Subscribe: Apple Podcasts | Google Podcasts | Stitcher | RSS
What if I told you that turning your brain into a passwords manager is the easiest thing on the planet?
Yes, even massively complex and (seemingly) meaningless passwords like …
… can be memorized without breaking a sweat.
And you’ll even have some fun!
To get this done …
So that you can easily learn and remember so much garbled and meaningless data quickly …
1) All you need is a strategy.
2) You need a bit of practice with the strategy.
3) You need a solid reason why.
Why Memorizing Your Passwords Is
Ultimate Only Path To Cyber-Security
To discuss the reasons why you need to learn, memorize and develop the ability to recall your passwords without storing them anywhere other than your memory, I’m delighted to be joined by memory expert, record setter and incredible memory educator, Brad Zupp.
If you haven’t already, scroll up and click the “play” button to listen in on our discussion.
In it, you’ll learn:
* The shocking truth behind why Brad decided it was time to create a system for memorizing his passwords and the horrifying realities behind why he’s sharing that system with the world.
* Brad’s method of dividing Memory Palaces so they’re easy to review and use to memorize and organize thousands of rooms and thousands of digits.
* Why Brad uses Memory Palaces based on real locations and varies between rooms and outdoor memory journeys.
* How to understand the differences in your mind and the mind of other mnemonists so that you can get better results faster.
* How Brad deals with renovations to Memory Palaces.
* Brad’s incredible experiences with face memory and how it factors in with remembering names.
* Brad’s take on what to do if you have aphantasia or otherwise are in need of developing your mind’s eye.
Would You Like The Ability To Make Your Memory
A Passwords Manager That Works Safer Than Any Computer?
Let me recommend Brad’s brand new book, The Hack-Proof Password System. (Note: The link will take you to the Amazon store nearest you. 🙂 )
I’ve read this book cover-to-cover and highly recommend you do the same. You’ll learn everything you need to know about protecting yourself online by developing an amazing memory skill.
It’s easy, fast, effective and fun.
And the best part is that making your memory the ultimate passwords manager is great brain exercise too.
For More Of Brad Zupp’s World Class Memory Expertise …
You may recall my “book report” of Brad’s excellent book, Unlock Your Amazing Memory: The Fun Guide That Shows Grades 5 To 8 How To Remember Better And Make School Easier.
If not, you can read all about it and listen to the podcast review here:
How To Help Middle School Students Remember More
Another fine resource for you is the first Magnetic Memory Method Podcast interview with Brad:
Brad Zupp On Memory Techniques And Memory Improvement For All Ages
But nothing could be more important to your Cyber Security than Brad’s new book, so please be sure to add it to your memory improvement library.
But That’s Not All!
For Brad’s free bonus material to go with The Hack-Proof Password System, claim his free workbook and companion ebook now.
While you’re at it, check out Brad’s main website.
For information on Brad’s presentations for students, visit Brad’s Exceptional Assemblies page.
And if that wasn’t enough, if you want to pop your questions, experiences and comments in the discussion area below, I’ll make sure Brad sees your contributions to the Mnemonics Renaissance a.s.a.p.
In the meantime …
Thanks as ever for helping us help you and talk soon! 🙂
Can’t wait to read this! It is going to be fascinating for sure!
Thanks, Alex. Glad you had a chance to check this out and thanks for taking a moment to let us know you’re excited! 🙂
Hi Anthony, I have listened to the pod cast downloaded it and got right on getting the book. It should be interesting to see what I can learn for my quest to be better in memory. I am still learning 101-1000 list. A lot of work. But I will get through it. Took a small break for a few weeks, now back at it!
Thanks to Brad for helping me out with my purchase and answers he gave me. I am sure I will gain knowledge and enhance what I already have.
Never take anything for granted because tomorrow is not promised to anyone.
But I do want to thank Anthony for sending the email that made it possible for me to get the book. You are the man! Pretty interesting book so far. I will post a review of the book soon on Amazon.
My pleasure, Bill. It pays to be subscribed to the Magnetic Memory Method mailing list! 🙂
Very nice ideas, I recall similar ideas some years ago to encode and memorize passwords (pre Y2K). At that time, there was no mention of anchor associations, which I think is great idea. The wordchain method is in mnemonics theory and is great!
The problem though is that even if you have a password checker softwares say a password is 100%, there are tools that actually cracks word chain passwords faster than other password patterns that score 100%.
One trick a supposed cracker uses is knowing that the password is a mnemonic phrase and therefore can use a very small space of word phrases to test. This attack idea is not new. Here’s a link to an article about this from 2006. Even at that time, attacks against mnemonic wordphrases was not a new idea.
I can testify about attending a speech in 1996 where the speaker talked about this concept and the ins and outs behind cracking mnemonic phrases. And at that time I got the impression that even then the attack concept was not new, but the tools were better (faster computers, larger RAM ETC paved way for more software possibilities).
Still I think mnemonics is a must for password security , such as not having one or a few passwords for all your accounts
Thanks for this great contribution to the discussion, Pelle. I appreciate it very much and the article is fascinating.
Now that you mention it, a clever hacker who detects the use of a word chain that is only varied in small ways from account to account has lowered the amount of work needed to crack every other variation. That is a very useful point.
What I like in the article you gave is this example: A,pY!Ikh,H.
I think that using something like this as the basis for a password in a mental password manager would still be so unlikely to get cracked that you might get away with appending more to it for other accounts. For example, an account on Amazon could be A,pY!Ikh,Hamz#@! whereas an account on iTunes could be A,pY!Ikh,Hunz!@#. The trick is in keeping the kernel password absolutely safe.
But at the end of the day, fresh and unique passwords for each account will always be safest.
Another idea that all this brings to mind, though, is memorizing a code for decoding your passwords. For example, if you have a book of poetry where the lines have been numbered (like in a Norton Anthology), you could come up with a way of reminding yourself what various passwords were if needed by having them dispersed throughout lines and numbers of poetry that you’ve already memorized.
I’m not sure if that would increase or decrease cognitive load (which is normally the goal of mnemonics), but it’s worth thinking through. If you really knew a set of poems well, there’s the possibility to create a double-encoded system so that you could memorize both a set of passwords and the code you used to create the passwords. It would be a kind of password reminder system sitting on your shelf.
Of course, the missing conversation in all of this involves things like Alzheimer’s. I was reminded of it when speaking with some people at the local market this morning, so it may be worth not only having a double-encoded mental passwords manager, but also a trusted mnemonist friend or family member to share the burden of remembering at least the code in case something like Alzheimer’s or dementia shows up in the password holder’s life.
In all cases, these are important issues to be aware of I’m grateful you took a moment to share your experiences with this. Many thanks again! 🙂
Anthony, thank you for yet another wisdom-packed podcast. Can’t wait to read the password book!
My pleasure, Gabe. I look forward to hearing your thoughts about Brad’s new book! 🙂
Hi Anthony and Brad,
Very practical and helpful podcast.
NIST (https://www.nist.gov/topics/cybersecurity) has some good suggestions about password creation and maintenance that I like to use.
Here they are in a nut shell:
Passwords cannot be shared. This means that there must be just one user per user ID (account).
Do not allow anyone else to know your password.
Passwords must be at least twelve (12) characters in length.
Passwords must contain at least one digit, at least two alphabetic characters (uppercase and lowercase), and at least one special character (for example – !”/$%?&*()_+=:;.@)
Passwords must not be in a dictionary. This means no names, places, etc. from any language.
Passwords cannot be a person’s username forward or backwards.
No character may be repeated more than five (5) times.
Passwords must not be trivial, e.g. asdf, qwerty, etc.
Good passwords contain case changes and multiple words. (In fact pass phrases with numbers and punctuation can be memorable and secure.)
Passwords must be changed once every 90 days.
Passwords cannot be reused.
Passwords used for one computer system or accounts should not be used for other systems or accounts.
Remember that systems have varying levels of security and those passwords may be compromised.
If you suspect your password has been compromised, change it immediately.
I prefer memory palaces; however, but to keep your passwords secure, you can use secure software password managers (I like to use KeePass)
Thanks for the great run-down, Alex! I wonder why having any character repeated more than 5-times is bad? Not that I do it, but it seems like an unlikely candidate for giving a hacker an advantage over something repeated for times, i.e. 1%fJ1df&8991hdfh81.
What do you think about the blockchain? I can’t help but wondering if it’s going to make things easier or more complex when it comes to password management.
Thanks as ever for stopping by and adding perspective and knowledge. Much appreciated! 🙂
Repeating characters weaken passwords, such that they could be cracked faster by brute-force or other methods. Some Identity and Access sysadmins may even restrict users from using the same character twice! NIST refers to passwords as “memorized secret authenticators,” which is a very apt description.
The advantage of a blockchain is that it is distributed across many computing resources making it constantly available to everyone, and everyone can see what is going on, even though the information itself is encrypted. Any tampering is evident (forking,) and the entire block is refused. This is a disincentive because the originator of the tampered block loses value and trust (which in any value system has deleterious consequences – loss of bitcoins or other cryptocurrency among others.)
Blockchain can be used for other purposes – health or other records or legal documents – where confidentiality, integrity and availability (the fundamentals of cybersecurity!) are paramount.
In cybersecurity, passwords fall under the realm of Identity and Access Management (IAM.) Given the cybersecurity incidents and events that seem to occur daily, it appears to me that Brad and you are spot on when you refer to the far more cybersecure systems offered by magnetic memory methods.