The Π of passwords

March 14, 2015, Pete
Password & security

It’s Pi Day (3/14). And this year is even more special because it’s 2015, so we get Pi out to 4 digits 3/14/15. But wait – it gets even better. At 9:26:53 today, you’ll be able to celebrate Pi to the ninth decimal point: 3.141592653. That’s very coooooooool – even if you’re not into geeky trivia!

Last year, my niece was part of a school contest to see who could remember Pi out to the most digits. (I’m guessing that this is not an exciting spectator sport.)

Even though she remembered it out to the 111^th digit(!), she didn’t win. Not by a long shot. The winner had it memorized out to past the 300^th digit. Maybe they should make a movie about him.

Most of the time, trying to remember passwords is like trying to memorize Pi out to the 20^th digit (3.14159265358979323846 – from piday.org). It takes a lot of effort, and if you don’t keep practicing and repeating it, you’re going to forget it really soon. And, in the back of your mind, you’re thinking ‘why am I even doing this?’

It would be a whole lot easier if Pi was something like 3.14141414141414141414 repeating forever… but then it wouldn’t be magic, a circle wouldn’t be a circle, and there wouldn’t be any contests to remember lots of digits.

The same thing applies to passwords. Lots of times we choose easy passwords because we don’t see the purpose or importance of them and we don’t want to spend any effort in remembering something hard. Because of this, the tendency is to pick passwords that are easy to remember.

Just like with memorizing Pi, we have to practice using our passwords (when we regularly visit a site like checking our email on gmail) or else we forget them really quickly. That’s why we should use a password manager. It really is hard trying to remember random combinations of numbers, letters and special characters. Sticky Password will create the random password for you, remember it and enter it whenever you need it.

Too many sites force us to create a password for a one time visit or to protect information that really doesn’t seem important enough to protect. And so, instead of choosing something like 8Ls0fd-h)3@u4h as our password, we choose qwerty1.

And that’s where a password loses its magic, and security stops being security.

If you ask us, Π = 3.14. I wonder how many digits my niece remembers.

*This blog post was updated from a earlier post.