Passwords are, perhaps, the second weakest link in computer security. (YOU are the FIRST)
Improper use of passwords is worse than no password at all.
If crackers can get a user’s password, they don’t have to worry about using exploits to get past security.
Worst of all, you can make it easy for them by not following best practices for password selection and security.
There are many ways for crackers to get passwords.
Some are technical hacks that involve sniffing a network or cracking a password file.
Others are as simple as guessing the password or tricking a user into giving it to them.
Good management can thwart many attacks aimed at cracking passwords.
Password best practice
1. Don’t write down your passwords. You would be surprised to find out how many networks have been compromised because of passwords that were written down. If you must write your passwords down, either because they are difficult to remember or change frequently, make sure you keep the list in a very secure place.
2. Don’t use plain words for passwords. If it’s in the dictionary, it’s not a password. Crackers can use software that automatically tries every word in a dictionary file. If you use a plain word, such as horse, they can easily crack it.
3. Don’t use personal information as passwords. Crackers can easily guess the names of friends, kids, pets, and other personal information. That includes birth dates and phone numbers, too.
4. Consider using computer-generated passwords that consist of random strings of letters and numbers. These are harder to remember, but they are more secure. Randomly mix upper- and lowercase letters within your passwords.
5. Don’t reuse a password; select a new one for each account. If you use the same password across several accounts, they could all be compromised.
6. Never tell someone your password over the phone. Companies never contact their customers and ask for passwords over the phone. Crackers pose as tech support personnel from an ISP and obtain passwords from unwitting customers.
7. Change your passwords periodically, every few weeks or so.
8. Make passwords sufficiently long so that they will be difficult to crack. A minimum of six characters, preferably eight, should be a rule of thumb.
Can you think of any more password tips?