These days a single computer user can have dozens of passwords. If
there are computers at your job you may have 3 or 4 passwords to log
on to your local system,
a database or even a secured room
Though many people don't require a logon for their home
PC, they will definitely have one for email and various online
accounts. Here is a guide to assist you in strengthening
your passwords and password techniques.
After reading this article
you will know the following:
● How to make good passwords
● Good password practices
● Techniques to manage all of
your passwords
How to Make Good
Passwords
Choose a password with the following:
● At least 8 characters in
length
● 1 number
● 1 special character
● Upper and lowercase.
Passwords with difficult combinations make it harder for tools
like L0phtcrack, Brutus,
John the Ripper, Cain and Able and other password crackers to decipher
your password.
When creating a password, don't use personal information
such as birthdays, children names, last and first names. Avoid
using words or phrases that can be easily guess or cracked with
a "dictionary attack." Do not use the same password on the
different systems. If you work in a classified environment,
passwords should be treated at
the same level of classification at the systems they protect.
Good password practices
Never share your password with ANYONE including your
Administrators, Help Desk personnel or System
Administrators. IT professionals at your job or Internet Service
Provider (ISP) will not normally ask you for your password. If
they do need it then you should give it to them in person and
ensure you change it as soon as they are done with their task.
A common "Social Engineering" tactic is for malicious hackers
to call you pretending to be from your computer support staff.
Another tactic is to have trusting users email the password
or type it into what looks like a legitimate site, this is known
as "phishing."
Be aware of your surrounding when your are typing your password.
Watch for "shoulder Surfing" or people watching what you
type as you are entering your password.
If you use the web to access critical information (such as
online banking, or medical information) ensure that the site
uses some type of secured method of encryption. You will
know this if the site's URL begins with an "https." SSL and
Secure HTTP are sometimes indicated by a tiny lock in a corner
of the page.
If their is no encryption then it may be possible for
unauthorized users to view and/or capture the data you enter.
And later access the account.
It is best to memorize your passwords. If it is difficult
to memorize all your passwords read
Techniques
to manage all of your passwords
It is best to memorize all of your passwords however if you have
literally scores of passwords from work, home, online business
ventures and the bank and you do not have a photographic memory,
you may want to write them down.
If all, or
most of your passwords are used a home, writing them in
a journal or small loose leaf binder can provide a double
sense of security.
First, they'll be readily available if your memory
fails you and Second, should you experience a hard
drive crash or other loss, you'll be able to reload and
initiate your favorite programs if you also include your
CD (program exe file) Security Key numbers with your passwords. |
 |
Author of Beyond Fear, and
system security phenomenon, Bruce Schneier recommends writing down passwords and putting them in your wallet as
does Senior Programmer for Security Policy at Microsoft, Jesper
Johannson.
Another management techniques is to allow Windows (and other
Operating Systems) to automatically fill in the data. This is
great for trusted SECURE environments such as home systems
in which you don't need to hide any account information from
anyone, but not such a good idea for the work environment.
It
should also be noted that systems without a high level of
Internet security (firewalls, updated patches, etc) should
not use the auto fill features as the passwords are many
times stored on the system in cleartext making it easy for
malicious code such as spyware, trojans and worms to steal
your passwords and account information.
SO, the Question then, is
"How Safe are Your
Passwords?"
This is a call to action
to read the Vipre Security Company post "Does
Your Password Pass the Test?", and get some
more expert guidance on creating your own Strong passwords.
When was the last time you reviewed your passwords?
Maybe now's the time to take a new look.
TRY THIS TEST >>
http://howsecureismypassword.net/
You will be astounded - well, at least
Surprised! |
|
|
