Over the last few months at least in the streams of information I typically consume, direct issues: Security Now topic of Password Haystacks, xkcs’s comic, Coding Horror, and indirect: Scott Hanselman one and two. Have all commented on the issue around passwords and strength and the need for better passwords.

In this post I am putting forward a novel approach: which as an homage to GRC’s Perfect Paper Passwords and accordingly have titled my approach:

Let’s jump right in with a sample, here I’ve mocked up the very familiar facebook interface with a nice large textbox to put in your Perfect Password Paragraphs™.

Disclaimer: if you’ve gotten this far and haven’t begun to appreciate the humour I’m so sorry, please don’t send me hate mail.

Features:

• A big text area where with probable difficulty you have to type 100+ words to authenticate.
• Typographical errors are ok as long as they are consistent for you.
• A flow of sentences following a theme/style just needs to sound like the individual attempting to gain access.
• “Sound Like” is a trademark (patent indefinitely pending) of Josevski Research Corp, is the flux capacitor grade specialty of this authentication system.

Comparison metrics:

• Writing style
• Choice of punctuation, frequency of commas, periods, ect.
• Grammar choice.
• spelling (American vs British English).
• Consistency of spelling errors.
• Choice of tense (present, past, and future)

Future Features based on demand:

• International support.
• 1337 sp34k.
• Baby talk.
• Obscure localised slang.
• Pig Latin.
• iOS, Windows Phone 7 and Android Support.

Alpha product coming online in 6-8 weeks 😉