Sunday, March 14, 2010

SIX GOLDEN RULES FOR STRONG PASSWORDS



Waking up to someone asking you for help because their password has been hacked is an unpleasant experience. But such calls are becoming commonplace, not because hackers are becoming smarter (well they are), but because people are stupid enough to keep their passwords simple.
A recently released report from Imperva (http://tinyurl.com/iepasswords) highlights that the most common password used by people is 123456. Moreover, 30 per cent of people use passwords under or equal to six characters, only 60 per cent of them use alpha-numerics and nearly half use slang words, consecutive digits and so on. That’s why I have decided to share with you the six golden rules of a good password.

Rule 1: No personal information
Don’t use your child’s birth date, or a date from your life to make a password. If you can get a clue easily, so can a person who knows you well. Hackers can gain information to your accounts, computers and even to your Facebook page.

Rule 2: Use mixed case
Now that you know you are not allowed to use your child or spouse’s name or your anniversary as your password, try using mixed case in your password. There are some websites and programs that will require you to have one capital character and a special character, but mAkE it a HabbIt as it will make your passwords a bit difficult to crack at one go.

Rule 3: Replace characters
Replace a character with another one to make a password. A simple way is to use the hacker’s language called L33T — replace an E with a 3, an A with 4. But if everyone does the same, everyone will know how to solve the puzzle. So make your own rules and stick to them.

Rule 4: Use passphrases
Quite a few companies now do not restrict the length of the password. So use a passphrase, such as ‘I love you’. You can make it 1 l0v3 y0u, but then that’s one of the most commonly used phrases. I would really go in for something like, 1 w0uld r34lly g0 1n f0r s0m3th1ng l1k3. See how simple it is.

Rule 5: Use different passwords
Well, I agree that creating a complex password will mean, that you will want to use it across all websites you use. That is a big no. Use different passwords, maybe, use a phrase from a song you love, line one on one site, line two on the other. In case you can’t remember the various passwords, there are great free utilities like KeePass (www.keepass.info) which work on Windows, Linux and Mac.

Rule 6: Change your passwords often
A big problem with people is that they find one complicated password and use it over and over again. Eventually, everyone gets to know it and it becomes easier for an outsider to learn about it. It is not really important to go out and change your passwords every day, week or a month; just do it often and try not to use the same password again.

--
The above article appeared in the Indian Express, on Sunday Feb 07, 2010

0 comments:

Creative Commons License
Writings by Gagandeep Singh Sapra by Gagandeep Singh Sapra is licensed under a Creative Commons Attribution 2.5 India License.
Based on a work at www.thebiggeek.com | www.gagandeepsapra.com | www.g-spot.in.
Permissions beyond the scope of this license may be available at www.thebiggeek.com.