Enhance privacy with distinct passwords

We all know that our privacy is invaluable and we strive to keep it four ourselves but sometimes some of the service providers we rely on to keep our privacy safe are a bit careless.

Based on a short research about distributed password cracking I conducted a couple of months ago I was astonished how easy can a password be found using an word dictionary built using educated guesses. So I decided to take action for my own cyberlife.

According to howsecureismypassword.net my common-use password was quite secure… but then when I saw that some websites are not keeping it safe (in some cases not even encrypted), I decided I need to have a sort of password set in order to have a different password for each account, because if one shares the same password (or set of passwords) over most of the accounts, when one of them gets hijacked then all of the accounts are in jeopardy, hence the privacy can be violated completely.

So I started thinking about how to have dynamic passwords and still remembering them and which password belong to which account. Previously I used a password with 3 variations over different accounts.. for example in one variation I had a capital at a certain point, but even with those 3 variations sometimes I really went nuts trying all the combinations possible (since I have 3 email addresses which I interchangeably use do the math…)

While trying to find a common thing that I could relate each account to a password, a brilliant idea stroke me. Why not including something that represents the account into the password? What could be that? well all accounts have at least one thing in common, they all are on a so-called localhost address, that being the place where they are used.

So the dynamic password scheme could be achieved by having a static base password which will be common on all the accounts ( I suggest making the base pretty secure with capitals, numbers and special characters) + a salt that is generated from the account’s host name.
This technique is called password salting and is very common in Wi-Fi security.

So we are going to use a very simple salting:
static password: p@ssw0rd
salt: generated from the first 3 letters of the host name
general password: static password + salt
So if I make a google account following this scheme the password used would be: p@ssw0rdgoo
for a yahoo account the password would be: p@ss0rdyah .. and so on

You could make you own salting formula, but you should keep in mind that choosing a long salt might get you into troubles when trying to apply the formula on very short-named domains like x.org (can still be managed by adding a number of “default characters” until it has the same length as the other passords).

I am using this technique now for most of my passwords, and I will adopt it for all of them soon and it’s really painless. I am considering to apply this even to my computer password by using the computer name to generate the salt and why not event to offline applications or documents.

I hope this tip helps you secure your cyberlife and saves you from headaches while trying to remember tens of different account-password combinations.

How can scroll blindness be mitigated?

This article will be focused on “Scroll Blindness in Java”, maybe you can apply some of the techniques described in another context as well, if so let me know.

Since I started programming in Java, more than one year ago my code became exponentially bigger and most of the time exponentially cluttered, so screen blindness was obviously going to happen.
As I wanted to read more about this effect and how to reduce it as much as possible I did not find anything than some less or more detailed definitions of the term; so as I really wanted to avoid this effect as much as possible I decided to do my own research about this subject.

I started to analyze the structure of Java classes and built a sketch about where should everything be placed in order to be easy to find. Of course you might think that modern IDEs already have a “jump to declaration” or “jump to source” function that can quickly take you to what you want or a “quick overview” function that shows you a list of methods present in the current class and there is no need to think about how to manage your code. But what if what you want is not in front of your eyes right now? for example a small toString() method lost in a forest of other methods; Often this leads to screen blindness.

After a bit of researching and trying to recall what events lead to scroll blindness in the first place I came up with a template for my future Java classes’ structure, designed to reduce scroll blindness as much as possible:

scroll_blindness_in_java.pdf

This is an early stage of my template which I am going to improve as I get feedback and insights while using it. Feel free to try it and tell me what do you think about it.

Hello CyberSpace!

By writing these words I finally make the first (official) steps into the vast cyberspace. I planned this a long time ago, and these days I eventually force myself to spare some time and a minimal drop of resources and got myself this beast CMS platform which I eventually managed to tame a bit. I am still finding myself lost into it’s tentacles but I’ll manage to get to know it better in a couple of days.

Right now the look and feel of my website is ok but not what I really want to be, so wait and see improvements as my learning curve spikes up.

And in the end I’ll like to say to everyone “living” in this neighborhood : “Hi, I’m your new neighbor, glad to meet all of you and hope we can get along pretty fast!”.