Password Fields
Summary:
Implement dynamic, easily remembered, server-side, field-oriented passwords. Field selection, field order, field length, and field values are selected by the user. Field-orienting passwords randomness expands multiplicatively with the number of fields incorporated into a password and the number of fulfillment values.
They're surprisingly easier to remember than one might originally think.
Discussion
The current, global password paradigm - The Character-based Model
CCCCCCCC = someone's password as a sequence of static characters
Suggested, alternative password paradigm - The Field-based Model
| Designator | Desc | Values |
|---|---|---|
| DDD | a three character field, day of the week | mon, tue, wed, thu, fri, sat, sun |
| EE | a two character field, day of the week | mon=01, tue=02, wed=03, thu=04, fri=05, sat=06, sun=07 |
| F | a field, day of the week | mon=1, tue=2, wed=3, thu=4, fri=5, sat=6, sun=7 |
| MMM | a three field, month | jan, feb, mar, apr, may, jun, jul, aug, sep, oct, nov, dec or (JAN, FEB, MAR, APR, MAY, JUN, JUL, AUG, SEP, OCT, NOV, DEC) or (Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, Dec) |
| LL | a field month | 01, 02, 03, 04, 05, 06, 07, 08, 09, 10, 11, 12 |
| K | a one character field for month | 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C |
| WW | a two character field, week of the month | 01-05 |
| HH | a two character field hour of the day, 24 hour | 00-23 |
| NN | a two character field, current minute | 00-59 |
| C | any allowable, static character | |
| XXX | last three characters in the TLD name of the web site | |
| YY | last two characters in the TLD name of the web site | |
| Z | last character in the TLD name of the web site |
Other field definitions are possible, even custom-created, dynamic value fields, subject to certain, reasonable restrictions.
Constructing Field-oriented Passwords
Users create passwords by constructing their desired, field-based passwords, using their own field sequences, then choosing their desired values.
Sample Passwords
1) HHrainstorm = HHCCCCCCCCC (or HC, more generally, FC for field-char) is a valid password, and will change 24 times a day (HH).
2) triDDDceratops = CCCDDDCCCCCCCC (or CDC, or FCF for field-char-field) will constantly change daily (DDD).
3) XXXblokeEE = (XCE, or field-char-field) a password that will guarantee a user’s password will vary throughout all of their logins, as a segment of the password will be salted at random text stream locations with random lengths of the login pages URL. It will change by day of the week (EE).
Doug Parker
Henderson, NV
USA