Password Protection

How to maintain a secure password ?

A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (example: an access code is a type of password). The password must be kept secret from those not allowed access.
The use of passwords is known to be ancient. Sentries would challenge those wishing to enter an area or approaching it to supply a password or watchword. Sentries would only allow a person or group to pass if they knew the password. In modern times, user names and passwords are commonly used by people during a log in process that controls access to protected computer operating systems, mobile phones, cable TV decoders, automated teller machines (ATMs), etc. A typical computer user may require passwords for many purposes: logging in to computer accounts, retrieving e-mail from servers, accessing programs, databases, networks, web sites, and even reading the morning newspaper online.
Despite the name, there is no need for passwords to be actual words; indeed passwords which are not actual words may be harder to guess, a desirable property. Some passwords are formed from multiple words and may more accurately be called a passphrase. The term passcode is sometimes used when the secret information is purely numeric, such as the personal identification number (PIN) commonly used for ATM access. Passwords are generally short enough to be easily memorized and typed.

Always change a pre-supplied password. Many products come with placeholder passwords such as "administrator" or "password." Using these stock terms as passwords is about as effective as using no password at all.

Make the password long enough. A password should be at least eight characters long — the longer the better.

Don't use ordinary names or words. Names and words, whether in English or any other language, can be quickly identified through the use of programs that scan through dictionaries at high speed and guess at passwords.

Use passwords that include numerals, punctuation, and upper- and lowercase text. Anything that makes your password more difficult for enemies to guess is a good thing.

Use mnemonics. Create a sentence you can easily remember, such as "My two daughters' names: Katie and Sandy." Now take the first letters of each word in the sentence, turn any numbers into numerals, retain the capitalization and include the punctuation. The easy to remember yet highly secure result: "M2dn:KaS."

Avoid writing down the password. If you don't trust your memory, write down a hint, such as "names of daughters."

Use encryption. If a password must be written down, it should be placed in an encrypted file that isn't named something like "passwords" or "security codes." A password manager is the best approach. Vendors such as Citrix Systems Inc., MyPasswordManager.com and WhiteCanyon Inc. offer password managers that are both secure and easy to use.

Never loan or share a password. A password is like a toothbrush, so never loan out a password to a friend or colleague. Instead, try to help the person obtain his or her own account or limited-time guest privileges.

Use different passwords for multiple accounts. A single password is easy to remember. On the other hand, if that password is ever lost or stolen, it means exposing multiple systems to a thief or a snoop.

Don't use the same passwords for home and work. Mixing personal and business passwords is never a good idea, particularly because home accounts may be used by multiple individuals (such as a spouse or children) who aren't employees and may not be as careful with password data.

Change passwords frequently. Like bread, passwords go stale. Changing a password every few week ensures that even if your password is stolen by a careful thief or snoop who manages to access your account without leaving a trace, it won't be operational for very long.

• < Prev
• Next >