In this era, of technology dominating every activity, Password Policy is an integral part of life.
To keep my Passwords safety, apart from the expert’s opinion, I follow a simple encryption formula.
Encryption is the conversion of datainto a form, called aciphertext, that cannot be easilyunderstood by unauthorized people.
All my Passwords contain my dad’s nick name, his year of birth, substituted by the next letter/word, as the case may be, followed by a *.
For example: My Dad’s nick name is Chandu and year of birth is 1943.
So my password is Diboev2054*.
Instantly, my Password becomes strong, easy to remember, and virtually impossible to guess.
In case, I have to change, the logic is the same, but it can be of my city, vehicle etc.
However, the golden convention’s as mentioned, can be of assistance.
Password Protection
- Never write passwords down.
- Never send a password through email.
- Never include a password in a non-encrypted stored document.
- Never tell anyone your password.
- Never reveal your password over the telephone.
- Never hint at the format of your password.
- Never reveal or hint at your password on a form on the internet.
- Never use the "Remember Password" feature of application programs such as Internet Explorer, your email program, or any other program.
- Never use your corporate or network password on an account over the internet which does not have a secure login where the web browser address starts with https:// rather than http://
- Report any suspician of your password being broken to your IT computer security office.
- If anyone asks for your password, refer them to your IT computer security office.
- Don't use common acronyms as part of your password.
- Don't use common words or reverse spelling of words in part of your password.
- Don't use names of people or places as part of your password.
- Don't use part of your login name in your password.
- Don't use parts of numbers easily remembered such as phone numbers, social security numbers, or street addresses.
- Be careful about letting someone see you type your password.
Weak passwords provide attackers with easy access to your computers and network, while strong passwords are considerably harder to crack, even with the password-cracking software that is available today. Password-cracking tools continue to improve, and the computers that are used to crack passwords are more powerful than ever. Password-cracking software uses one of three approaches: intelligent guessing, dictionary attacks, and brute-force automated attacks that try every possible combination of characters. Given enough time, the automated method can crack any password. However, strong passwords are much harder to crack than weak passwords. A secure computer has strong passwords for all user accounts.
A weak password:
- Is no password at all.
- Contains your user name, real name, or company name.
- Contains a complete dictionary word. For example, Password is a weak password.
A strong password:
- Is at least seven characters long.
- Does not contain your user name, real name, or company name.
- Does not contain a complete dictionary word.
- Is significantly different from previous passwords. Passwords that increment (Password1, Password2, Password3 ...) are not strong.
- Contains characters from each of the following four groups:
| Group | Examples |
| Uppercase letters | A, B, C … |
| Lowercase letters | a, b, c … |
| Numerals | 0, 1,2, 3, 4, 5, 6, 7, 8, 9 |
| Symbols found on the keyboard (all keyboard characters not defined as letters or numerals) | ` ~ ! @ # $ % ^ & * ( ) _ + - = { } | \ : " ; ' < > ? , . / |
An example of a strong password is J*p2leO4>F.
Do not share your password with ANYONE – not friends, coworkers or family members. Your password is the only thing that that ensures privacy of your account. It is also your obligation to see that only you use your account. You are responsible for how your account is used, so do not let other people have access to it.Passwords are like Underwear...
No comments:
Post a Comment