Recently I changed some of my passwords. Some due to typical rotation time and a couple due to potential breaches and encouragement from the affected site. No, I’m not going to tell you which ones or how I go about it but I noticed that it took about 3 days for my fingers to key the correct combination.
This has probably happened to you too, where after changing a password, you inadvertently enter the old password a number of times since that is what the fingers and hands remember. Yes, I’m sure many of you have password keepers (which have also been breached) locked by a master and I use one too, but for many of my highly sensitive passwords, I keep those in my head.
As I continued to enter the old password for a couple days only to correct myself, I started thinking about habits and muscle memory. Some adages talk about it taking about 30 days (66 days in this study) to either pick up or drop a habit if done daily. Want to keep an exercise routine? Do it daily for a month and you are more than likely to continue...barring any unforeseen circumstances.
And then there’s muscle memory. Things like riding a bike, signing your name, catching a ball or any repetitious, manual activity that you complete often. Your muscles already know how to do it since they’ve been trained over time. You do not need to think about, ‘OK, as it gets closer, bring your hands together to snag it from the air,’ it just happens. This is one of the reasons why people change or update certain exercise or resistance routines – the muscles get used to it and need a different approach to reach the next plateau.
I wondered if anyone else had thought of this and a quick search proved that it is a bona fide technique for password memory. Artists like musicians use repetitive practice for scale patterns, chords, and melodic riffs and this trains the muscles in the fingers to 'remember' those patterns. It is the same notion with passwords. Choose a password that alternates between left and right hands that have some rhythm to it. After a bit, the hands remember the cadence on the keyboard and you really do not need to remember the random, committed numbers, letters or Shift keys pounced while typing your secret. This is ideal since only your fingers remember not necessarily your mind.
Granted, depending on how your head works this technique might not work for everyone but it is still an interesting way to secure your secrets. And you can brag, 'If you break my fingers, it'll wipe the device.'