# Develop a Mental Password Generator Algorithm

hacks Jan 21, 2022
ðŸ’¡
Disclaimer: I am not a cryptologist! With that said, I am making no assumptions that these algorithms are secure. Use at your own risk!

# Alpha-Characters

## The EJOTY Sequence

In order to get started, we will have to remember and memorize the following word "EJOTY". Here's a mnemonic device to help you remember this sequence:

``````Elton John Owns Two Yachts
``````

In application, this sequence will be used to split the English alphabet into groups of five characters. For example:

1-4 5 6-9 10 11-14 15 16-19 20 21-24 25 26
a b c d E f g h i J k l m n O p q r s T u v w x Y z

In other words, this sequence will function as a search index to help you remember the numerical position of each letter of the alphabet. In this way, we can convert letters into numbers and numbers into letters.

To illustrate this, let's convert the word "secret" into a number sequence. Mentally, we can calculate this in the following way:

1. The letter "s" comes right before the letter "t". Using the "EJOTY" sequence, We know that the letter "t" is the 20th letter in the alphabet. The letter "s" comes right before the letter "t". Therefore the first number is 19.
2. The letter "e" is easy, it is the first letter of the "EJOTY" sequence and therefore equals 5
3. The letter "c" is also simple. It is at the beginning of the alphabet. Without much thought we can position it as the third letter and therefore equal 3.
4. The letter "r" comes before the letter "t". Using the "EJOTY" sequence, we know that the letter "t" is the 20th letter in the alphabet. Therefore the "r" is equal 18.
6. "t" is simple, it is directly part of the "EJOTY" sequence. Therefore "t" equals 20

We now have the following numbers:

``````19, 5, 3, 18, 5, 20
``````

Let's put all these numbers together into one string:

``````195318520
``````

Eventually and with enough practice, you will be able to discard the "EJOTY" sequence all together and be able to automatically remember the number which corresponds to the letter you wish to transform

## Character Prefixes and Suffixes

In order to differentiate single digit from double digit numbers, let's pad each single digit with a "0". For example:

``````secret = 190503180520
``````

This padding digit separates single digits from their neighboring numbers. Additionally, this "padding" digit doesn't have to be "0". Let's use something else... how about "\$"?

``````secret = 19\$5\$318\$520
``````

Our seed string "secret" is boring. Let's spice things up and add uppercase letters. For example "seCreT". We can translate this string by adding an additional prefix to our cipher text:

``````seCreT = 19050031805020
``````

In the previous example, we added an additional "0" to any letter that is uppercase. Who says this prefix has to be a zero? ... Wait, who said this has to be a prefix? Let's change things up and make this prefix a suffix and change it to "&".

``````seCreT = 190503&180502&
``````

Let's mix it up and use the following characters and positions with the same string "seCreT":

``````1. Single digit padding character: #
2. Single digit position: suffix
3. Uppercase character: ~
4. Uppercase position: prefix
``````
``````seCreT = 195#~3#185#~20
``````

# Numeric Characters

Letters should likewise be translatable into their numeric counterparts. Let's examine the following number:

``````93406513
``````

In order to translate this number into alpha characters, we will split each number into smaller groups of two. The first two numbers are "93". For this number, we need to check if the number is greater than 26, because there are 26 letters in the English alphabet. That means, any number greater than 26 won't have any letters to assign it. Since 93 this greater than 26, we need to split it once more into 9 and 3. The nine equates to the letter "i" and the three's alpha equivalent is "c". Following this pattern we compute the following cipher text: "icdFem". You'll notice that the f is capitalized. This points to the fact that a zero precedes the six in the number. A zero will serve as a place marker for upper case.

What if we have a combination of zeros "00"? A double zero will cancel out the capitalization. For example the number 1200308 will become "lcH". Trailing zeros are ignored e.g. 520400 = "ebD".

# Putting it Together

Now that we have a basic algorithm to obfuscate a simple text string. Let's practice:

Let's use the following characters and positions:

``````1. Single digit padding character: 0
2. Single digit position: prefix
3. Uppercase character: 0
4. Uppercase position: prefix
``````
``````PasswRd0123 = 016011919230184Aw
012PASS020a = Ab016001019019B01
``````

Let's try a different rule set:

``````1. Single digit padding character: ?
2. Single digit position: prefix
3. Uppercase character: (
4. Uppercase position: suffix
``````
``````cRaZy_PaSs = ?318(?126(27_16(?119(19
``````

As show above, you can define your own rule set and salt your passwords as you like. So now we can change plain text to cipher text in our heads. Let's discuss a strategies on how we can create passwords in the real world.

In this section I will explain strategies on how to generate passwords using domain specific data. Let's apply our new password generating skills to something practical.

## Domain Based Salt

For this example, we will create a fictitious email address and generate our password using our algorithm at the following domain:

``````Domain: example.com
``````

Let's first examine the domain name of our desired carrier "example.com". In creating our password, we'll take the first and last letters of the domain name and capitalize them: "EE". We can now combine them with our user name:

``````EnuxnikE
``````

The combinations and the position of each letter is only presented here as food for thought. The possibilities here are endless as far as choosing combinations. Think about it and create your own combinations.

"EnuxnikE" as our precompiled password. The lower case letters represent my user name and the upper case letters represent the two characters from the domain name. Now we put our finger tips to our forehead and calculate a new password.

``````1. Single digit padding character: %
2. Single digit position: suffix
3. Uppercase character: *
4. Uppercase position: prefix
``````
``````EnuxnikE = *5%142124149%11*5%
``````

## Time Based Salt

What if we want to change our password weekly, monthly or yearly? Well, there are plenty of ways to salt our password and spice it up. We can use the current week, month or year and add that to our precompiled password.

For example, let's say I want to change my password every month. Let's say the current month is April (fourth month). Let's add the month number it to our precompiled password and update our rule set:

``````1. Single digit padding character: %
2. Single digit position: suffix
3. Uppercase character: *
4. Uppercase position: prefix
5. Current month number padded with zero for single digits
6. Current month is placed in string depending on the actualy number of the month
``````
``````Enux04nikE = *5%142124D149%11*5%
``````

Here some other ideas for spicing things up.

1. User your birthday in combination with certain letters of the domain name.
2. Try compiling the password twice. This one doesn't work well for head calculations... Although it's not impossible - see book recommendations[2]. For example:
``````foo06bar = 006015015F002001018 = fAeAe106baAH
``````
1. Keep a static "precompiled" string you use with all your accounts and salt it with any variables you like.
2. Use hexadecimal, octal or binary characters in place of decimal numbers
``````hex:    seCreTz = 013 005 103 012 005 114 01A
octal:	seCreTz = 023 005 103 012 005 124 032
binary:	seCreTz = 010011 000101 100011 010010	000101 110100 011010
``````

NOTE: for the binary example, the starting 0 and 1 character denotes letter case... now that's long!

1. Add the number of characters in the phrase to the translated results:
``````seCreT = (019+6)+(005+6)+(003+6)+(118+6)+(005+6)+(120+6) = 025011009124011126
``````

# Thoughts

Here are two simple algorithms which can be done in your head:

1. Caesar cipher - If you already have mastered the the EJOTY sequence or have memorized the number positions of each letter of the alphabet, the Caesar Cipher is a simple algorithm to implement.
2. VigenÃ¨re cipher - This is an extension of the Caesar cipher which can yield more secure results than the Caesar cipher.

Here is a list of excellent books that outline techniques for improving your memory and cognitive ability. From personal experience, after reading these books and implementing the techniques, I noticed marked improvements. Check them out:

1. By stronger, I don't mean more secure â†©ï¸Ž

2. You might think it is impossible to calculate all this in your head. That's not true. Your mind is a muscle and it needs exercise. â†©ï¸Ž