Aussie Community Helpdesk
May 23, 2012, 04:03:39 AM*

Welcome, Guest. Please login or register.

Login with username, password and session length
News: Welcome to Aussie Community Helpdesk!
Advanced search  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: 10 rules to protect your password  (Read 216 times)
witchy
Addicted Member
*
Offline Offline

Posts: 419



View Profile
« on: August 08, 2009, 01:35:05 AM »
1

Passwords should be stored between your ears. There is no other solution. All of your passwords should be stored in your brain. Don't write them on a sheet of paper. Don't type them in a secret file. If you place your passwords in any place other than your brain, you are opening a huge hole in your personal security from the start.

2

Don't use guessable passwords based on public information. The name of your wife and your children and your pets are public information. Although they are easy to remember, they are easy for others to surmise as well. Here's a trick. Open up a dictionary and open it up to a random word and use that word. You get the idea. You can check out this list of passwords to avoid.

3

Never use the same password for everything. Now that you keep all your passwords in your head (see Rule 1), the easiest solution is to remember one and only one password. WRONG. It's not that easy. The reason is that if someone can figure your password, then they have access to everything that is you. You have just become an identify theft victim of the highest order. This requires a lot of thought. The question is how many passwords are enough? Some people say that one should have a different password for each and everything you do. If you are going to follow Rule #1, the job becomes impossible even for a mathematical genius. It is a dicey game, but your goal is to maximize the number of passwords while still following Rule #1.

4

Don't let FireFox and IE store your passwords. This is against Rule #1, remember? Yes, it makes your life a lot easier as you cruise from one web site to another without a speed bump. The problem is that you also have made it a lot easier for someone else to see all your most intimate stuff. It really bothers me that both IE And Firefox attempt to store your passwords by default.

5

Do not answer secret questions. The way that Sarah Palin and the Twitter employee were "hacked" were through secret questions. I don't like secret questions nor do I like web sites that use them. They are a security disaster waiting to happen. It is in violation of Rule #1. These are indeed scary times. Even today, when dealing with telephone support, they always ask a set of 'secret questions'. They usually are the last 4 digits of your social security number, and your mother's maiden name. The problem is that it is not hard for a stranger to figure out these pieces of information. Now the problem is worse. They want to know the color of my first car. Or my favorite movie? That one really strikes of stupidity. My favorite movie may change, and therefore I probably won't be able to remember what I answered 5 years from now.

6

Make your passwords long. The longer your password the better. We all have been exposed to the password strength meter. I guess that old adage is finally true. Size does matter. But seriously, the reason historically for big passwords were so that people could not write computer programs to guess your password. Those days are past. Nowadays, if someone tries to guess a password wrong more than 3 times, quite often the account is disabled. The reason for a long password is different. If someone is looking over your shoulder, or they have seen you type your password a million times, they are less likely to remember a long one.

7

Type your password quickly. I am fortunate because I type quickly. Going back to Rule #6, the slower you type, the longer your password should be. The reason is the same. It's not hard to figure out someone's password by looking at their fingers, particularly a slow typist.

8

Don't use public terminals. I am guilty of this, and I will never do it again. Using public terminals might be fine for getting sports scores and the news, but after that you are running risks. There are lots of people milling about a public area. But more importantly, you have no idea if the terminal has key logging software or other spyware that could be harvested at a later point of time.

9

Your email password is sacred. Of all your passwords, your email password is the most important. Many sites use your email address as your user name. More importantly, almost all sites use your email address as a method of sending a forgotten/lost password. Therefore, if someone has compromised your email, they could go to all your favorite sites and submit that password to be remembered or reset. Then they have access to everything. Your email is the gateway to all of your other passwords.

10

Don't leave your PC logged on and unattended. I don't care if you are at work, or the safety of home. Always log off your computer if you are going to be away. It is a good practice and a good habit to get into.
Logged
neonwizard
Management
Guru
*
Offline Offline

Posts: 5222


imfndunn


View Profile WWW
« Reply #1 on: August 08, 2009, 06:06:04 AM »
I use a application to remember all my passwords, to difficult to remember something like:
#2&/{4@^9:}3.67?8 but this is what your Bank Account password should look like if your Bank online, it may look like overkill but tell me that after your account has been accessed by someone other than you.

 
Logged
My Twitter
Mac Pro 2x 2.26GHz Quad-Core Intel Xeon (8-Core) + 16GB memory + 2 Dell U2711 27" Ultrasharp Wide Screen Monitors
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

B l a c k - R a i n V.2 by C r i p ~ Powered by SMF 1.1.16 | SMF © 2006-2007, Simple Machines XHTML | CSS   

Page created in 0.046 seconds with 18 queries.