01 May 2010

8 tips for a safe password

4 Password tips - What you should DO for a safe password!
OK to do
  • Use long passwords. The longer your password is, the safer. Use a password that has at least 8 characters, and for your high-security accounts, security experts recommend even longer passwords: at least 14 characters.
  • Mix your password up. Use a mix of uppercase letters, lowercase letters, numbers, and symbols—the more types of characters you use in your password, the harder it is to guess.

    To illustrate: For an 8-character password with all lowercase letters, a cracking tool would be able to run through every possible combination in 2.42 days. By mixing in uppercase letters, numbers, and symbols, the tool would take 210 years to run through every combination.

  • Use text that's not in a dictionary. A password cracking program can check millions of dictionary words in seconds. Avoid "real" words that can be found in a dictionary.

  • Change passwords regularly. Change your passwords on a regular basis. Every 60-90 days is the recommendation of most security advisors; you may want to change them more or less often depending on the security of the information the password is protecting.

4 Password tips - what you should NOT DO for a safe password

stop doing this
  • Don't use 'password'. The word password and variations such as password1, passwd, p@$$w0rd, and drowssap (password spelled backwards) are so common that many hackers start with these.
  • Don't use easy-to-guess patterns. Don't use a sequence of characters (like 123456 or abc123), repeated characters (ioioio) or patterns that use characters that are close together on the keyboard (qwerty).

  • Don't use your name or other personal characteristics. Don't use your first or last name, and don't use terms associated with your personal life that others may know, like the name of your spouse or children, names of pets, license plate numbers, and phone numbers.

  • Don't use the same passwords for every account. The risk in using the same password for multiple accounts is that if someone figures out one password, that person now has access to everything else. For the utmost in security, use a different password for every password-protected program, web site, and account that you use. It's particularly critical that you not re-use your email account password on web sites because once it’s compromised, the door is opened to all your accounts that have your email address on file.
Reblog this post [with Zemanta]

No comments:

Post a Comment

LinkWithin

Blog Widget by LinkWithin