sesame
Update of "sesame"
Not logged in

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview

Artifact ID: 5e4c8c5b02917e67dde8219a5a8b9cb6370cbd87
Page Name:sesame
Date: 2010-10-03 17:17:06
Original User: james
Parent: 16e191a6ffbfdbf8ad0a09c4337229d9b318e487
Content

SESAME

... and now for something completely different, a profusion of passwords easy to remember, impossible to guess.

Everyone needs to create and remember numerous passwords that are hard for anyone else to guess.. It is a tough job.

Some people choose a single password, using the same one everywhere. If the password is exposed by accident or malice on any location, security is everywhere is lost.

Some people do a little better, by using some scheme to generate new passwords by varying a base password. If the password is exposed, it then becomes very simple to guess the password used elsewhere.

Some people use a password manager, such as the one contained in a browser. This allows them to choose random passwords that are all different and impossible to guess, and, because they can be found quickly in the password manager quickly and easily, they do not need to make any effort to remember them. However, because the passwords are not remembered, these people are lost when they do not have access to the password manager. Also, if the password manager is ever exposed, all security everywhere is lost.

Everyone needs to be able to easily generate a profusion of passwords easy to remember, impossible to guess.

The solution is ‘sesame’.

Choose a random password that is impossible to guess. For example: qazmjy

Memorize this one password. It seems tough, but it is the only password you will ever need to remember, and you will be using it several times a day, so it will soon become second nature.

Each time you are asked for a new password, create a new password by combining your random password with the name of the service. If google needs a password, choose qazmjygoogle. If amazon needs a password, choose qazmjyamazon.

Sesame can now be used to garble your new password beyond all recognition.

sesame qazmjygoogle
hq2iWXiO

sesame qazmjyamazon
MfWBkYsG

hq2iWXiO or MfWBkYsG are your new passwords. However, you do not need to remember them! Just remember qazmjygoogle or qazmjyamazon and type them into sesame whenever you revisit those sites.

Note that sesame is NOT a password manager. It does not store your passwords in any sense. The passwords are kept in your memory, and you use sesame merely to render your easily remembered passwords into an unrecognizable garble which gives no clue to the original password.

There is no security risk if sesame is lost. You can carry a copy around on a pendrive and load a copy on every computer you visit. You give it to your friends.

Download pre-built unix binary