Creating a mnemonic device involves

How to Create Mnemonic Devices That Help Your Students Remember – CourseArc

Skip to content

Students can often feel overwhelmed by the extent of new information and concepts that they are exposed to throughout a course. As an instructional designer, it’s your responsibility to help learners remember and retain key information and take-aways from your courses.

One handy set of memory tools are known as mnemonic devices.

What Are They?

Mnemonic devices are helpful memory cues that are often made up based on the specific details of the lesson at hand. They’re often funny (and sometimes outrageous), which helps create an indelible memory association between concepts and retention.

One of the earliest mnemonics that many children are exposed to is this rhyming couplet:

Thirty days hath September,
April, June, and November

By re-phrasing the problem of remembering the number of days in a given month into an easily recalled rhyme, you’ve given learners a simpler way to remember which months have 30 days — and, by extension, which months don’t.

When developing your course content, you can include mnemonics to help your students relate to, learn, and remember new information. Here are four practical methods for devising mnemonic devices in real-life situations.

Mnemonic Acronyms

If your lesson involves a checklist of information, you can introduce an acronym to help students remember the content keywords of that lesson.

For example, if you’re conducting workplace training on “how to deal with a fire on the factory floor,” you can create an acronym that covers the proper sequence in which they should respond to a fire: RACE – Rescue, Alarm, Confine, Extinguish. (In this case, the acronym also creates a word that directly relates to the urgency of the situation, which is even more aesthetically helpful.)

Mnemonic Phrases

Where an acronym works by distilling many words into one single word that’s easier to remember, a mnemonic phrase accomplishes the same goal by creating a matching sentence in which the first letter of each word matches the first letter of the words you want your students to remember.

For example, there’s a proper order in which mathematical functions should be executed, and complex problems containing multiple operations can confuse students — “Which operation should I complete first?” To help students in the U.S. remember the the correct order of operations, math teachers have long used the mnemonic phrase “Please Excuse My Dear Aunt Sally” = Parentheses first; then Exponents; then Multiplication; then Division; then Addition; then Subtraction. (Not all devices are perfect, though. Here’s a reminder that this famous phrase still leaves out one important rule that results in some students forgetting a basic step.)

Mnemonic Rhymes

As proven by our “30 days” example, rhymes can be a potent memory training tool. But don’t feel obliged to write poetry every time you have a complex lesson to teach. Even something as simple as rhyming pairs can help students remember key information.

For example, if you are tasked with developing a training orientation for a supermarket or department store chain, you’d need to help new employees remember where every item in the store is shelved. Here’s where rhymes may come in handy: “one is bun” may help them recall the aisle where breads and bakery items may be found; “four is door” could refer to door knobs, hinges, and door-frames; “nine is wine” for liquor and spirits, etc.

Mnemonic Associations

Any aspect of the words in your lesson can be used in a mnemonic acronym, phrase, or rhyme, but these basics can be taken a step further by using mnemonic principles to remind students of a hierarchy among steps or items in a set.

For example, if a course for contractors teaches them that the best practice for a particular repair is: “use wood first, and if that’s not available, then use wrought iron,” a mnemonic association to help students remember that hierarchy is:

If I could, I’d use Wood
But if not, I’ll use Wrought

Use Your Imagination

Each course you design will have specific content that lends itself to unique mnemonic devices, so you’ll have plenty of opportunities to get creative in how you link your lessons to memory aids.

In some instances, key learning concepts can be re-phrased into lyrics of familiar songs; in other cases, you can create visual flash cards or crossword puzzles to help with relation and retention. Remember, the more outrageous, amusing, or surprising a mnemonic device is, the stronger its impact will be on students’ memories — so, really, the sky’s the limit!

Or, as we could say…

In any mnemonic delicatessen,
The stronger the cheese is, the stronger the lesson

(Okay, so that one was pretty bad… but you’ll remember it longer than you ever wanted to. Mission accomplished!)

Got a Great Mnemonic Example of Your Own?

Feel free to leave your own examples in the comments. Maybe you’ll help a fellow teacher find a new way to help students remember something critical!

BONUS: if you need help finding words that rhyme, Word Hippo is a handy site to bookmark.

Image: “Word” by Dovydas Čiomėnas, via Flickr Creative Commons license

Recent Posts

  • A Few of our Favorite CourseArc Features
  • Why Accessibility-First Will Always Be Our Focus
  • Employee Buy-In for New Technology Adoption
  • Creating Better Content with Lessons Learned from Brain Research
  • Traits of Adult Learners


  • Accessibility
  • Case Studies
  • Course Creation
  • CourseArc
  • eLearning Tools
  • Equity in Education
  • IMS Standards
  • Instructional Design
  • Learning & Development
  • Online Learning
  • Q&A
  • WCAG


  • eLearningLearning:
Page load link

Go to Top

Mnemonic Devices: Types, Examples, and Benefits

Mnemonic devices — like acronyms, chunking, and rhymes — work by tapping into how the brain naturally stores data.

If you’re like most people, you probably get frustrated when you can’t remember the name of your new co-worker, a friend’s phone number, or even why you walked into a room.

But memory shortages can feel even more frustrating when you have to recall large amounts of information, such as the state capitals or the bones in the human body.

This is where mnemonic devices can come in handy — as tricks to easily memorize things.

You’ve used a mnemonic device if you’ve ever used a rhyme or a song to help you memorize something. It’s simply a fancy word for a memorization tool.

Through various tricks, mnemonic devices can help you remember anything from phone numbers to long lists to other things that would be otherwise difficult to remember.

Share on PinterestDesign by Wenzdai Figueroa

There are several types of mnemonic devices, and many of them overlap in how they work. Below are five of the most common types of mnemonic devices:

  • acronyms and acrostics
  • association
  • chunking
  • method of loci
  • songs and rhymes

Acronyms and acrostics

An acronym is a word created from the first letter of a group of words or names. For instance: HOMES is an acronym for the five Great Lakes:

  • Huron
  • Ontario
  • Michigan
  • Erie
  • Superior

Some words we commonly use as “stand-alone” words are acronyms. For example:

  • radar (radio detection and ranging)
  • laser (light amplification by stimulated emission of radiation)
  • scuba (self-contained underwater breathing apparatus)
  • gif (graphics interchange format)

An acronym doesn’t even need to be a “real” word — as long as it sounds like one. For instance, many government agencies use acronyms, such as NATO (North Atlantic Treaty Organization) or NASA (National Aeronautics and Space Administration).

You can also use acronyms as mnemonic devices in day-to-day situations like grocery shopping.

For example, if you need to remember to buy pasta, apples, cilantro, and eggs at the store and you don’t have a way to write a shopping list, you may easily forget some random items. Creating the acronym (and word) “pace” from the items’ first letters and thinking “pace” as you walk through the grocery store may help you remember all the items you need:

  • pasta
  • apples
  • cilantro
  • eggs

An acrostic is a similar mnemonic device, but it can be a sentence or a whole phrase instead of just one word. For example, you’ve likely used a phrase similar to “My Very Educated Mother Just Sent Us Nine Pizzas” to help you remember the nine planets and their order in our solar system:

  • Mercury
  • Venus
  • Earth
  • Mars
  • Jupiter
  • Saturn
  • Uranus
  • Neptune
  • Pluto


Association is a fairly easy technique to help you remember new information. The idea behind it is that it’s easier to remember new information when you link it to something you already know well.

For example, if you have a new co-worker named Todd and an uncle with the same name, you could imagine your co-worker with glasses, a mustache, and a pencil behind his ear — like your uncle Todd — to help you remember your co-worker’s name.

Similarly, suppose you’re trying to remember that the scientist who invented calculus and discovered the laws of gravity was Isaac Newton. In that case, you could imagine your friend Isaac eating (and dropping) a Fig Newton while doing math.

The stranger and sillier the scenario, the more likely you’ll remember it.


Chunking is a mnemonic device in which you break down information into bite-sized “chunks.” Two common examples of chunking are phone numbers and Social Security numbers. Most people divide both of these long numbers into three sections.

Chunking allows the brain to memorize more information than usual. According to the late psychologist George A. Miller, the average short-term memory capacity is about seven items, plus or minus two, depending on the person. Miller also suggested that verbal short-term memory capacity is determined by the number of chunks stored in memory.

Chunking comes in handy when memorizing random items, such as a password. For instance, trying to memorize P3850tf21 would be quite difficult. But if you break it down: P38-50-tf21, it becomes a lot easier.

So why does chunking allow more items to be stored in the brain? Research from 2021 suggests that chunking may be a long-term memory function. Therefore, chunking allows people to tap into their long-term memory function to extend the capability of their short-term memory.

Method of loci

The method of loci — sometimes called the “memory palace technique” — involves remembering items based on their locations.

According to legend, the Greek poet Simonides of Ceos temporarily excused himself from a large banquet to speak with someone outside. Soon after he left, a disaster ensued, and the entire structure collapsed on everyone inside. The scene was chaotic, and even family members could not identify the bodies.

However, once the debris was cleared, Simonides was able to help identify the dead correctly because he remembered exactly where each person had been sitting. This story is commonly retold as an example of how to recall large groups of items.

For example, your grandmother has asked you to stop at the store to pick up five random items:

  • a scented candle
  • flip-flops
  • paper towels
  • honey
  • a purple flower pot

You don’t have any way to write down the list and need to memorize it.

To use the method of loci, try the following:

  1. Imagine an area you know very well, such as your home.
  2. Imagine each item’s exaggerated or silly form placed somewhere in your home.

In practice, this may look something like this:

  1. Imagine arriving at your front door and seeing a large flickering candle there.
  2. As you mentally walk inside your house, you “see” a pair of flip-flops hanging from the air conditioning vent.
  3. Then you imagine your brother holding a paper towel roll in the family photo on the wall in the entryway.
  4. You enter the kitchen and see a large honeycomb dripping with honey and swarming bees on the kitchen countertop.
  5. The honey is dripping into a purple flowerpot below.

Songs and rhymes

Songs and rhymes are very effective mnemonic devices. Most young children are taught to remember the entire alphabet — 26 random letters in a row — by reciting it in a simple rhyming tune.

Songs and rhymes work for adults as well. Just think of how easily you sing along when an old song comes on the radio.

Singing can help with many types of learning. Research from 2013 shows that a foreign language can be more easily memorized when put into a song. A 2021 study also indicates that singing may improve memory and well-being in people with dementia.

Research from 2019 shows that learning is more efficient when people use mnemonic devices. These memory tools work by tapping into how your brain naturally stores data.

Below are some of the advantages of using mnemonic devices:

  • You become an active learner when you sort the information in a way you can remember.
  • Mnemonic tools allow you to recall large amounts of information that would be incredibly difficult to remember.
  • You’re able to quickly retrieve information from your long-term memory.

Mnemonic devices are useful learning aids when memorizing large amounts of information.

Using memory-boosting tools, such as loci, chunking, or rhyming, can make learning much easier and even fun. So you don’t have to despair if you’re being tested on the state capitals or the periodic table.

Mnemonic formulas for remembering passwords

The MFP effectively helps you avoid many of the insecure situations associated with choosing and using complex passwords.

I)ruid, CISSP [email protected]


There are a huge number of information systems in the information technology industry today, each with its own authorization scheme. Even if single sign-on and multi-system authorization are used, systems belonging to separate management domains are likely to be used by users with different levels of access within a single space. Because of the complexities involved, and because of the multiple requirements of the authorization process, users often have to deal with multiple credentials required to access different systems. This leads to insecure situations related to password selection and management. This article takes a closer look at some of the challenges faced by users and administrators of authorization systems that use passwords. The author also analyzes modern approaches to alleviate such difficulties, and ultimately presents a new method of password management, referring to mnemonic formulas for remembering passwords.

1) The essence of the problem

1.1) A large number of authorization systems

Today, in the information systems environment, there are a huge number of independent authorization systems. Even if many systems in separate management domains use single sign-on methods and multisystem authorization, users are likely to use a large number of systems with separate management domains on a regular basis. Even the most common users who work with an average number of information systems can interact with more than six separate authorization systems per day. Online banking systems, corporate web and database systems, e-mail systems and social networking sites are just a few of the many systems, each of which may use its own user authorization method.

Due to the sheer number of authorization systems, many end users have to deal with the multitude of passwords required to log into these various systems. This leads to a large number of insecure situations related to the choice and management of passwords.

In addition to the proliferation of insecure situations related to the choice and management of passwords, successful attempts at combining authorization and cryptography have caused a sharp increase in the number of attacks directed against authorization systems. While recent breakthroughs in computing power have made short passwords of six characters or less (regardless of the complexity of their content) vulnerable to brute-force attack, conventional methods of attack against storage programs passwords or authorization systems, cryptanalysis and direct guessing are less and less used, giving way to literally intelligent guessing of passwords. This guessing can use optimized dictionary attacks, guessing based on the user's information environment, attacks targeting additional credentials requested by the authorization system, such as smart cards and token devices[s1], and attacks targeting interaction between users and systems.

Due to these factors, user passwords are the weakest link in any authorization system.

1.2) Managing a large number of passwords

The two most serious password authorization problems are directly related to the user and how he stores his passwords. First, if users are not allowed to write down passwords, then they tend to choose light passwords, which tend to be much easier to crack than complex ones. In addition to using weak passwords, users tend to use the same passwords repeatedly in different authorization systems.

Users find it incredibly difficult to remember predefined random passwords and passwords of higher complexity that they have chosen by prescription. If they are allowed, users can write down the password in an insecure place, for example, they can stick it on the monitor or write it down in a notepad lying on the desktop. On the other hand, they can store the password in a safe place, such as an encrypted file on their PDA. However, the user can just as easily lose access to the stored password: they can forget the password to the encrypted file, or the PDA can be lost or stolen. In this case, the user will have to contact the administrator to initiate the reset of the old password.

1.3) Poor password choice

When it comes to their own devices, users usually don't choose complex passwords, but use words that are easy to pick up from a dictionary - they do this because such passwords are easier to remember. Sometimes the user may attempt to complicate the password by putting two words together or by adding a number. In many cases, the selected word or words will be related to the user or located in the user's own information environment. This environment may include, for example, the pet's name, phone number, or date of birth.

These types of passwords require much less effort to crack than brute-force attacks. When using an optimized dictionary attack method, the most common words and phrases are substituted first, which usually leads to a successful completion of the attack quickly. Due to the high success of this method, most modern attacks on authorization systems are aimed primarily at guessing the password before using direct guessing or launching an attack based on in-depth analysis of the authorization system itself.

1.4) "Stupid" forgetfulness

When a user cannot remember their password (usually because they have too many passwords to remember, or because the system's password complexity requirements were too hard to keep the password easy to remember), many authorization systems provide a mechanism that the author called "foolish forgetfulness".

When a user is "stupidly forgetful", they are asked a reminder question that they usually have no trouble answering. If the answer to the question was correct, then the user is usually given a choice: enter a new password, receive the old password by e-mail, or use some other password recovery method. When this type of recovery is used, it significantly reduces the security of the authorization system, since the strength of the password is much greater than that of a simple question. After all, the answer to this question can be obtained even from public sources.

1.4.1) Case Study: Paris Hilton's Dog Lets Her Owner Down

A much-publicized user-environment attack recently took place, targeting Hollywood celebrity Paris Hilton whose phone was hacked. The question on her carrier's website that had to be answered in order to get her account password was: "Name your favorite pet." Probably too many celebrity fans will easily remember the answer to this question, not to mention the fact that the star's fan websites, Internet forums and tabloids, which most likely have this information, are available to anyone who wants to receive it. . So the attackers simply showed “stupid forgetfulness” and reset the password to the Hilton account on the operator’s website, which allowed them to gain access to her mobile device and the information on it.

2) Existing approaches

2.1) Write passwords

passwords. He stated that the password security method, which prevents users from writing down passwords, is absolutely wrong. Instead, he voiced support for allowing users to write down passwords. The reason for this statement was an attempt to solve one of the problems discussed above: when users are not allowed to write down passwords, they choose passwords that are easy to remember (and therefore easy to crack). Johanson believes that if users are allowed to write down passwords, it will give them the opportunity to use passwords of a higher level of complexity.

Mr. Johansson is right in pointing out some of the problems with password security, but his approach to tackling this difficult issue is not only short-sighted, but also limited. His solution assumes that users will no longer need to remember a large number of complex passwords, but also implies that there will be insecure situations associated with written passwords, which are purely physically less secure, and tend to be lost, which makes it necessary administrator intervention to reset the password.

2.2) Mnemonic passwords

A mnemonic password is a password that is easy to remember using a mnemonic device—say, creating a password using the first letters of an easy-to-remember sentence, poem, or song lyrics. An example is the first letters of each word in a phrase, such as: “Our Tanya is crying bitterly, she dropped a ball into the river”, which in the form of a password will look like “NTgpuvrm”. For mnemonic passwords to be usable, the user must be able to easily remember the phrase.

Previous research has shown that passwords made up of phrases, as in the example above, are similar in complexity to passwords made up of random characters. Mnemonic passwords have the same drawback as regular passwords, namely that users can reuse the same password across different authorization systems. In addition, such passwords are often created using well-known passages of text from famous literary works or song lyrics. Special dictionaries for guessing passwords have been developed, containing a large number of such mnemonic options.

2.3) Advanced Security Mnemonic Passwords

Advanced Security Mnemonic Passwords (MSMPs) are passwords made from simple words that the user can easily remember, but these passwords use mnemonic substitutions to make the password more complex. Replacing Latin letters with similar numbers and symbols (Leet language) is a simple example of this method. For example, converting the passwords "beerbash" and "catwoman" in this way would result in passwords like "b33rb4sh" and "c@w0m4n" respectively.

A problem specific to MPPB is that not all passwords can be converted using this method, which limits either the choice of available words or the quality of password complexity. In addition, MPPBs are based on transformations of easy-to-remember words or groups of words contained in dictionaries. Attackers have developed various dictionaries for guessing passwords based on transformations, for example, on the above-mentioned replacement of Latin letters with similar numbers and symbols (the Leet language). As with mnemonic passwords, highly secure passwords can be reused in many authorization systems.

2.4) Phrase passwords

Phrase passwords are the most acceptable variant of mnemonic passwords. Compared to regular passwords, phrase passwords are easier to remember and are much longer, making the password much more resistant to brute-force attacks. Phrase passwords are more complex because they use upper and lower case, spaces, and special characters such as punctuation and numbers.

However, phrase passwords can also be problematic. Many authorization systems do not support long passwords, so passphrases are not universally applicable. As in the case of the methods discussed above, the same passphrase can be used repeatedly in many authorization systems.

3) Mnemonic formulas for remembering passwords

3.1) Definition

A mnemonic formula for remembering passwords, or MFP, is a mnemonic technique that involves the use of a predetermined, easily recalled formula for quickly generating passwords based on knowledge of various contextual information available to the user.

3.2) Properties

When using a well thought out MFP, the resulting password should have the following characteristics:

- Seemingly random sequence of characters.

- The complexity and length of the password are sufficient to ensure resistance to hacking.

- Ease of recall to memory by a user who knows the formula and target authorization system.

- Uniqueness for each user, access class and authorization system.

3.3) Formula development

3.3.1) Syntax

For the purposes of this work, the following formula syntax will be used:

- : An element that is completely replaced by some known object denoted by X.

-| : When used in an element enclosed in angle brackets, indicates an OR selection of a value.

- All other characters are constant.

3.3.2) Simple MFP

To understand the principle of MFP, consider a simple formula. If you have information about the user being authorized and the authorization system, you can use a formula similar to the one below. The formula contains two elements: a user and a target system, which is identified by either the hostname or the most significant octet of the IP address.


Using the above FFP, you can get passwords such as:

 - "druid!neo" for user druid on neo. 
 - " intropy!intropy" for the intropy user on the system 
 - "thegnome!nmrc" for thegnome user on the system 
 - "druid!33" for the druid user on the system 

With this simple MFP-scheme, a rather long and easy-to-remember password containing a special character is obtained. However, this scheme cannot create really complex passwords. A targeted attacker can use the username and hostname as one of the first dictionary combinations in a brute-force password cracking. Because only the host name or the last octet of the IP address is used as part of the scheme, there may be a situation where the principle of a unique password for each system is violated. If the same user has an account on two servers whose names start with "www", or on two servers with the same value of the last octet within two different subnets, then the passwords will be identical. Finally, passwords generated using the above formula vary in length and may therefore not be suitable for any authorization system that implements a policy of limiting the number of characters in the password.

3.3.3) Advanced MFP

By making some modifications to the simple MFP discussed above, the complexity of the password can be significantly increased. If you have information about the authorized user and the authorization system, you can use the following MFP:


The MFP contains three elements : represents the first letter of the username, represents the first letter of the hostname or the first digit of the first octet of the address, and represents the first letters of the remaining components of the name domain or the first numbers of the remaining octets of the address concatenated together. This MFP also contains another special character besides the exclamation point, the dot between the second and third elements.

Using the above FFP, you can get passwords such as:

 - "d!n.jng" for the druid user on the system 
 - "i!i.n" for the intropy user on the intropy system . net 
 - "t!n.o" for user thegnome on system 
 - "d!1.003" for user druid on system 

Modified MFP contains two special characters, making it a password increased complexity, however, passwords can still turn out to be of different lengths, and may not be suitable for one or another authorization system that implements a policy of limiting the number of characters in a password. In addition, the considered MFP has an increased level of complexity, due to which it may be difficult to remember.

3.3.4) Prerequisites

An ideal MFP should satisfy as many of the following conditions as possible:

- The formula should contain enough elements and literal constants so that it can always be used to create a password with a minimum length.

- The formula must contain enough complex elements and literal constants, such as capital letters and special characters, to generate a complex password.

- Formula elements must be unique enough that a unique password can be generated for each authorization system.

- The formula must be easy for the user to remember.

3.3.5) Multi-level mnemonics

Due to the fact that the complexity of the MFP increases significantly when trying to construct formulas that meet the first three conditions discussed above, a second level of mnemonic properties can be applied to the MFP. The MFP is, by definition, a mnemonic technique because it has the property of allowing the user to remember the password for each individual system if he only remembers the MFP and has knowledge of the informational context regarding himself and the system. Additional mnemonics can be used to memorize the MFP itself. This additional mnemonic level can be used by the user in addition to the MFP itself.

For example, if you have information about the user being authorized and the authorization system, you can use an adequately complex, long and easy-to-remember MFP of the following form:


This PMF contains three elements: represents the first letter of the username, represents the first letter of the hostname or the first digit of the first octet of the address, and represents the last letter of the domain name suffix or the last digit of the last address octet. This modified MFP also contains a third special character in addition to the exclamation point and period: a semicolon after the last element.

The above MFP can retrieve the following passwords:

 - "[email protected];" for user druid on 
 - "[email protected];" for intropy user in system 
 - "[email protected];" for thegnome user in 
 - "[email protected];" for user druid on system 

In contrast to the previously discussed MFP, the above formula uses secondary mnemonics, which is easier for the user to remember, since the formula reads naturally. This MFP can be remembered as "user-dog-host-point-domain", which is similar to the structured format of an email address.

In addition, a user-specific secondary mnemonics was used, which consisted of the use of a semicolon. This MFP was written by a C programmer who, of course, easily remembered that passwords must end with a semicolon.

3.3.6) Advanced Elements

You can compose an IFP of a higher level using advanced elements that repeat, change, alternate, or increase by a given value, as opposed to simple elements that are replaced by some static value (for example, a username or part of the hostname). However, it is worth noting that excessive use of elements of this type can lead to the fact that the MFP will not meet condition number four (clause 3.3.4), since it will become too difficult to remember.

- Repeating elements.

With the MFP, you can create longer passwords by repeating simple elements. For example, an element such as the first letter of a host name can be used twice:


It is not necessary that such repeating elements go one after the other, i.e. they can be used in any part of the MFP.

- Variable Elements

The MFP can create advanced passwords by including variable elements. For example, the creator of an MFP might put "p:" or "b:" before the start of any element to indicate that the system is a personal or business system.


To better illustrate this example, let's consider a situation where a user is doing system administration of a large number of objects. In this case, the variable element may designate an administered object:


can be replaced by "p" in the case of a personal system, "E" if the system is in an Exxon-Mobil control domain, or "A" if the system is controlled by the Austin Hackers Association. Most of the elements used so far are rather simple variables, the value of which depends on the informational context, for example, on the name of the user or the system. The difference is that normal elements change only when the MPF is applied to another system, while variable elements change their meaning depending on the access class information context or on a set of other factors outside the normal user/system information context.

To illustrate this principle, using the same MFP for an administrator account and a non-privileged user account will result in slightly different passwords. Using a variable element helps prevent password similarity. You can use "0:" or "1:" character substitution at the beginning of a formula to separate administrator access from non-privileged user access.

Thus, including an additional variable element in the MFP will cause the password to become more complex and reflect the access class:


Variable elements do not have to be at the beginning of the formula, as in the examples above, they can be placed anywhere in the MFP.

- Rotating and Incrementing Entries

Alternating and Incrementing Entries can be used to change passwords to comply with the policy of not reusing passwords. An interleaved element is an element that alternates values ​​within given limits, such as "apple" (apple), "orange" (orange), "banana" (banana), etc. An incrementing element (example below) uses an expanding linear sequence of incrementing values, such as "1", "2", "3" or "one", "two", "three". When the password is no longer usable and needs to be updated, you can rotate or increase the corresponding elements:


The above MFP can retrieve passwords such as "d@c. g:1", "[email protected]:2" , "[email protected]:3" and so on. To better understand this principle, consider the following DFP:


get passwords like "[email protected]:apple", "[email protected]:orange", "[email protected]:banana" and so on.

The only additional information that the user will need to remember besides the MFP itself will be the predefined list of changing elements and the current value of the alternating or increasing element.

In the case of interleaved elements, a list of values ​​could potentially be written to be accessed when needed without the passwords themselves being compromised. By using special values, you can mask the lists so that they look like, for example, product lists, company employee lists, or extension lists, i.e. lists of this type, which can be hung out without suspicion in the user's environment. In the case of ascending elements, knowing the current value is the only prerequisite for determining the next value.

3.4) Organization-Wide Application

In large organizations, the use of the MFP may be mandated by certain users to allow concurrent access to their accounts. If the information security department assigns unique MFPs to users, then members of that department can easily access those users' accounts. This type of control can be used to access accounts in cases where the user is not present, when the account is shared by many employees or members of the task force, or even in the case of monitoring a user whose activities are suspicious by the security service.

3.5) Disadvantages

3.5.1) The "master key" effect.

The most serious disadvantage of passwords created with the MFP is that if the formula is compromised, all passwords for systems created by the user using the MFP scheme will be potentially compromised. This situation is no worse than when a user uses the same password for different systems. In fact, this situation is even better, since the generated passwords are unique. When using an MFP-generated password, it should be unique on a per-system basis, and ideally the password should appear to be a jumble of characters. It is very likely that in order to decipher the formula, an attacker would have to crack a significant number of passwords created using the formula before he can grasp the relationship between them.

3.5.2) Complexity due to the password security policy

The second disadvantage of passwords created using the MFP is that without the use of alternating or incrementing elements, such passwords do not combine very well with a security policy that involves replacing passwords when they expire or the inability to reuse passwords. This is a compromise between password security using password expiration restrictions on the one hand, and the complexity of the MFP on the other. However, the trade-off is that we either have to accept both conditions, or neither. The safest option is to accept both, however, as a result of applying this method, the complexity of the MFP increases, which potentially leads to a mismatch of formulas with condition number four (section 3.3.4).

6) Conclusion

MFPs effectively help you avoid many of the insecure situations associated with choosing and using complex passwords. However, one should be very careful in choosing the degree of complexity of the formulas and their mnemonic characteristics, so that in the end the MFPs turn out to be sufficiently protected, while maintaining ease when reproduced in memory. If the formulas become too difficult to remember, then the problems that we tried to save users from using the MFP may arise again.


[1] Bugaj, Stephan Vladimir. More Secure Mnemonic-Passwords: User-Friendly

Passwords for Real Humans”

[2] Kotadia, Munir. Microsoft Security Guru: Jot Down Your Passwords

passwords/2100-7355 3-5716590.html

[3] McWilliams, Brian. How Paris Got Hacked?

[4] Williams, Randall T. The Passphrase FAQ

[5] Jeff Jianxin Yan and Alan F. Blackwell and Ross J. Anderson and Alasdair

Grant. Password Memorability and Security: Empirical Results

Mnemonics, or How to Master Your Memory | Media Portal

Teacher of the course of mnemonics, 4th year student of IPiO Nelly Meshcheryakova assures that you can develop your memory quite quickly.

Lecturer of the course of mnemonics, 4th year student of IPiO Nelly Meshcheryakova assures that you can develop your memory quite quickly and at any age.

At least once, but each of us forgot where he left his car keys, did not remember the birthday of his closest relatives and friends or the phone number of a colleague in time. According to psychologists, between the ages of 40 and 65, people experience a persistent decline in memory, and in fact its development and maintenance in the right form is one of the remedies against Alzheimer's disease. Why are there adults - because of poor memory, children lose interest in learning.

Lecturer of the course of mnemonics at the educational center for schoolchildren "Unium", 4th year student of IPiO Nelly Meshcheryakova assures that you can develop your memory quite quickly and at any age. And then you will not only learn entire lectures on an unloved subject, but even master several languages.

« We are used to writing down any information in electronic or notebooks. But you can put it in your brain. Then we will not depend on the batteries in the phone or the Internet in the tablet. And mnemonics will help with this.

Mnemonics - a set of rules and techniques that facilitate the process of memorizing information. That is, mnemonics turn numbers and letters into vivid images that literally cut into our memory.”

Why do we need mnemonics? In order not to memorize, but quickly and with pleasure memorize phone numbers, bank cards, names and dates of birth of friends and acquaintances, information on study and work, foreign words, sequences of words (for example, a list of products) or even entire texts.

KD Ushinsky wrote: “Teach a child some five words unknown to him - he will suffer for a long time and in vain, but connect twenty such words with pictures, and he will learn them on the fly” .

“Speech therapists have been using mnemonics in their work for a long time: for each word or small phrase, a picture is invented and sketched or displayed, and the entire text is thus sketched schematically. Looking at these diagrams-drawings, the child easily reproduces textual information,” Nelli commented.

In addition, mnemonics helps in the development of connected speech, associative thinking; visual and auditory memory, visual and auditory attention, imagination. In a word, mnemonics can greatly simplify life if you know how to use it.

You might think that mnemonics appeared recently, but it has existed for several millennia, surrounds us everywhere, and we have used its methods in practice more than once. So, in mnemonics, the compilation of phrases for memorization is quite widespread. The most famous among them is "Every hunter wants to know where the pheasant sits." It "encodes" the colors of the rainbow: each starts with the same letter as the word in the phrase. The phrase about the order of the planets works in a similar way: “You can fly beyond Mars by making a jewelry turn near our planet.” Or the order of cases "Ivan gave birth to a girl ..."

« Mnemonics includes a set of tricks and methods for easy memorization. Mnemonic memorization consists of four stages: coding into images, memorization (combining two images), sequence memorization and fixing in memory. But the foundation of mnemonics is associations, so the key to success in memorization is to learn how to create correct and “strong” associations. Only then can we move on.”

Consider the most important principles of mnemonics. Developed memory is based on two main factors - imagination and association. In order to memorize something new, you need to correlate this new thing with something, that is, make an associative connection with some already known factor, calling on your imagination to help. An association is a mental connection between two images. The more diverse and numerous the associations, the more firmly they are fixed in memory. Strange, illogical associations contribute to better memorization.

Nelly shared five rules for creating a "correct" association:

1. Association is the first thing that comes to your mind. It is necessary to create an image in your head that will evoke another in your memory and help you remember the information you need. The created association will become a hook when memorizing new information.

(pictured - Nelly Meshcheryakova)

2. The association must be illogical and absurd. The more unusual a situation you create, the more it burrows into your brain. I repeat, the image is at the head of everything. If you can create an image of an object in your head, then you are already halfway to success.

3. Images must be large, voluminous, colored, detailed. Turn on all your senses to visualize the picture as vividly as possible.

4. The association must be funny - let this be the first thing that comes to your mind.

5. The association should be only about yourself, because only what happens to you arouses the strongest interest and therefore is better remembered. When you read a paragraph on history and imagine yourself conquering Rome, then you will definitely remember more facts from this text.

    To memorize the rule effectively, you need to set the created association in motion. "Movement" helps to vividly present the image. It makes the process of memorization not only simple, but also interesting.

    « For example, you need to remember two words: "cavalry" and "attic". You imagine that you go up to the attic and see cavalry there - horses with long bangs are standing, and warriors are sitting on them. They have their heads down to their chests because they don't fit in your tiny attic. You look at them and think: I came here for jam, but what did they forget here? And they answer you: “Exactly - what have we forgotten here?” - and fly out the window. And the jam flies after them, and you bitterly regret it. Having applied all the rules for building the right association, the brain firmly remembered these two words.

    Which mnemonics methods to use depends on what you want to achieve: learn to remember numbers, words, facts or learn a foreign language.

    “There are no universal methods for developing memory. But there are a few tricks that everyone can practice every day.”

    Nelly's mnemonics techniques:

    "Chain" is one of the basic techniques for memorizing a certain number of objects. The method is simple: imagine a bright image, and then glue it with the next one. The images are connected in association in pairs. The sizes of the images are approximately the same in each pair. When you have formed a connection between the first and second image, the first image is removed from consciousness by transferring attention to the second. After that, a relationship is formed between the second and third images, and so on. When a chain of images is remembered, three to five images appear in consciousness at once.

    Let's say you need to buy cheese, powder and a light bulb in a store. Introducing a huge package of powder. A light bulb flies into it and white powder scatters across the plank floor. Cheese is strung on a light bulb ... and so a whole tower is built. Glues should be as effective as possible. They say that this way you can remember a list of at least a hundred items. What you really need to go to the store.

    Reception "Matryoshka" . Experts say that it serves as the most optimal way of mnemonics. It is based on the combination of images in pairs, and the previous appearance of the association must always be greater than the next, that is, the impression is necessary that the first type of word includes the one following it. After their connection, it disappears from consciousness, the main image becomes the subsequent one, which mentally increases, and an association is created between words standing one after another. So, the images are constantly being introduced into each other, like a “matryoshka”. A classic example of this action, when it is necessary to connect two seemingly incompatible images, is “beauty and the beast”.

    Hanger method is suitable for memorizing numbers. For each number, you need to come up with several associations or “hanger” words: 0 - bagel, 1 - stake, 2 - swan, 4 - chair, 8 - snowman ... You can pick up rhyming words: zero - salt, two - owl ... We replace figures with pictures and come up with a coherent story. Voila - the phone number was stored in memory for a long time.

    Cicero method. According to legend, Cicero, when preparing for his speeches, took a walk and mentally placed important points of his speech everywhere. Then, remembering the situation at home, he remembered the key phrases.

    This method will help you memorize words in English class, sequence of events in history lessons, new concepts in biology and chemistry lessons. Any subject can be used. Everyone regularly sees the same visual images. These are items in the apartment, office. These are objects on the street you often walk on, at home, at work, in the classroom. So, you choose 10 items that you will use for memorization. After that, for each subject, come up with a subject for memorization. And an association with it. For example, you take a word in English and think of how it is related to a flower on the windowsill.

    What if you urgently need to memorize a few foreign words?

    " With the help of mnemonics, it's possible to learn hundreds of English words in one day" , Nelli assures.

    For example, we need to remember the word "pillow" - a pillow. We select a sound association - "fish-saw". We connect the pillow and the sawfish. And we come up with a story: a pillow maniac comes to you with a sawfish and starts sawing your pillow with a terribly unpleasant “peeeee” sound. Feathers scatter in different directions - otherwise it was a gift from your beloved grandmother and you are terribly sorry for her.

    So, by applying the rules for constructing an association, we memorized an English word. To reproduce this story in memory, you only need 3 seconds. And when you hear the word "pillow" ("pillow") - you will remember the combination "fish-saw", and it will hook the word "pillow" out of memory.

    If we turn to theory, then three types of associations are used in mnemonics: sound (pillow-saw), semantic (cavalry and attic) and visual. The latter is used in elementary school lessons.

    « Difficult to write, dictionary words are represented graphically: for example, the word "cassette" can be drawn as a cassette, in the holes of which two letters "C" are hidden.

    There are many examples of visual association: in the word "weather" instead of the letter "o" you can draw the sun. Unverifiable "o" in the words "carrot", "cucumber", "crow", "milk" can be remembered by drawing a crow with earrings in the form of two "o" or a bottle of milk with three rings thrown over it. The drawn carrot twists two hoops around the waist, and the cucumber drives the hoop in front of him. Now the spelling of these words will remain in the memory forever. Even the rules can be drawn. For example, the rule “The particle “not” with verbs is written separately” can be depicted as a football player-verb hitting the ball-particle.

    And if you need to remember some dates, then you can use image numbers that you can string like beads on the thread of your memory. For example, the year of the capture of Kazan by Ivan the Terrible (1552) is depicted as follows: one - in the form of a spear, five - stars sparkling on the helmets of Russian soldiers, two - a swan flying from the Syuyumbike tower. To make the date even better in memory, you can make a proposal from the names invented for the numbers of the drawings. The funnier it is, the better the desired date will be remembered.

    The difference between mnemonics and cramming is that in the second case, a person reads and then repeats many times, memorizing in this way. And thanks to mnemonics, information is remembered immediately, but then it needs to be repeated following a certain algorithm.

    « In mnemonics, as in any other skill, it is important to practice regularly. After all, memory is a muscle that must always be kept in good shape. I recommend exercising regularly. Over time, this will become a habit, and you will no longer be able to remember differently, as you did before. I immediately tell my students that it is better not to expect miracles. To get the desired result, you need to work hard" .


    " If you want to get acquainted with the theory in more detail, I recommend reading the "Textbook of mnemonics" by Kozarenko V.

    Learn more