2219 12th Street North, Suite B | Fargo, ND 58102
701280.9040 | 888449.9040
- Ignus Monthly Employee Profile
- How Technology & Business Get Along
- CRM – A Practical Introduction.
- XML – The Way of the Future
- Ignus Insight November 2007
- Ignus Insight January 2008
- Important New Linux Distributions Coming Soon
- Microsoft Makes $44.6 Billion bid for Yahoo!
- Quick Tip
- Final Release of PHP 4
- Mozilla Firefox browser vulnerable to session stealing bug.
- (Not So) Quick Tip
- Ignus Insight December 2007
- Ignus Insight October 2007
- Ignus Insight September 2007
- Ignus Insight August 2007
- Ignus Insight July 2007
- Ignus Insight June 2007
- Ignus Insight May 2007
- Ignus Insight April 2007
- Ignus Insight March 2007
Secure your Passwords
Wes Henry
Secure passwords are ideal for many reasons.
I often overhear people complain about having to use passwords, or having too many passwords. I'll get comments like, "Why do I need a hard password like that?" Sometimes accompanied by groans of "I'll never be able to remember it."
The reason you need a good password, I reply, is the same reason you have passwords at all. It's not to make your life difficult, it's to make it difficult for anyone else to access your private information or network accounts.
Who might want to access your account or private information?
Well, since it is the age of the Internet, attackers and malcontents can now misuse the power of the Internet to reach out and attempt to break into computers and networks they have no business using.
The anonymous nature of network attacks and the global access via the Internet are adding to the temptation even for the curious. No longer are attempted break-ins solely the domain of hardened criminals.
And there's the ever-present temptation even for those on the inside of the company network.
What's a good-enough password?
The best passwords are long (at least 8 characters, but up to 16 is best) and made up of a combination of lower-case letters, upper-case letters, numbers, and even punctuation. And you should never use any words that could be found in a dictionary or list of common names.
One general rule of passwords, is "The longer, the better." Anything less than 8 characters is generally considered a very bad idea. The time it takes to actually brute-force attack a password isn't linear, it's exponential. In other words, it takes much more than twice as long to crack a password that's twice as long.
For example, an attacker that can crack a simple 4-character password in about 3 days would take almost 691 trillion years (yes, Trillion, with a T) to crack a password of 16 characters.
How do I make up a good password?
There are two methods that work well for making up passwords. One is to take the first letter of each word in a sentence and combine them to come up with your password. This has the advantage that it's easier to remember but it�s also typically less complex and therefore easier to attack.
For example: if I used the sentence, "My new secure password is 8 characters long." I'd come up with a password of Mnspi8l (remember to take the first letter of each word.) That makes a reasonably good password and I can remember the sentence easier than I can remember a string of letters and numbers.
The other method is to use a random password generator. This method is good because the passwords are more random and therefore harder to attack than the sentence method. Good random password generator programs let you choose the length of the password, types of characters, etc. so you can pick the complexity you want.
Screen shot if iPazz.
To help you create good, secure passwords, I've written a simple random password generator that you can use. It's called iPazz and you can download it for free from Westonhenry.com It uses Java so be sure you have the latest version of Java installed, which you can download from Sun Microsystems.
Now we'll all have better passwords and the world will be a more secure place.