) for the third letter of the name 'N', now get the third number of your PIN (in our case '3'), you need to get the letter '3' in from the bottom in the 'N' column. This is 'W'
Now look along the fourth edge (left) for the fourth letter of the name 'K', onw get the fourth number of your PIN (in our case '7'), you need to get the letter '7' in from the left in the 'K' column. This is 'e'.
You now proceed around the edges again, if you run out of PIN numbers, start the PIN from the beginning.
I9 gives us 'F' from the top, N1 (start of PIN) gives us 'H' from the right and finally 'G2' gives us 'h' from the bottom.
Our final password is 'tuWeFHh'.

The password is only seven characters long - but you can increase the length by continuing the above method until a set length (e.g. 10 characters). Just like the PIN, you start the name at the beginning when you run out of letters.

Note that the numbers and letters on each side are identical, and come from the phone number keys and letters, '0' and space are together, and all punctuation (e.g. @) share the position with '1'.

Also note that once you get the hang of it ... you can use the letter (from the word) on your current edge, along with the digit (from your PIN) on the following edge to target the correct letter easily.

With only the middle 10x10 squares and a phone - you can also extract your passwords, needing just the PIN number to complete the picture.

The above password square was not generated randomly, but it shows how unpredictable the generated passwords look, even with a patter of letters in the grid. The software will generate a random layout with around 66% alphabetic and 33% numeric. I will be avoiding punctuation marks as many sites do not allow them.

If you have any questions or are interested in writing a password squares generator for integration into a web browser, or for a particular operating system, please contact me at password.squares@craznar.com.