I'm going to be teaching an audience about algorithms. I'd like to give them one to create unique personal passwords for websites.
- They could start with the domain name of the site and their own secret "word".
- The algorithm would be simple enough to memorize. Failing that, they could sketch out my flowchart on the back of a business card or something else that fits in a wallet.
There are similar questions on this site; the given answers were, to me, even more opaque than a cryptographic hash.
But several have pointed to Blum's Human Computable Machine Unbreakable Hash Function (HCMU), as implemented here. The problems are (a) Blum said it would take an hour to memorize the algorithm, and (b) I can't read Python.
Is there a method that fits these criteria?
MAJOR EDIT: It occurs to me that I'm getting the wrong answers because I'm asking the wrong question.
My intent is not to give the class (adults, not children) a password algorithm. It's to show them how to create their own algorithms. That might mitigate the "leaked algorithm" problem.
I could say something like:
"You could use domainname.MySecretWord. That's a bad example, because [several obvious reasons].
A better way would be DomainName.MySecretPhrase.NumberOfLettersInDomainName, but ____
Ultimately, I'd end with something like
"Take these elements; decide if you want to add any additional elements; arrange them following these steps, but first decide the order you want to follow them in."
Is that better?