The Free Way To Never Forget Your Passwords
EasyPassCard was created by myself (Jonathan) to help my elderly parents with their passwords back in 2016. I noticed over time that they were writing passwords down in a book which was a huge security risk. As such, I created a Password Card which they have been using ever since.
Now that I have some spare time, I thought I would share this with everyone so you too can make the need to remember passwords a thing of the past.
The card to your right is actually a usable generated card (one of 2,070 trillion unique card IDs possible, assuming my maths is correct!) which you can use straight away. Don't like the letters? Simply refresh this page for a new card. Alternatively, you can read below for more information on how it works.
 |
Card ID : A58313807823709044318 |
| Letter | Key | Letter | Key | Letter | Key | Letter | Key |
| A | Gt(2 | H | Ga_2 | O | Yz(2 | V | Ks+4 |
| B | Nb#9 | I | Cx&4 | P | Fh-5 | W | Yh%6 |
| C | Et#6 | J | Qm^4 | Q | Kn&8 | X | Lv=5 |
| D | Cs@6 | K | Mj&8 | R | Bf(1 | Y | Al#4 |
| E | Ar#6 | L | Db(1 | S | Wb=2 | Z | Jv%5 |
| F | Zr!3 | M | Yx&0 | T | Ci)8 | ||
| G | Bu^9 | N | Aa$0 | U | Ls$3 | ||
| V1 |
How To Use The EasyPassCard
One of the main requirements for this card was for anyone to be able to use it regardless of their technical ability whilst also remaining incredibly secure. To use the card, you simply do the following:
- Take the first 3 letters of the website domain e.g. 'eba' from 'ebay.com'
- Using the table on your card, convert the 3 letters to keys e.g. 'eba' would be 'Sf$8' (for E), 'Pw%2' (for B) and 'Cu_6' (for A). You now have the 1st part of your password 'Sf$8Pw%2Cu_6'
- Chose a secret word only you will remember. This will be used on the end of all of your passwords. e.g. if your secret word was 'Music' your password would be 'Sf$8Pw%2Cu_6Music'.
Why is this more secure?
The main ways that people will get their website accounts compromised is usually through one of the below methods:
- The person has used the same password on another site before.
- The person has used a weak password that was easy to brute force.
- The person's device has been compromised and a key logger or equivalent piece of software on the user's device records the password entered.
- The person's device has been compromised and saved passwords are copied from the device by the hacker.
- The person saves the passwords using an online account which is then compromised (e.g. user stores passwords in a google account and a malicious user gets access to their google account).
- Whilst not as common as the above, the person wrote the passwords down in a book which is then lost or stolen or they've written them on stickers on their device.
The Easy Pass Card eliminates most of the above possibilities with the exception of number 3 (sorry, that can only be solved by a good virus scanner). You don't use the same password for all of your logins. Your password is strong and difficult to brute force. No passwords are saved on your device or in the cloud and if anyone got hold of your EasyPassCard, they would still need to guess your secret word.
What if I lose my card?
This is where your card's ID comes in. As long as you write this down somewhere safe, you can come back to this site and regenerate your card using the box below.
But what if I lose my card ID?
Without the 12 digit card ID, there is no way to re-create your card. As such, always make sure to keep this safe. In this instance, you would need to reset your passwords using the website's forgot password feature.
Regenerate my card
To regenerate your card, simply enter your card ID below then click the 'Generate Card' button.
Potential Weaknesses
The main aim of this card is to remove the majority of ways a user would get their account hacked. While the card does achieve this, there are some drawbacks. The main one being that there is a pattern e.g. you are using the 1st, 2nd and 3rd characters of the website address to create the 1st part of your password. Whenever you include a pattern into password generation, you create a weakness. While this by itself is not an issue, should one website you use your EasyPassCard on get hacked, the hacker would have the password for any other site that shared the exact same first 3 letters of the domain. For example, lets say you used your card on ebay and ebay ended up compromised by hackers. Assuming ebay hadn't taken the correct precautions (highly doubtful since they are very security conscious) and encrypted your password, the hacker would then know 3 parts of your password keys. If they're smart, they may even be able to link it to this site and realise how the EasyPassCard works. From that, they could, in theory, look for other websites that share the same first three letters and in turn share the same login.
Whilst the above is unlikely, it's still a possibility and as such, something to be aware of. The only way to eliminate this would be to remove the pattern aspect from the password creation. However, if I did that, you would simply be back to square one having to remember lots of complicated passwords. For me and my parents, this risk is insignificant compared to the chance of their PC being compromised or a password book being stolen.
It's worth noting that you don't have to use the 1st, 2nd and 3rd character of the domain to generate your password (it could technically be any of them e.g. 1st, 3rd and last character). This on its own would help increase the security as the hacker would not know which letter corresponds to which 'block' of password keys. Want to take it to the next level? Why not have an EasyPassCard for each website?
Taking the above into account, using the EasyPassCard as it is would in most cases result in the end user having a stronger password than they currently have and help keep them more secure.
Buy me a coffee
If you find the EasyPassCard helpful in any way, please do consider sharing the love and buying me a drink using the donate button below.
Disclaimer
EasyPassCard was designed to help make the internet that little bit more secure for my parents and it can now do the same for you. However, you use EasyPassCard entirely at your own risk. I can not be held responsible or liable for any problems, damages, issues or anything relating to using this card. You use the EasyPassCard entirely at your own risk and by downloading or using a generated card, you are accepting those risks.
Bonkers that I have to add this to the site but it would be just my luck that someone tries to sue me for some reason!
Also, I am building an app which can be found at https://easypasscard.com/app-release.apk. This is still in development but has now reached the stage where it functions well enough for me and my family to use. As such, if you wish to try it, feel free but you do so at your own risk / no warranty . Any damaged caused by the app is your responsibility. No warranty is offered in any form.