CHAPTER FIVE
Pride is the Password
By the time we returned to the comfort of Baker Street the wind and rain were kicking up a storm, rattling the windows and obscuring the street lights in clouds of swirling yellow vapour.
Holmes busied himself with the fire while I perused the nearest bookshelf and sipped at my rum-laced hot chocolate. I selected a first-edition of Jane Austen’s Pride and Prejudice and came and settled myself beside the now roaring fire.
Holmes soon after came to join me, placing on his lap the jewelled snuff box that had been given to him so long ago by the King of Bohemia and opening the lid. I declined the heady concoctions that he proffered.
“The key to good cyber-security, my dear Doctor, is a secure password that cannot be guessed at or cracked.” Holmes drew his clenched forefinger and thumb to an expectant nostril and inhaled deeply.
“A good password should be at least 12 characters long and should contain a mixture of upper and lower case, numerals and symbols.”
“Not pets’ names or the birthdays of nephews?” I asked provocatively.
“Play Devil’s advocate if you must, my friend, but this is deadly serious.” Holmes paused to charge the other nostril. “No – on no account – use the names of pets or memorable dates – the very thing that a villain can find on your Facebook page.”
I could see that Holmes was secretly struggling to withhold a sneeze. He ploughed on staunchly. “And never use any word that you can find in a dictionary. On no account write down your passwords and do not store them in a dedicated password safe as the very existence of such a thing can draw attention in itself.”
“You are not leaving me many options, Holmes,” I told him.
Holmes thumbed his nose and placed the jewelled snuff box on the occasional table beside the fire. He looked deep into space for a moment, a penetrating intensity upon his sharp features.
“Make a note of this, Watson. Write down these letters – i-i-a-t-u-a-t-a-s-m-i-p-o-a-g-f-m-b-i-w-o-a-w. Got that?”
“Upper or lower case, Holmes?”
“Lower case. Now do you think you could memorise that?”
I scoffed. “Hardly, Holmes. Although I suppose that if I broke it down into sections and then memorised them one at a time, then I just might.”
Holmes stood up and chuckled as he began to pace the room.
“My dear fellow, anybody of reasonable intelligence can easily remember these characters. That book in your lap, Doctor. Please be so good as to open it at the beginning.”
I crossed my legs and sat back with the book open in my hands. My eyes fell upon the introductory passage.
Holmes stood facing the window, his hands firmly clasped behind his back and the rain beating a steady tattoo on the glass. “It is a truth universally acknowledged,” he declared, “that a single man in possession of a good fortune must be in want of a wife.”
“Good heavens, Holmes. Those are the very words here on the page before me. You have a prodigious memory to be sure.”
My friend came and settled himself before the fire once more. He leaned forward and rested his angular elbows firmly on his knees.
“We now have the initial elements of a secure password,” he told me. “And one that is wickedly simple to remember. After all this is one of the most memorable opening passages in English literature.”
“It sums up the plot nicely,” I added. “But I still don’t get it, Holmes.”
My friend laughed fit to bust. “Watson, my dear fellow, one takes the initial letter of each word and forms them together. Show me your screen.”
I held up my iPhone.
iiatuatasmipoagfmbiwoaw
“It is a truth universally acknowledged and all that. Clear as day.”
I was beginning to catch on.
“And there we have our starting point, Doctor. Now we must add to this some upper case, numerals and symbols.” Holmes swiftly snatched my ‘phone and set about adding the extra elements.
“See here, Watson. Now see what I have done.” Holmes handed me back my iPhone. I looked at the screen.
£iiatuata9sMipoagfmbiwoaW(@_@)
“You will see that I have added the British Pound Sterling symbol. I have added this for its rarity value. Not every hacker will think to use that.” Holmes scoffed.
“Then I have counted nine characters along and there I have inserted the number 9. I have capitalised the M for man and the W for woman because that, too, is simple to remember. And at the end I have added a particular ‘smiley face’. I rather think that it resembles an owl.”
“Dashed clever, Holmes, I must say but a bit of a mouthful, what?”
“If you want a password that can withstand even the most determined of
‘brute force attacks’, ‘dictionary attacks’ or ‘exhaustive key searches’, Watson, this is your only course of action.”
“I could always choose a shorter opening passage, could I not?”
“Yes, Doctor. But not too short. But it gets even more deviously clever.
We have here a means of passing on a password without having to actually spell it out.”
“How so?”
“Once the recipient understands the principle, Watson, you just need to mention any book that can be found on Amazon or other online book store that allows you to look inside and read the relevant line, thereby receiving the password.”
“Give me a practical example, please.”
“Suppose, Doctor, that I were to send you an email and happen to mention that I have just finished reading an entertaining book. You would be in the know, so when I mention Fear and Loathing in Las Vegas you then know to go look up the opening line.”
“I see.”
“And your password will be w-w-s-a-b-o-t-e-o-t-d-w-t-d-b-t-t-h.”
“Got it.”
“But, Watson, do not use the same password for everything. When it comes to higher levels of security – for your email or PayPal account – you need to devise unique passwords for each.”
“My heart sinks, Holmes. Must I remember still more?”
Holmes scoffed. “It is simplicity itself. Think of it this way – for your banking account select a book about banking or bankers. Bonfire of the Vanities by Tom Wolfe being a good example and again easy to remember. For your email, think of a poem or some such thing about love letters – letters being the key aid to your memory.”
“Yes, Holmes, I think I get it now.”
“Remember to change your passwords regularly and ensure that your browser does not automatically remember passwords. Look in Settings and untick Remember passwords for sites.”
“Should I be taking notes, Holmes?”
“Yes, Watson, I believe your readers will benefit from it.”
I swiftly sorted myself out and then pressed my friend to continue.
“When it comes
to filling in those online forms it rarely matters if the answers
are truthful or not, so there is little reason to give away
valuable information that might be used elsewhere.”
“Oh, that is crafty but won’t it lead to confusion?”
“Aside from tax returns and passport applications, it does not matter one jot. Apart from that, never – absolutely never – use your actual date of birth. This is one of the first things an investigator like myself looks for when tracking an individual. Equally, never give away your mother’s maiden name.”
I was suddenly abased.
“When they want to know things like your mother’s place of birth, your favourite food, first pet, and all that rot, there is a simple solution which gives absolutely nothing away.”
“What’s that?”
“Let me give you an example. You are filling in a form to join a club or go on holiday and they start wanting to know these things. When they ask What is Your Favorite Food? Write Hudson. To Mother’s Maiden Name write Hudson. First Pet? Hudson. Where Were You Born? Hudson.”
I shook my head.
“You can remember Hudson, it’s a doddle and you give nothing away.”
Holmes suddenly dived deep into his trouser pocket. He plucked out his Android and smiled at the screen.
“Watson, my dear chap,” he announced. “My ship has come in. I must be gone. We must end the tour here for today and – I am sorry to say – that you shall have to venture out again into this inclement weather.”
I gave an involuntary shudder.