Image from Pexels

How to Safeguard Passwords Using Brain Memory

By Debesh Choudhury | TechFuture | 13 Apr 2022


Passwords are indispensable in this modern world.

Some companies are creating hypes to kill passwords for good. They are recommending customers go passwordless. They are toying with the idea of "always logged in" and referring to it as "passwordless."

In simple words, some companies are provoking you to keep your authentication credentials saved on your devices. If your devices are stolen, and the screen lock passwords are removed, all your "passwordless" online accounts are in the hands of the device stealers.

That is how your authentication credentials of multiple online accounts, which are saved on your mobile device, say for your cryptocurrency exchange, wallets, are vulnerable to be stolen/lost with your mobile device.

Today, I will share with you a simple yet very robust technique to safeguard multiple accounts without paying a single penny on any software, such as password manager, or any paid cloud security services, which are prone to more hacking attacks.


 

Why are password managers prone to hacking?

  • A Password is a text stream that is set with a Username to authenticate the person logs in to a computer or server. The more complex and lengthier the password text stream, the stronger the password is.

Password managers are software that can provide you with facilities to create many complex passwords for multiple accounts. All generated passwords are protected by a single password called the master password.

There are both offline and online password managers. The online password managers provide server-based services to manage multiple passwords with a master password. The offline password managers are software installable on users' computers for creating and managing passwords.

In whatever its form, the security of a password manager is solely dependent on the master password which is prone to an easy attack called single point of failure

  • If hackers can steal the master password, all the authentication credentials of the users are in the hands of the hacker. Thus, the users will lose access to all of their cyber accounts.

Therefore, password managers can NOT provide you with the security you need.


 

Know how traditional password security systems function

Before starting with the security solution, let us understand in simple wordshow a password security system works on a computer or a server. I share a screenshot from one of my tutorial presentations on everyday cybersecurity.

29db6ef4c4d224360db3e87ccfca1a5194b6b0934e1faf4f9a82e95622a4c603.png

Graphics 01: Screenshot of my slide "What is a Password?".

Thus, in simple words, we learn about a computational operation called the "hash" function, which is operated on the inserted passwords, and the computer system permit access if the "hash" inserted password matches with the stored "hash" of the user-created password.

Otherwise, it rejects access.


 

How to safeguard passwords using your brain memory

  • Nobody can deny that the memory of our brains is the safest place to store secret credentials. The brain memory is primarily used to store all our secret and private information.

It is widely known that password managers come as a solution to help us not overtax the brain to store very long and complex passwords. But, the single master password can be a single point of failure and serve as an easy security hole for the hackers.

  • My solution to this problem is not complex. Just follow the step described below and improve the security of your passwords in a significant way.


 

Use brain memory to store a part of the password

The steps are really pretty simple. Anybody can do it. No expertise in computing is necessary. Even your granny or grandpa can do it.

I add "salt" texts (second part) to a complex password (first part) to strengthen password security. I may like to call it quasi two-factor authentication (quasi-2FA) or static two-factor authentication (static-2FA).

4e7807bc98a1c5079cf7e696f393294c11a52e9d49932f8137829fe50c2c31b0.png

Graphics 02: Screenshot of my slide "Taking help of brain memory is the safest".

The resulting "hash" of the composite password (1st part + 2ndpart "salt") will differ from the "hash" of the very long and complex password (1st part).

Thus, we can create simple "salt" text streams and memorize them in the brain memory for calling back from memory while authenticating the account with the composite password.


 

I call it quasi or static two-factor authentication

  • Since the resulting composite password is part of being inserted from the brain memory, I will call this technique a quasi or static two-factor authentication (quasi-2FA or static-2FA).

  • I call the technique quasi or static 2FA because it doesn't associate with using any dynamic PIN through SMS or email.

The strength of the composite password security is significantly high because there is no technology available in the world to hack or steal human brain memory.


 

Bringing it altogether

  • I introduce a simple technique to safeguard the traditional text password system.

This password security solution is my original idea.

My very close friends know this technique and regularly use it for their online as well as offline accounts. Computer server administrators can adopt this technique to safeguard their administrator accounts of servers and other computer infrastructure.

Since the technique is pretty simple, I or my friends never thought to file a technology patent. We dedicate this technology solution to helping people improve their personal cybersecurity.

  • My proposed technique does NOT involve using SMS or email to get the second factor PIN. Instead, it adds a text "salt" (2nd part) available from the brain memory as a second factor to the complex password (1st part) for authentication.

  • The security strength, or entropy of the composite password (complex password + salt text), is significantly high because there is no technology available to hack or steal human brain memory.

  • The proposed security solution doesn't need any proprietary software or device or additional resources. It can operate using the existing authentication infrastructure of the online platforms.

  • Hence, the users can adopt it without paying any license fees from their pockets.

  • Moreover, the service providers need not make any alterations to their systems.

I share the password security solution as a gift to all the dot-cash communities of bloggers and noisers. Please freely add this security on every online and offline account.

Should you have any questions, please feel free to ask in the comment section, or join me at other places in cyberspace, i.e., OdyseeLinkedInTwitternoise.cashpublish0x, and Facebook, and shoot your inquiries.


 

 

About me

  • I am from Science, Technology, Engineering, and Mathematics (STEM). I have also added "Arts" and "Fine Art" to my interests and made my interests STEAM - Science, Technology, Engineering, Arts, and Mathematics.

  • I develop solutions for password and cybersecurity relevant to cryptocurrencies, blockchain, and other block-less distributed ledgers.

I hope the entire blogging community will strive here and elsewhere.

If you have time, please explore my "Learning Times" and other channels on Odysee-dot-Com and earn crypto coin LBRY Credit or LBC for consuming and creating content.


 

Publish0x affiliate link

 

It was originally posted on read.cash.

 

Cheers! Debesh Choudhury

Join me at OdyseeLinkedInTwitternoise.cashand Facebook

Text Copyright © 2022 Debesh Choudhury — All Rights Reserved

Thumbnail Image: Photo by Miguel Á. Padriñán on Pexels.

 All other graphics and videos are credited just below it.

Disclaimer: All texts are mine and original. Any similarity and resemblance to any other content are purely accidental. The article is not advice for life, career, business, or investment. Do your research before adopting any options.

April 12, 2022.

How do you rate this article?


19

1

Debesh Choudhury
Debesh Choudhury

I am a solution architect for Digital Identity, Data Privacy, Password & Cybersecurity, Distributed Ledgers, IoT, a researcher & academician of Electronics, Computer Eng. & IT, an Entrepreneur & Tech Blogger.


TechFuture
TechFuture

TechFuture will publish short articles on future technologies that will make the world a better place to live. It will include digital identity, data privacy, passwords & cybersecurity, cryptocurrencies, and many more.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.