Uninformed: Informative Information for the Uninformed

Vol 7» 2007.May

A More Complex MPF

By modifying the simple MPF above, complexity can be improved. Given the authenticating user and the authenticating system, an MPF with the following components can be constructed:

$\displaystyle <u>!<h\vert n>.<d,d,...\vert n,n,...> $

The more complex MPF contains three elements: $ <u>$ represents the first letter of the username, $ <h\vert n>$ represents the first letter of the hostname or first number of the first address octet, and $ <d,d,...\vert n,n,...>$ represents the first letters of the remaining domain name parts or first numbers of the remaining address octets, concatenated together. This MPF also contains another special character in addition to the exclamation mark, the period between the second and third element.

The above MPF would yield such passwords as:

  • "d!n.jng" for user druid at system neo.jpl.nasa.gov
  • "i!i.n" for user intropy at system intropy.net
  • "t!n.o" for user thegnome at system nmrc.org
  • "d!1.003" for user druid at system

The modified MPF contains two special characters which yields more complex passwords, however, the passwords are still variable length and may not comply with the authenticating system's password length policies. The example MPF is also increasing in complexity and may not be easily remembered.