alt text

I admit it, I lie about my age all the time, and yes I claim to be younger than I really am. I lie about all sorts of stuff, it is a habit with me. My first pet’s name is OnikAjOY and the street I grew up on is iTeMBAst.

The best liars keep track of their lies and don’t get tripped up, they need to remember to whom they told specific lies. A record of account recovery questions might look like:

Birth date: February 1, 1962
First pet: OnikAjOY
Street grew up: iTeMBAst

The best liars can keep a straight face and when they want to, feed you completely different lies.

Birth date: March 1, 1962
First pet: IrDewayS
Street grew up: egRALENe

I lie to protect myself from being impersonated by someone else. There are 15 million cases of Identity Theft a year. It seems that in this digital world, we all leave a digital trail of who we are and what we do in our wake. You see by telling white-lies, if a server in the Internet Cloud gets hacked, the password and recovery questions that are hacked are unique to the site and useless for exploitation.

alt text

Some people are natural liars but less than perfect liars like me need help. You see the best lies are very difficult to guess. A common (but risky) practice is to “have a system” for passwords, some people think they are so clever! The problem is that if two or three passwords of the system are ever exposed, the pattern becomes obvious and all passwords are exposed.

To be a good liar I use a password generator and an encrypted system to keep track of all my lies. There are many systems out there to perform this task and I can only speak to a few of them that I have used. I can truly speak to CrypSafe because I wrote it.

It uses a random number generator to generate passwords. You can tell it how many characters to put into a password and whether to use upper case, lower case, numbers, special symbols etc. There are times with it is good to be BIG LIER!

An example of password complexity from Password-Depot:

Characters Combinations Time To Crack Password
5 60,466,176 0.03 seconds
7 1,028,071,702,528 9 minutes
8 457,163,239,653,376 2.6 days
9 572,994,802,228,616,704 9.1 years
12 475,920,314,814,253,376,475,136 7 million years

The lesson here is to go big. It is just as easy to copy/paste a 20 character password as it is a 5 character password.

To make a CrypSafe record for a specific web site:

  1. Create a contact record
  2. Add the website URL
  3. Generate or add a password
  4. Fill the notes field with your identity questions and answers

I don’t know about other systems but CrypSafe stores all its information in an encrypted IOCipher database. It keeps an encrypted backup on another Android device, just in case your primary smartphone is lost or stolen. Everything is locked down with a passcode, passphrase or better yet the YubiKey NEO.

CrypSafe also has an embedded webserver. This means that using https encryption, I can securely get to all of my passwords from my laptop or desktop computer, or any modern browser on my WiFI network. Think about it, my passwords are encrypted, backed up and always available to me in my pocket or on any screen in front of me. It kind of sounds like Cloud Computing but the data is never sent to the Internet, so it is more secure, we call it a MicroCloud…no lie!