All notes

My 14-Year-Old Self Built a Pen-and-Paper Cipher (And Locked Me Out 14 Years Later)

  • Security
  • Cryptography
  • Story
  • Passwords

As developers, we spend a lot of time thinking about encryption, secure authentication, and algorithmic logic. But recently I stumbled across a piece of paper from 2012 that reminded me I have been overengineering security systems since I was 14 years old.

I found an old handwritten note labeled "My E-mail Password." It wasn't a password. It was a full-blown cryptographic escape room. Back then, living in Jammu & Kashmir when the internet had barely arrived and most calls still went through a landline, a personal email felt like owning a small piece of the future. I was terrified of forgetting the password, but writing it in plain text felt wrong, so I built this instead. It was so complex that today, 14 years later, I could not fully decode it myself.

Handwritten 2012 note titled 'My E-mail Password' showing eight scrambled password strings, a 5x5 letter-pair matrix, a numeric key stream, coordinate pairs, and a quadratic equation.
The original 2012 sheet. Every section is working data, not decoration.View full size

Here is a breakdown of the analog encryption algorithm my teenage brain invented. What makes it interesting is that none of it is throwaway: every string, number, and grid cell is live data, and the password only appears once you make all the layers interact.

1. The Mathematical Key

At the bottom-right of the page sat a math problem: kx(x-2)+6=0. To even begin, you had to solve this quadratic for the case where the roots are equal, which gives k=6. That number 6 was the master pointer for the rest of the sheet, selecting which line the assembly would anchor on.

math
kx(x-2) + 6 = 0
=> k·x^2 - 2k·x + 6 = 0

equal roots  =>  discriminant = 0
(2k)^2 - 4·k·6 = 0
4k^2 - 24k = 0
4k(k - 6) = 0
=> k = 6   (the master pointer)

2. Eight Working Fragments

The top-left held eight complex, scrambled password-like strings. The trap: if someone solved the key and guessed the 6th string was the password, they would fail. The real password was never written on any single line. It was fractured into pieces, a word, a date-like number run, and symbols, and those pieces were distributed across all eight strings at once. Every line carried a real part; none of them was a throwaway decoy.

3. The Relational Cipher Matrix

This is where it got out of hand. The right side of the page added three interacting parts under the instruction "Nm thn elp" (Number, then elp):

  • A list of nine long numeric strings: a key stream that dictated reading order.
  • A 5x5 substitution matrix of letter pairs, labeled 'elp'.
  • A set of (x, y) coordinates, plus an assembly sequence that fixed the final order.

To reassemble the password you cross-referenced the key stream against the coordinates, ran the result through the 5x5 matrix, and pulled characters out of the eight strings in exactly the right order. Get one step wrong and you got noise. Get every step right and the password fell out.

The Verdict

I might not remember the exact final execution step today, but I remember it worked perfectly back then. It kept everyone out, and it let me in. Looking at this sheet is a humbling reminder of where my developer journey actually started: before I could write code, I was already writing analog algorithms.

I have always loved building complex systems, even when that meant making it absurdly hard just to check my own email. The instinct to protect information came years before the knowledge of how to do it properly, and closing that gap is a good description of what learning to be an engineer really is.

Written by Aasif Ashraf, Full-Stack Developer.

Get in touch →