Tuesday, 12 July 2011

Password construction and management

Passwords are the first line of security in many applications and used by everyone every day. Passwords give access to such a vast array of services like Internet banking, Facebook, Twitter and even your pc (for those that have a password).

Keeping track of all these passwords can become very difficult and to have a different unique password for each and every application is near impossible, so what is one to do? There are a number of options available but before that lets go over some absolute no-no’s when dealing with passwords.

Do not write the password(s) down on anything and do not leave the post-it note with your password stuck to your monitor or underneath the laptop. Apart from breaking the first rule why bother having a password.

Try not to use family names, favourite sports team, pets or birthdates as your password. With the increase in use of Facebook and other social media it is very common these days for people to put such personal information onto the web and for a hacker this is the easiest place to start when trying to access your account.

Passwords should be as complex as possible, but this brings its own complexity t it. If you make the password to difficult you will either forget it or you end up writing it down, breaking rule 1. A possible solution is creating your own unique formula for passwords.

Facebook password could be something like Fr13nd$456 and Twitter maybe B1rd!35, by associating the site with what you do on it can help you create a unique password that meets the general norms of strong password creation.

Creating strong passwords normally require a mixture of the following:

1.       Be Alphanumeric (letters and numbers)

2.       Contain a special character (!, @, %, etc...)

3.       Be at least 7 characters or more in length (the longer the better)

4.       Refrain from using normal words found in a dictionary

Trying to manage passwords is difficult and most people do get lazy and set one password for every site. This may be fine if you have a very strong password but remember if you have password for all it is like having a master key to everything.

Another tip when setting up new accounts or registering for something on a page and you need to answer a personal question in case you forget your password, do not put the real answer. So if you select your personal question to be your mothers’ maiden name, use your grandmother’s name instead. Just doing something a little extra will help protect yourself that much more.

No comments:

Post a Comment