Bad Grammar Make Bestest Password, Research Say

An anonymous reader writes "NewScientist reports, 'Along with birthdays, names of pets and ascending number sequences, add one more thing to the list of password no-nos: good grammar.' Researchers from Carnegie Mellon University seem to have developed a password cracking algorithm that targets grammatically correct passwords. Can bad grammar really make your password secure?"

Certainly

[vAltyR]

There are many more ways to have bad grammar than there are to have good grammar.

Re:

[davester666]

In other news, making spelling mistakes defeats a dictionary attack.

Because by spelling the words wrong, they no longer appear in the set of words known as "the dictionary".

Re:Certainly

[mwvdlee]

Unless those dictionaries contain common misspellings, which they probably already do.

Re:

[AmiMoJo]

It's actually fairly easy to do algorithmically, in the same way many password crackers already try common number/letter replacements (pa55w0rd), adding single digits and dates to the end of dictionary words, capitalizing the first letter or every other letter etc. Just addend -ed and -ing to every word, drop silent k's, reverse i and e (e.g. recieve) and so forth.

Re:

[Macrat]

It's actually fairly easy to do algorithmically, in the same way many password crackers already try common number/letter replacements (pa55w0rd), adding single digits and dates to the end of dictionary words, capitalizing the first letter or every other letter etc. Just addend -ed and -ing to every word, drop silent k's, reverse i and e (e.g. recieve) and so forth.

Very true. That's why I find it so amusing when IT people think a system is more secure because their passwords require 1 capitalized letter and 1 number.

Re:

[Cryacin]

canIhazzhorzeburgerz

Great. Now I ahve to change my pssaword againz.

Re:

[rwa2]

I think the mistake is that they call it a "password" and not a "passphrase".

Most of my better passphrases are made from a few bars of a poem or song I know. Even better, when it comes time to change passphrases every 90 days or so, I can just go on to the next verse without too much thought. The only hard part is not to hum or dance to an obvious tune or rhythm after logging in. And maybe remembering when letters you turn to 133+ if necessary.

e.g.:
Ittrl,itjf(14ls;tnefr

(first verse of 'Bohemian Rhapsody

Re:

[JWSmythe]

Well, if we didn't say it, they'd all make their passwords "password", their own first name, or some other amazingly simple word. [cbsnews.com]

They always glaze over when you try to explain strong passwords. No matter what you tell them, you can always sit down at their desk and say "what's your password?", just to find out it's "Password1" or "1234567A"

Re:

[Anonymous Coward]

Well, if we didn't say it, they'd all make their passwords "password", their own first name, or some other amazingly simple word. [cbsnews.com]

They always glaze over when you try to explain strong passwords. No matter what you tell them, you can always sit down at their desk and say "what's your password?", just to find out it's "Password1" or "1234567A"

For everything outside of my place of work, I use a password safe program and (if I can) at least a 42 character password using the largest possibly set, generated randomly.
At work, where I'm not allowed to use a password safe and am required to memorize no fewer than 30 passwords, most of which have to be updated at least monthly, and cannot use any password I've used in the last 6 months.... my password is my first name and last initial, followed by a number which is how many times I've had to reset it. Y

Re:

[Samantha Wright]

In other other news, Google penalizes the rankings of spelling and grammatical errors. Cynically, I'm surprised this headline got posted.

Three-tries lockout ... usually ...

[Nefarious Wheel]

Dictionary attacks aren't always that useful for authentication systems that block logins on an account after a few missed attempts. However, a few stripped-down NAS nasties are set to allow infinite login attempts. It was kind of fun watching the password attempts; they were sort of half dictionary, half psychology, lots of old favourites. But they were all single words, I noticed, and not very long at that.

Re:

[UltraZelda64]

FTFY

FYFT

Of coarse

[ArcadeMan]

Shekuritee bai aubskureeti.

Re:

[c0lo]

Grammar! [xkcd.com], not syntax.

Re:

[sumdumass]

security by obscurity.

And I don't agree with it necessarily being a bad thing unless its the only approach taken. As a layer, it increases the effectiveness of other security.

Re:

[93 Escort Wagon]

It's rapidly becoming apparent that many Slashdotters don't understand the difference between grammar and spelling.

Re:

[davidwr]

It's rapidly becoming apparent that many Slashdotters don't understand the difference between grammar and spelling.

Gram are in gram crackers.
Spelling your drink makes a mess.

Spelling your gram crackers makes a mess two but it's not as messie.

Re:

[AK Marc]

I thought it was "security by absurdity".

Re:

[Coisiche]

horzebergur, shoorelay?

Corollary

[eksith]

Entering wrong infromation for password reminders / security questions.

Re:

[petteyg359]

My typical password reminder is "Fuck you." Good luck figuring out what my password is with that hint :)

Re:

[rubycodez]

yourplaceormine,bitch?

Re:Corollary

[jones_supa]

Entering wrong infromation for password reminders / security questions.

My opinion is that password hints and security questions are really just a bad idea which websites should possibly stop to use completely. They can easily ruin the whole security even if your password itself is robust.

Re:

[fredgiblet]

I had a customer who's name on their account which we are required to gather to get access to the account) was "fuck you". It was amusing because neither he nor his girlfriend (who the account belonged to) knew that, so I had to send them their account on the computer to find out. Their reaction was quite funny.

Re:

[arth1]

Just use it as a second password prompt with wrong info. For example, "what is your mother's maiden name?" has the answer "correct battery horse staple."

The problem with that approach is that people have lots of accounts, all with different questions. Either you have to memorize the made up answer to every question, or you have to use the same one for all of them, which means that if one place is compromised and didn't store it hashed, all your accounts are now potentially compromised.
Not that answering honestly is any better, because any sleuth worth his beer can find out the information about individuals, or find out the most common answers for large sca

Re:

[AK Marc]

Answering "Smit", "Johnson" and "Williams" for the three tries you're asked someone's mother's maiden name will get you 2.5% success rate, which is significant for large scale attacks. Your high school? Central, Lincoln and Jefferson will get you a high return rate.

As long as "McCreery" and "Talented and Gifted Magnet High School" aren't in the top 10, I'm safe (and no, I can't use the "official" abbreviation, as most won't take a 3-letter answer - TAG).

Re:

[Neil Boekend]

I usually pic a random question from the list and just mash in a lot of characters beneath that. An answer like "4rtilufga,lghajkhgigh;klgnulahglhsafgvubhgu s" is hard to guess.

Article is very light on details

[parallel_prankster]

Are there infinite ways to screw grammar while creating password? I would think there are certain patterns in which people mis-use grammar. I would imagine though that at some point if every one started using bad grammar styles for constructing passwords, that those patterns would become identifiable and then someone would put together a password cracker that would deal with poor-grammar-filled passwords as well right? I couldn't find the exact paper to read but the example on the website "ihave3cats" seems to be a like a language thing that can be identified at some point by some urban dictionary reader!

Re:Article is very light on details

[McGruber]

Are dere infinite ways t'screw grammar while creatin' passwo'd? ah' would dink dere are certain patterns in which sucka's mis-use grammar. Ah be baaad... ah' would imagine dough dat at some point if every one started usin' bad-ass grammar styles fo' constructin' passwo'ds, dat dose patterns would become identifiable and den someone would put togeda' a passwo'd cracka' dat would deal wid poo'-grammar-filled passwo'ds as sheeit right? ah' couldn't find da damn exact sheet t'read but da damn example on de website "igots'3cats" seems t'be some likes some language wahtahmellun dat kin be identified at some point by some urban dicshunary eyeballer. Right On!

Re:

[necro81]

Groundskeeper Willie, is that you?

Re:

[mysidia]

It would be better to have no grammar structure at all in passwords, good or bad. Select a random assortment of words, not words that can be strung together using conventional grammar rules, or even distortions of conventional grammar rules.

And transform any words in such a way, that no word used is a legitimate word.

3hav-ayekatkitt-ees

Re:

[Kjella]

Which achieves one goal at the cost of memorability. Particularly if you want a password that can survive an offline brute force cracking attempt as opposed to guessing over the network it should be 20+ characters long because each character only adds 8 bits of entropy - in practice more like 6 bits. Looking at it the other way from the would-be cracker's perspective, what do you have? Brute force attacks and dictionary attacks. The easiest way to avoid both is to take a long, easy to memorize phrase and fu

Re:

[Jason Levine]

Select a random assortment of words, not words that can be strung together using conventional grammar rules, or even distortions of conventional grammar rules.

Correct horse battery staple! http://xkcd.com/936/

th@res_morethan1way2cat@file

[darkonc]

Many ways 2 brake gramma there are.

Yoda ask -- answers he will give?

even Something like this" could screw up a grammer based guesser .

Don't think

[Murdoch5]

To make a good password just don't think about it . Don't use anything that you would have to remember or figure out, type something random into the password box, copy the password and then remember it.

If Music Be The Food Of Love, Log In

[the monolith]

Instead of using words, how about playing the keyboard as if it were a piano (or any other keyboard-like instrument)

Here is an example of a musical login: pvy89pvvv[890[]vv

For this example, position your right hand with the thumb on the 'v' key, then play the sequence as if they were notes, then listen to C.P.E. Bach - Minuet In G Major for what it should really sound like.

If you like impressive music, try: uppvyuvyyyyuyvvyuvyuppvyuvyyyyuyvvyuyv
Leo Arnaud - Buglers Dream

Re:

[Acapulco]

Try that in an ipad or any other non-keyboard device. I don't think it will work for some of those devices..

Re:

[nzac]

do you not see the repartition there, that method produces terrible passwords. how is pressing the same key exactly 4 times in a row at speed?

They are getting strong enough not to low fruit and fall to a mass hash cracking but someone only has to observe you typing that in from a distance once, observe your fingers not move, and will rearrange word list to favor small character spaces.

PS when you put this method on the internet you can no longer use it unless you never reuse you user-name.

Lockout DOS

[tepples]

In fact, even if you have a shit password (e.g., "changeme1234"), if the website limits the number of tries to 3 times a day, you're probably safe for at least a year or two.

Except from denial of service, where someone with a list of usernames he wants to attack enters those usernames with "P00-p00" as the password three times in a row. Then the legitimate owners of those accounts can't log in.

Better than bad grammer... transcription!

[nsxdavid]

I find that an even better way to construct a password (that you can still remember) is to use a language other than English for all or part of it. More specifically, it works best if you use a language that that requires transliteration to type in the Latin character set and then use your own transliteration/transcription spelling (rather than, necessarily, the common or "official" one). Good examples might be words in Hebrew, Russian or Greek.

Consider the Russian word for 'good'. I will spell it using

Yoda passwords?

[cpghost]

Bad grammar you use must for secure password...

Re-framing old wisdom to create newness goodness!

[Zero__Kelvin]

It is a well known fact that choosing words you will find in a dictionary as your password is not a good idea. This has been known for a looong time (get it?) Basically all this new "study" says is: "Hey, misspelled words are a better than words spelled correctly!" Or in other words: "Hey! Stuff that isn't in the dictionary is better than stuff that is!" And in yet other words: All they did was re-frame what has been known for a long time and confuse themselves into thinking they discovered something n

Re:

[1u3hr]

It is a well known fact that choosing words you will find in a dictionary as your password is not a good idea.

It's a better idea than a single word, or name, which is what many people still do. Anyway, even if you use real words, with the English language having well over 100,000 words, a few words gives you a very, very large space. Using correct grammar cuts it down, of course. But TFA was about attacks trying billions of passwords. What kind of idiotic system allows someone to attempt to login billions of times at high speed?

Re:

[neminem]

A large space, but still an easily searchable one, given enough time, and a system that allows dictionary attacks, which many do, even though it would be easy enough to disallow it.

So why do that, when it's easy enough to use words that are still words, but not words in standard dictionaries? (i.e. names of fictional characters, words made up by the company you work for or that are specific jargon of your field, internet memes, etc.)

Re:

[1u3hr]

So why do that, when it's easy enough to use words that are still words, but not words in standard dictionaries? (i.e. names of fictional characters, words made up by the company you work for or that are specific jargon of your field, internet memes, etc.)

Because the "geekily obscure" words like that are the very first ones that will be checked. Geeks have been using words from Tolkien and such as logins and passwords from the dawn of time.I remember one guy who was mystified that his password "THX-1138" had been cracked by someone... I had a hard time not laughing.

so this is a good one?

[milkmage]

@11yourbA5es@r3Be10ngtoUS

"Can bad grammar make your password secure?"

[John Hasler]

Yes, if it is bad enough. Examples:

Sp/k)]Vi5PTa
h@#FZh_\,
_HA67C_1N{vh

Of course no password is secure if you use on more than one site.

Re:

[darkonc]

You realize, of course, that those passwords compile properly in perl?

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[rsborg]

This means that most slashdot posters are safe. Seriously, the worst spelling and grammar I see online are right here amongst what should be a well-educated group of people.

It's even uprated seemly for the bad grammar and spelling. I think it's a sign saying "I'm not a bot - at least not a simpleton".

Grammar?

[Arancaytar]

If grammar is relevant at all, your password should already be long enough to be pretty secure.

mixing languages is even better

[anorlunda]

I speak English and Swedish. I find it easy to concoct "Swinglish" words and phrases that are invalid in any language yet easy for me to remember.

I think that ought to be secure.

Use phrases

[Snotnose]

I usually think of a phrase, take the first letter of each word, and leetify some of the letters. "My what a lovely unicorn with no horn you have" becomes MwalUwnHuh which then becomes Mw@lUw!Huh.

My phrases are generally song lyrics, and yes I do need to write them down until I've used them 3-4 times.

All your base

[djl4570]

Allyerpa55wurdrbelong2us

this is really, really simple

[slashmydots]

Make it over 23 letters (or 24, I forget). The end. That's unhackable by anything anywhere ever. Then it can be "gorillasgorillasgorillas1" and it won't matter because nobody could ever possibly hack it.

makes passwords easy to communicate

[Chewbacon]

My home WPA password works on that premise. It's not in the dictionary, not random letters and numbers either but is easy enough to spell when heard if family or a friend visiting need access.

Inuit

[jandersen]

Personally, I'd go for words in the inuit language(s). Inuit words are so wonderfully impossible to guess from a dictionary because of the nature of the language; consider the following example:

umiaq: a large boat - a 'wife boat'
umiarssuaq: a big wife boat - ie a ship
umiarssualivik: a place for a ship: a harbour
umiarssualivinnguaq: a small harbour
etc

Combine that with a complex grammar and the fact that the rules for spelling are somewhat uncertain, and you have the perfect passwords, easy to remember and wr

Well,

[StripedCow]

Can bad grammar really make your password secure?

not any longer.

Text Message-language has a purpose ?!

[freaker_TuC]

So, are you telling me, that fascinating (unreadable) short-text/sms-language has a purpose after all?! :)

Re:obvisouly

[Dexter Herbivore]

I was going to post "frist!" but that's my password.

Re:My question is this:

[eksith]

Easier than sanitizing correctly. Honestly, it's just laziness. There are also some places that actually send you the bloody password from the database when you enter an email (because that's also easier), instead of salt+hashing and just resetting it. And a unicode password would cause issues in the carefully crafted HTML layout of reset email. These are actual excuses I was given by a project manager. He doesn't work with us anymore.

Re:My question is this:

[CodeheadUK]

A paranoid colleague of mine composed passwords with a sprinkling of extended chars. He entered the whole thing on the numeric keypad with ALT held down.

I've no idea what his password(s) were, but they caused quite a few badly written apps to explode in a spectacular shower of exceptions and unhandled input errors.

Re:

[backwardMechanic]

That's great until you have to use a different keyboard layout. Around here (CH) the keyboard may be EN-US, EN-GB, CH-FR, CH-DE or even FR-FR (which is just stupid). Y's, Z's and punctuation are best avoided.

Re:

[swillden]

That's great until you have to use a different keyboard layout.

Or a different operating system which uses a different method of entering extended characters.

Re:My question is this:

[Zero__Kelvin]

"Why don't we allow unicode passwords?"

Because not all systems can handle Unicode, and Unicode itself has multiple internal representations (UTF-8, UTF-16.) Furthermore, there are multiple valid Unicode encodings for the same character stream. In other words, that would be a very bad idea unless you are in an environment where only company approved systems, set up by competent system administrators, are allowed to log in, in which case it would just be a bad idea sans the "very". Even then it is of little value, since a well chosen password still has plenty of entropy, and there is no need to add complexity to the auth system (complexity is the enemy of security.)

Re:

[tepples]

Because not all systems can handle Unicode

I was under the impression that any system that could handle XML or HTML5 could handle at least the Basic Multilingual Plane of Unicode in UTF-8 encoding.

Furthermore, there are multiple valid Unicode encodings for the same character stream.

The Unicode Standard describes several canonicalization processes that can be applied before hashing the password for storage.

Re:

[Zero__Kelvin]

"I was under the impression that any system that could handle XML or HTML5 could handle at least the Basic Multilingual Plane of Unicode in UTF-8 encoding."

Were you also under the impression that all systems can handle XML and HTML5, and that all systems are UTF-8?

"The Unicode Standard describes several canonicalization processes that can be applied before hashing the password for storage."

So which one do I pick? Where is your actual argument that there is a benefit to using Unicode for passwords? Most im

Re:

[gnasher719]

Because not all systems can handle Unicode, and Unicode itself has multiple internal representations (UTF-8, UTF-16.) Furthermore, there are multiple valid Unicode encodings for the same character stream.

Just take whatever is given into canonically pre-decomposed UTF8. I mean there are people using Unicode in their file system and they have no problems with this.

Re:

[Zero__Kelvin]

You are not understanding the point at all. There is no benefit to the approach, only added complexity and potential for bugs. It can only decrease security, and will never increase it. Enough said on the subject?

Re:

[K. S. Kyosuke]

Just exactly HOW does it decrease security? I can certainly imagine a "doesn't work at all" failure mode for such a system, but a "sort of works but security is compromised" scenario eludes me.

Re:

[Zero__Kelvin]

"Just exactly HOW does it decrease security? I can certainly imagine a "doesn't work at all" failure mode for such a system, but a "sort of works but security is compromised" scenario eludes me."

Exactly the point! In the real world software is implemented by humans, and sometimes even that which should be obvious eludes them ;-) When you implement additional complexity you increase the chance to introduce an exploitable bug into the system. Again, complexity is the enemy of security. I'm guessing you do

Re:

[K. S. Kyosuke]

Because not all systems can handle Unicode, and Unicode itself has multiple internal representations (UTF-8, UTF-16.) Furthermore, there are multiple valid Unicode encodings for the same character stream.

You've just said one thing twice in two sentences.

Re:

[Zero__Kelvin]

No I didn't. In UTF-8, which is one internal representation, there are multiple/different valid encodings for the same streams. You simply didn't understand what was written.

Re:

[mysidia]

Every site should allow any password if they just hash it like they should.

I consider restricting the character set a lesser crime than sites like Amazon, Blizzard that make passwords case-insensitive

Re:

[AK Marc]

I worked one place where the password must be 6 alphas and 2 digits. The issue was that some legacy systems must have 8 chars (no more) and there was a policy of 2 numbers (for security) and some legacy systems couldn't handle a password starting with a number. With a 60-day reset, everyone just picked a 6 letter word, and cycled through 01-09 or so (based on how many times you reset your password in a year, no reuse within a year, and the warnings started at 45 days, so you could use 9 in a year if you r

Re:

[Jetra]

Except that was all about choosing random dictionary words and a favorite number. In this case it's like taking my password "password' and spelling it "pahsweerd"

Re:

[AK Marc]

I locked out a system account once. "forest" was the password, and I thought forrest was spelled with two r's (both are correct, one is more correct). A bit embarrassing to tell the manager I locked myself out.

Re:Randomized passwords are the best

[bp+m_i_k_e]

None of your phone numbers are changed every 30/60/90 days, while some of your passwords are.

Re:

[pwizard2]

After typing in a password 8-10 times I pretty much have it memorized, how long does it take for you? Doing it every 1-3 months isn't too bad. If it were changed every week then I would agree with you.

Re:Randomized passwords are the best

[maxwells_deamon]

I don't have a different phone number for every person I call. People I call do not make up rules like my phone number must be at least x characters long, must have a special character in it, can not have a special character in it, must not begin with an upper case letter, must begin with a character, must begin with an emoticon ;-)
and I don't know what other crap they are about to come up with...

Land lines in multi-person households

[tepples]

You must know a lot of people that share the same phone.

That I do. Many are land lines in multi-person households. And being public keys (in the SQL "primary key" sense, not the cryptographic sense), they don't change every 45 days.

Re:

[Hognoxious]

Public keys? Do you mean natural keys?

Public natural keys and private natural keys

[tepples]

By "public key" I meant that a phone number is a published natural key, intended for the general public to use as a key to place a voice call to a household. The opposite would be something like a Social Security number, a natural key that's not to be spread around because taxing authorities and creditors rely on it as part of proof of identity.

Re:

[h4rr4r]

How old are you exactly?

I have seen you say this before and I find it hard to believe. Other than my parents and grandparents I know no non-work landline phone numbers. I can't imagine most people under 55 even have them, or if they do use them that often.

Re:

[tepples]

Other than my parents and grandparents I know no non-work landline phone numbers. I can't imagine most people under 55 even have them, or if they do use them that often.

True, people who currently or will soon qualify for old-age social insurance programs are more likely to have land lines because they tend to be late adopters in general. So are parents of kids who aren't yet old enough to have their own cell phone. So are people who don't have cable television service, as they're often offered a POTS or fiber land line for free or nearly free with the purchase of Internet access from the phone company.

Re:

[h4rr4r]

None of my friends who have young kids have landlines. The kids use skype to talk to grandma and grandpa or Mom and Dad's cell phones. I fall into that last category and the fiber phone line is no where near free. I get FIOS for $40/month, adding a phone would double that, or I could get cable I do not want and a phone I do not want for $99/month.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[mysidia]

None of your phone numbers are changed every 30/60/90 days, while some of your passwords are.

My recommendation for such passwords, is to memorize a "base" password; and define a rule to increment the base password, so all you need to remember is the original password, and which number you are at, and do a mental transformation; this is far more secure than writing down the password, or picking easy to guess passwords.

eg

Password 0 helloworld0

Password 1 ifmmpxpsme1

Password 2 jgnnqyqtnf

Re:Randomized passwords are the best

[ArcadeMan]

I don't memorize phone numbers, I memorize the 3x4 grid pattern required to dial it.

Re:

[flyingfsck]

Memorizing only the phone numbers is useless if you forget the names and faces of the girls...

Re:Randomized passwords are the best

[Sique]

Actually, no. Phone numbers contain much context (e.g. area code), and they have a very limited alphabet (just the numbers 0-9). A random password can use a much larger alphabet and contains much less context. So, memorizing a ten character password is definitely harder than a ten digit phone number.

Re:

[DaphneDiane]

I tend to use random passwords myself. The trick I've learned to memorizing them is to take advantage of the fact that the human brain is good at seeing patterns even when there aren't any. So I just look at the password for a bit, let myself come up with a pattern or way to describe it and memorize that. I'll often think of a password as chunks of 3 or 4 letters and just remember the junks normally associated with a thought phrase. If I can't come up with something I'll just hit regen again til I get somet

Re:

[93 Escort Wagon]

I use random, unique passwords most everywhere. The trick to remembering them is not to try - I just store them in my encrypted keychain. It's not that hard to memorize one long and complex password.

Re:

[tepples]

Until you end up having to log in without being allowed to connect the device carrying your encrypted keychain to the Internet. This may be the case if you keep your encrypted keychain on a laptop, Wi-Fi-only tablet, or USB drive, or if your smartphone has no data coverage where you are.

Re:

[DaphneDiane]

I also store my passwords in an encrypted keychain, but sometimes it's nice to be able to get some passwords without having to look it up. For example both iTunes and Windows RT require me to enter passwords when buying new apps or add-ons. Switching to another app to cut & paste in the password will often cancel the sale. So I memorized those passwords because it's simpler. Likewise when administrating machines at work I don't want to have to dig up my keychain just to log into the server farm, especia

Re:

[93 Escort Wagon]

I agree, actually - and I do have my more frequently-used passwords memorized (e.g. my account at work; my Gmail account; my iTunes account; particular server passwords).

Heck, for accounts I regularly use it would've been hard NOT to memorize the passwords!

Re:

[blueg3]

Sure, as long as you only need the one password.

Re:

[AK Marc]

When I had to set a password once, I had recently noticed that my wall-jack had a number on it that wasn't mine. So there it was. And if I ever forgot it, it was written right there. Anyone breaking in wouldn't have ever noticed it, but it was always written down for me.

Re:

[blueg3]

"Let me in" and "I love you" are both correct grammar. You're perhaps thinking of correct punctuation.

Re:

[arth1]

"Let me in" and "I love you" are both correct grammar.

Indeed. So it clearly would be best if we all switched to "letiin" and "ilovesyou".