How To Create and Keep Passwords Secure
Most Passwords Are Unsafe
One of the easiest ways to break into a system is to use
common passwords. Most software packages, Internet appliances
and even switches ship with default passwords. Sometimes these
"passwords" are NULL -- in other words, there is no password assigned.
Many attempts against the security of systems are performed in
an attempt to get a hold of encrypted passwords. These password
files are then subjected to brute force attacks using common or
dictionary words. Unfortunately these type of attacks are often
Secure Password Tips
Don't use words that can be found in the Dictionary.
Password hackers use hundreds of thousands of common words when
they're trying to crack your password. Make something up.
Don't use any personal information. Someone who does some
research can usually find out your phone number, birth date,
special dates, names of your kids or pets, etc. Keep away!
Do use special characters. Include punctuation characters
and numbers in your passwords.
Do use mixed case. Include both UPPER and lower case characters
in your pASSwoRd!
Use different passwords for important systems. Never use
the same password you may have assigned yourself at a web site
for your file server, or even internal e-mail system.
By using different passwords often, you are limiting your
exposure for a password breach to (hopefully) one system.
Don't give your password to anyone. Your system administrator
can reset your password if necessary, but make sure you change
it soon. If someone is asking you for your password treat
the conversation like they were asking for your social security
number or your credit card information.
C/Net -- Passwords: The Weakest Link?
Microsoft -- Security and Privacy for Home Users.
SANS -- Strong Passwords
What to do?