Thursday, 6 March 2014

Picking a Password and Password Security

There are so many things that require passwords theses day that remembering them can be a problem, because of this a lot of people pick there passwords poorly, but it is important that everyone should know how to choose a good password and keep it safe.

All passwords should be at least eight characters long and use a mixture of upper and lower case characters, numbers, punctuation and symbols. Passwords should never be words that can be found in a dictionary because of an attack method known as a dictionary attack, this is when software tools are used that can try every word in a dictionary or word list or both until your password is found. The same password should never be used for more than one thing, i.e. your computer password should not be the same as your email password.



Don’t ever choose a password based on personal information such as name, birth-date, wife’s name, phone number, address etc. Choose a password that can be remembered and avoid writing it down anywhere. Passwords should never be stored on a computer except in encrypted form and never emailed or sent through an unsecure channel.

Password generating software is available for free to make secure passwords and there are websites that will give you a rating as to how secure your password is. It should be made mandatory in a business environment that every employee should have to change their password regularly, I suggest at least once a month. A completely different password should be picked rather than just adding a number onto the old password; which is a fairly common practice.


If you need to write down passwords make sure the paper with the password is in a secure place that only you have access to; but writing down a password is a bad idea even if you think it will be stored securely. Be careful of entering a password when others are present and be sure no one is looking over your shoulder as you enter a password as ‘shoulder surfing’ is a common method of someone attaining your password. 

No comments:

Post a Comment