Sunday, October 12, 2014

Computer Security --

With the number of attacks on websites, it’s a good idea to change your passwords frequently.  I’ve been noticing that Yahoo and Hotmail seem to be vulnerable of late.  At the very least, if you haven’t changed your email’s password in the last year, you should do so right now.  Well, not this very moment, but after you read the rest of the document and learn what makes a good password.
Places that have a password:
Your email has a password.  You will also have a password for the following:  wireless router, cell/smart phone, computer account, wireless network, banking, investment sites, online (cloud) storage, remote computer access software, Twitter, Facebook, LinkdIn, bill pay sites, utility sites (power, water, phones, interent) and I’m sure there’s more.
Check your password:
                GRC Password Haystack:    
                How Secure Is My Password:
Picking a good password: 
  • Have both upper and lower case letters
  • Have digits and/or punctuation characters as well as letters
  • Are easy to remember, so they do not have to be written down
  • Are seven or eight characters long
  • Can be typed quickly, so someone else cannot look over your shoulder
Picking a bad password:
  • Your name, Your spouse's name, Your parent's name, Your pet's name, Your child's name
  • Names of close friends or coworkers
  • Names of your favorite fantasy characters
  • Your boss's name, Anybody's name
  • The name of the operating system you're using
  • The hostname of your computer
  • Your phone number, Your license plate number
  • Any part of your social security number
  • Anybody's birth date, Other information that is easily obtained about you
  • Words such as wizard, guru, gandalf, and so on.
  • Any username on the computer in any form (as is, capitalized, etc.)
  • A word in the English dictionary, A word in a foreign dictionary
  • A place, A proper noun
  • Passwords of all the same letter
  • Simple patterns on the keyboard, like qwerty
  • Any of the above spelled backwards
  • Any of the above followed or prepended by a single digit
What Microsoft says about passwords:
·         Length. Make your passwords long with eight or more characters.
·         Complexity. Include letters, punctuation, symbols, and numbers. Use the entire keyboard, not just the letters and characters you use or see most often. The greater the variety of characters in your password, the better. However, password hacking software automatically checks for common letter-to-symbol conversions, such as changing "and" to "&" or "to" to "2."
·         Variation. To keep strong passwords effective, change them often. Set an automatic reminder for yourself to change your passwords on your email, banking, and credit card websites about every three months.
·         Variety. Don't use the same password for everything. Cybercriminals steal passwords on websites that have very little security, and then they use that same password and user name in more secure environments, such as banking websites.
A good password starts with a base word phrase. This means: choose a memorable catchphrase, quotation, or easy-to-remember saying, and take the first letter from each word. Choose a phrase that is memorable to you.
  • Can't See the Forest Through the Trees:  cstfttt
  • Put Up or Shut Up:  puosu
  • If the Shoe Fits, Wear It:  itsfwi
  • You Can Lead a Horse to Water:  yclahtw
  • The Last Mile Is Always Uphill: tlmiau
  • I Think, Therefore I Am:  ittia
  • Oh Say Can You See:  oscys
Passwords start to become strong at 6 characters long. While a long password can be annoying to type, a long password really helps to slow down brute force hacker attacks.
Tip: lengthen your password by adding the website name or computer software name to the base phrase. For example:
  • cstftttGmail
  • puosuVista
  • itsfwiEpinions
  • yclahtwWin7
  • tlmiauMac
  • ittiaAboutdotcom
  • oscysPayPal
  • hbdcEbay
Password strength increases significantly when you change some of the password letters into non-alphabetic characters, and then include uppercase and lowercase letters within the password. This 'character scrambling' creatively uses the shift key, numbers, punctuation marks, the @ or % symbols, and even semi-colons and periods. These unusual characters and numbers make your password even less predictable to hackers using dictionary database attacks.
  • CstftttGm@il
  • Puo5uVista
  • 1tsfwiEpinions
  • Ycl@htwWin7
  • 7lmiauMac
  • ittiaAboutdotcom
  • o5cysPayPal
  • hbd(Ebay
At home, you should rotate your passwords as a matter of good computer hygiene. If you are using different passwords for differents websites, you can do yourself a favor by rotating portions of your passwords every few weeks. Note that rotating parts of the password, not the entire passwords, will help deter hackers from stealing your phrases. If you can memorize three or more passwords at the same time, then you are in good shape to resist brute force hacker attacks.
OK Password:
Better Password:
Excellent Password:

No comments:

Post a Comment