How You Can Use the Genetic Code for Passwords

Illustration for article titled How You Can Use the Genetic Code for Passwords

Need a password for a new device or service? Try the genetic code.

Messenger RNA triplets and the amino acids they specify provide nearly endless password possibilities. And it's timely — the People's Choice for Sciencemagazine's Breakthrough of the Year is "Giving Life a Bigger Genetic Alphabet."


I began using the code for passwords years ago, when an IT-savvy friend setting up my clunky desktop computer told me a password should be:

  • Alphanumeric
  • More than 7 numbers or letters
  • Obvious to me, but not to anyone else

The genetic code may seem like random gibberish to normal people, but can have meaning to biologists.

The genetic code is the correspondence between the 20 types of amino acids and the 61 types of messenger RNA triplets (codons, representing DNA) that specify them. The same codons spell the same amino acids to all organisms. The RNAs of humans, hydras, hippos, hydrangeas,Haemophilus influenzae, and even viruses follow the same rules. This "universality" is why human proteins are manufactured in bacterial cells, bacterial insecticides are produced in corn, and an Ebola vaccine is made in tobacco cells.

Francis Crick proposed genetic code words (codons) as part of his "adaptor hypothesis," which Marshall Nirenberg and Heinrich Matthaei at the NIH demonstrated with brilliant experiments in 1960 and 1961. They challenged bacterial cells to make tiny proteins using simple RNA molecules. When UUU… led to a string of phenylalanines, for example, they had the first piece to the puzzle. Fed more complex RNAs, the bacteria revealed more code words.

Wrote Dr. Nirenberg in his research notebook, "we would not have to get polynucleotide synthesis very far to break the coding problem … we could crack life's code!"…"we would not have to get polynucleotide synthesis very far to break the coding problem … we could crack life's code!" And so they did.

Crick, George Gamow, and other luminaries of the DNA discovery era famously formed the "RNA tie club," in which each discoverer of a codon assignment was honored with a tie festooned with a double helix. The club had two dozen members, representing the 20 amino acids and 4 RNA bases.


Here are a few ways that combinations of codons and the standard three-letter amino acid abbreviations can make great passwords. (And a link to a list ofamino acid abbreviations for those who don't remember Bio 101.)

Some Suggestions


UUUpheAAAlysCCCpro (the first 3 pieces to the puzzle)

UUUAUApheilu (the first co-polymer in the experiments)









Sulfur-containing: AUAmetUGUcys

Rings: CCUproline UAUtyrosine

Simplest: GGUglycine GCAalanine AGCserine

SYNONYMOUS (amino acids corresponding to more than one codon)



Ehlers-Danlos syndrome: Arg134Cys

Huntington disease CAGglnx36HD

p53 oncogene UGAACAGUAp53

(Researchers should not use mutations they are working with. Someone will guess it.)


The genetic code is redundant — CCA and CCG both encode proline, for example – but passwords are not. Substitute the end G for the end A and your Amazon account won't work.

Plan password choices, or have a chart of the genetic code in plain sight, as I do in my office. I got the poster after I had to change my Apple ID under time pressure, and I inadvertently typed in CAA for histidine, only to discover that I had specified glutamine.


This article first appeared on PLOS Blogs and is republished here under Creative Commons license.


This strikes me as a way to generate passwords with very poor entropy.

I'm sure the idea here is to comply with password length policies. Hey, I need a 15-byte password. I'll just use 5 codons! But...

It would be incorrect to treat each letter of a codon as an individual character for password length purposes because the 64 codons are formed using combinations of the letters A, C, G and U. (In order words, in a password restricted to codons, there are only 4 possible choices for each byte. So a 5-codon password (15 bytes) has only about 1 billion combinations. This is equivalent to a 5-character password where you can use upper/lower case and period and comma.)

So the three-letter codons become your alphabet and a password policy that requires at least 15 letters (upper/lower case, numbers, period and comma) thus requires at least 15 codons. Both have an effective alphabet size of 64. So the codon-based password would contain 45 bytes. I bet a lot of sites and apps don't support passwords that long.