leet encoding

A form of encryption commonly used these days by the geek/internet-friendly crowd as a standard for personal password compliance with stricter unix-style password requirements.

Basically, what commonly happens is one is overflowed with many, many passwords to keep track of. Especially if one is a university student. Even moreso if one is an internet user¹. So people tend to have a very small set of passwords. Sometimes, these passwords are less than secure, especially by the stricter standards some unix boxes will enforce².

So, enter leet encoding. This is commonly an encoding technique applied to either legacy passwords or sight-generated passwords. Basically, you take said insecure password, and replace every applicable letter with its alternate equivalent in the leet alphabet.

Quick, simple, easy to remember, and most importantly, will make the command prompt stop harrassing you. Of course, this isn't a good way to salvage a previously compromised password, as it's a very easy mental filter to apply for anyone, but as long as the source password wasn't blatantly obvious³, it'll do, pig. It'll do.

---

¹ Which I'll assume you are, seeing as you're on everything2 presently.
² Enfocing such rules as: Cannot be a straight-up dictionary word. Should have lower-case, upper-case, numerics, and special characters. Etc...
³ Like, say, being the same as your user account name. Dolt.

1337 3mk0d1n9 ("Elite Encoding", encoded) works because every user has their own variations and level of encoding (which can be consciously or unconsciously varied by the user). In addition, individual organisations and geographic areas will have their own encoding just as they have their own jargon. Some extreme examples for the (fresh) sight-generated password "ultrasparc":

V17r4$p4rk

(capital-victor) (numeral-one) (numeral-seven) (small-romeo) (numeral-four) (dollar sign) (small-papa) (numeral-four) (small-romeo) (small-kilo)

U!+r@5q@r(

(captial-uniform) (exclamation mark) (plus sign) (small-romeo) (at sign) (numeral-five) (small-quebec) (at sign) (small-romeo) (open parenthesis)

And for "microsystems":

W!<r05x$t3w5

(captial-whiskey) (exclamation mark) (&lt;) (small-romeo) (numeral-zero) (numeral-five) (small-x-ray) (dollar sign) (small-tango) (numeral-three) (small-whiskey) (numeral-five)

muSvs7#/\/\s

(small-mike) (small-uniform)¹ (captial-sierra) (small-victor) (small-sierra) (numeral-seven) (hash) (forward slash) (backslash) (forward slash) (blackslash) (small-sierra)

---

Some rules (in the form of regular expressions):

1. Capitalise start of words
2. s/u/v/ & s/v/u/
3. (s/l/1/ or s/l/!/) or (s/i/1/ or s/i/!/)
4. s/t/7/ or s/t/+/
5. s/a/4/ or s/a/@/
6. s/s/$/ or s/s/5/
7. s/p/q/
8. s/c/k/ or s/c/(/ or s/c/</
9. s/m/w/ or s/m/n/ or s/m/\\/\\\\/\\/
10. s/o/0/
11. s/y/x/ or s/y/v/
12. s/k/x/
13. s/e/3/ or s/e/#/
14. Break rules frequently!

---

Leet Encoding isn't necessarily harder to crack on a user-by-user basis using social guesses; unless a user is very foolish there are too many unencoded words to try. However it should significantly increase the time required for brute-force techniques on a single account or an entire password file.

If you enjoy mnemonics, passwords generated by this method can be much easier to remember than other password paradigms. Plus it's the one time you can use the Leet Alphabet without being embarassed. :) A major draw-back is the difficulty of pronouncing the password.

---

1: s/micro/mu/