OrderedList

August 3rd »

« Webkit Font Smoothing

The Psychology of Happy Passwords

While at dinner on the 2010 LessCruise, I mentioned my belief in happy passwords to Alex and Brian. They both found it interesting and urged me to post about it, so here you go.

Several years back, when I worked at the Notre Dame, they required password changes every 90 days. Oh, and by they, I mean the Office of Information Technology (OIT). On top of the 90 day policy, they also did not allow you to reuse a password you have previously used.

One day in anger, I changed my password to “oitsucks” or some version of that. My password was linked to everything I did at work, so I typed it several times a day. As I typed it over and over for a few days, I noticed something. Each time I entered it, my mood, whatever it was, would become a bit tainted with anger.

Noticing that a negative password made me feel negative, I promptly changed my password to something that made me feel happy. At the time, I was quite enamored with Ruby on Rails and as such my password included rubyonrails in it.

I took note of my feelings before and after each time I entered my password and found my hypothesis to be true. Happy passwords make you feel happy and angry passwords make you feel angry. I remember laughing a bit when I realized this. From that day on, any password that I need to remember has included happy thoughts.

Next time you create a password, throw some happiness in it. You will not regret it.

12 Comments

  • Jim
    Jim July 19, 2010

    This is totally true. My passwords are always something positive and clever.

  • rachael depp
    rachael depp July 19, 2010

    Nice positivity! :) Love it.

  • Adrian Scott
    Adrian Scott July 20, 2010

    fun fun — and perhaps we can extend this to happy, intelligence-raising passwords… ;)

  • Pranav Ainavolu
    Pranav Ainavolu August 04, 2010

    Sooper… True indeed. :)

  • Lucas Teixeira
    Lucas Teixeira August 04, 2010

    :)

    Every time I time some pass like: x23VH2VDoGFV4H I became happier :D
    I agree with all you said, but ppl should not forget to mask it a little to prevent the password for being discovered…

    hapiness might became h4p1n3$$…. secure, and happy :D

    Great post!

  • John Polling
    John Polling August 04, 2010

    I was once setup a username and password for a test system by a colleague. They were both set to ‘happy’. Every time I typed them in the song “Happy Talk” by Captain Sensible popped into my head.

    Certainly made me smile :)

  • Chad Myers
    Chad Myers August 04, 2010

    In other news, everyone’s password is now “beerandsex” :)

  • Evan Kaufman
    Evan Kaufman August 04, 2010

    Just remember to obscure your happy passwords. If you’re using the name of your spouse, throw some leet into the mix. Marie might become m4ri3, and it might not seem like that much of a difference, but you will have just defeated a simple dictionary attack. (Now length is a whole other issue)

  • Josh
    Josh August 04, 2010

    Masking every letter seems rather silly, granted it doubles the amount of time to complete a dictionary, but you should definitely use a mix of lettercs if you choose that strategy. i.e. hap1ne$s. Even then its not a particularly secure password, but I suppose sufficient for normal uses

  • Sandeep Shetty
    Sandeep Shetty August 04, 2010

    It is 10 times more secure to use “this is fun” as your password, than "J4fS
    from http://www.baekdal.com/tips/password-security-usability

  • Vikash
    Vikash August 06, 2010

    Hmmm… very true!! I try to make passwords too complex using all the combinations…but opps sometimes I myself forget :)

  • Ronny
    Ronny August 07, 2010

    Hey, that’s a neat idea! Thanks :-)