Protect your password
Sanjeev Bhatti
THE
Internet has brought faster access to information related to both:
business and personal. But we can’t also ignore the fact that
malicious codes are also delivered through the Internet by hackers
and crackers.
In order to save and
secure information we need to implement some security policies. One
biggest security breach is password that we use for accessing
resources (printers, modems, files) from the network. Those users
who don’t take pre-emptive action in keeping a password secure
face high risk of losing information and misuse of their personal
data.
For breaking into
passwords, hackers use some special decoding programs that can be
downloaded from the Internet.
The more difficult a password is, the more secure it is. For
example, if a user chooses a one-character password that can be any
upper- or lower-case letter or a digit, there are 62 possibilities.
A cracking program can guess it quickly. Meanwhile, same 62
characters can be used to form 218 trillion eight-digit passwords.
Unfortunately, users generally put the odds in the cracker’s
favour by choosing easily guessed combinations.
Security specialists
recommend the following guidelines:
-
Use as many
characters as possible (minimum six).
-
Include upper- and
lower-case letters.
-
Include digits and
punctuation marks.
-
Don’t use
personal information, such as names or birthdays.
-
Don’t use words
from a dictionary.
Techniques for
creating effective passwords:
-
Use a vehicle
license plate. For example: "GR8way2B."
-
Use several small
words with punctuation marks: "betty, boop$car."
-
Put punctuation in
the middle of a word: "Roos%velt."
-
Use an unusual way
of contracting a word: "ppcrnbll."
-
Use the first
letter of each word in a phrase, with a random number:
"hard to crack this password" becomes
"htc5tp."
No matter how strong a
password is, it can be guessed eventually. So passwords should be
changed regularly. Additionally, users must never share their
passwords, use the same password twice, or write it down at an
obvious place. By securing their systems, creating strong passwords,
and following safeguarding techniques, users can be much more
secure.
Administrators should
run security policies in order to protect passwords from hackers.
Clipping levels should be activated. It means a count down should be
done on wrong attempts and the account should be locked after
following the clipping level. User should be forced to change
passwords in 15, 30 or 45 days depending on the frequency of
accessing logging on and logging off in order to access the
information. Other security policy like minimum password length
should be kept to 9 characters with no repetition of last 10-15
passwords, depending upon the frequency of accessing the
information. Network administrators should copy the password file
onto a standalone PC and should run any password cracking utility in
order to check
the strength of the password. Users shouldn’t send their password
through e-mails, write on a piece of paper or in diary or create a
document of all of your password and save it on your desktop. If you
write password down, make sure that you keep it safe. Writing your
password on a post-it note and then sticking the note to your
desktop is asking for trouble.
In general, it is
better to remember your password and not write it down anywhere. The
passwords should be protected in the same manner as your credit card
or bank account numbers.
|