Update: You can now get a t-shirt with the best bestest password.
Someone in my department forwarded a link to http://www.passwordmeter.com/ to our “noise” list. After we all entered out email and bank passwords into this site and evaluated them, I suggested that we use the site to find the bestest password – so that we could all use it. The bestest password of course would have to satisfy the following criteria: (1) be as short as possible, (2) get 100% on the passwordmeter.com, and (3) be totally cool. After improving on my committee members' email password “f33ltehtr0||z” (13 letters, 56% score), by turning it into “E3l.*|z!” (8 letters, 100% score), I came up with another one: “–:–|lI.!” Also 8 letters, still 100%, but so much more coolness. Let me show it off in all of it’s l33titud3:
I later managed to improve on this a little by introducing Unicode:
Or, the same thing drawn by hand:
Here is the second password getting approval of passwordmeter.com:
To be clear, those are all valid characters: a pipe, capital Turkish I with a dot (İ), capital Roman I, lowecase L, lowercase Turkish I without a dot (ı), lowercase L with a dot underneath (ḷ, used in transliteration of HIndi among other things), upper case Cyrillic Ӏ, and finally a period. Note that the Ukrainian Ӏ looks just like the Roman capital I but is a different Unicode character. This is important, since simply re-using “I” incurs a “repeated letter” penalty and the resulting score is nowhere near 100%. Yes, this password is very hard to type. On Ubuntu Edgy I can type 7 of it’s letters using the compose key (e.g., compose + . + i to enter the dotless Turkish ı), and the Ukrainian keyboard layout. I can’t enter the ḷ and had to copy and paste it. However, is one of the things that makes this password so strong! I mean: I can’t even type it myself easily!
So, here you have it: the world’s two bestest passwords. I'll have to decide which one to use for my email and which for my bank.
2008.04.26 update: I drew a version of the bestest password by hand since, to ensure that the letters are perfectly balanced and don’t come out as being of slightly different width. The new version is included above. I also entered it into the iSchool t-shirt contest for this year. If it doesn’t win, we'll be making a run of the bestest password t-shirts anyway. (Joe is already wearing one, but his uses the early rendering, which doesn’t look as pleasing to the eye.)
This is a joke. Please don’t actually use this password. And don’t use http://www.passwordmeter.com – their ideas about what makes strong passwords are kind of silly. More importantly, it’s not a good idea to put your passwords into random websites.