פוסטים אחרונים

תגיות

על הבלוג

עקוב אחרי בטוויטר

פרסומות

ניווט

.Practice This.

Practice This blog

Strong Passwords

Although passwords are weakest way for authentication one can raise the security bar by creating strong passwords that hard to crack.

Here are some guidelines from guidance explorer for creating strong passwords:

DO use a password with mixed-case letters. Use uppercase letters throughout the password.
DO NOT just capitalize the first letter, but add uppercase letters throughout the password.
DO NOT use a network login ID in any form (reversed, capitalized, or doubled as a password).
DO use a password that contains alphanumeric characters and include punctuation, such as ! and $.
DO NOT use your first, middle or last name or anyone else’s in any form. Do not use initials or any nicknames.
DO NOT use a word contained in English or foreign dictionaries, spelling lists, or other word lists and abbreviations.
DO use at least seven characters.
DO NOT use other information easily obtainable. This includes pet names, license plate numbers, telephone numbers, identification numbers, the brand of your automobile, the name of the street you live on, and so on. Such passwords are very easily guessed by someone who knows the user.
DO use a seemingly random selection of letters and numbers.
DO NOT use a password of all numbers, or a password composed of alphabet characters. Mix numbers and letters.
DO use a password that can be typed quickly, without having to look at the keyboard. This makes it harder for someone to steal a password by looking at the keyboard (also known as "shoulder surfing").
DO NOT use dates e.g., September, SEPT1999 or any combination thereof.
DO change passwords regularly. The more critical an account to network integrity (such as root on a Unix host or Administrator on Windows NT), the more frequently the password should be changed. This change stops someone who has already compromised an account from continued access.
DO NOT use keyboard sequences, e.g., qwerty.
DO NOT use a sample password, no matter how good, from a book that discusses information and computer security.
DO NOT use any of the above things spelled backwards, or in caps, or otherwise disguised.
DO NOT reveal a password to anyone, as this automatically invalidates it's strength.

Created your password? You can check its strength here (no one is collecting it...):

Password checker

Cheers

פורסם: Jan 16 2007, 05:17 PM by alikl | with 2 comment(s)

תגים:Security, Deployment, Totally Hacked

תוכן התגובה

Chris online » Blog Archive » Guidance Explorer כתב/ה:

PingBack from http://blogs.xcr-bg.com/?p=3

# January 17, 2007 12:02 PM

alik levin's כתב/ה:

"The log-in system used by Nordea has been the target of much criticism during recent months. Users log

# January 20, 2007 3:02 PM

אליק לוין