How to hide numbers in plain sight
Alright, so one of the most important rules of password security is to never write it down. This is a very good idea, but not everyone has an amazing memory for numbers. Personally I can remember numbers quite easily providing I use them at least once every couple of weeks. But there are numbers, such as the pin code of a foreign bank account, that you may only use once a year.
Another example is accounts on websites. Since password re-use is a terrible idea (if one server is hacked, the hackers now have access to all of your other accounts), it becomes necessary to use a different password for every different service. One for each of your e-mails, one for your forum accounts, one for commercial websites you purchase goods from, etc. This can quickly become overwhelming.
So I’ve come up with a way of hiding important numbers such as passwords in plain sight.
What you will need is a small notebook, or even just a piece of paper. I carry around a piece of waterproof paper in my EDC, with all of my telephone numbers written on it. Family, friends, and emergency numbers. If you have quite a lot of them, this gives you the cover to sneak in one or two numbers that aren’t like the others.
The key to making this work is to make the number look like just a regular telephone number. Start with an area code, make sure you have the right number of digits, etc., but then somewhere in the middle sneak in your password. Odds are that when you see it you will instantly recognize it.
Another trick is to use the country dialing code. For example, if I want to hide the password of a card in a British bank that I use very rarely, I could start the number with +44 to remind myself of what it corresponds to. Of course, it’s best to have it in the middle of a bunch of other +44 numbers.
Writing passwords down is still a pretty bad idea, but if you’ve got to do it, at least this’ll be better than just writing a four-digit pin code that anyone can figure out is a match to your credit card. This way, at least the thief will have to be smart enough to try calling every one of those numbers, and see which aren’t real. And then guess which part of the phone number is your password (by which time your card may block itself anyway).
If you really wanted to go a step further, you could find genuine phone numbers that have a part of them that corresponds to your password. That way if anyone tries to call the number, they will succeed and won’t suspect anything.