Password Security

Since they are the only method typically used to identify a legitimate user, passwords security is extremely important! Unfortunately, many sites and recommendations focus on what not to do, such as don’t write the password down, don’t use dictionary words, etc. While these tips are useful, they don’t really train the user on what they should do.

So, let’s examine one way to come up with a good password. (And later, some sites to check the strength of the password.)

One method is to take a phrase, such as, "Mary had a little lamb" Then, take the first or first two letters of that phrase to compose the password. In this case, I’ll choose the first two letters. This creates a password of:

Mahaalila

This can be strengthened even further with character substitution. Some Web sites don’t allow for symbols in the password, but fortunately, even without symbols this is a stronger password than most users will come up with on their own. Yet, this should still be easy for the user to remember.

Adding character substitution with the character "a" substituted with "@" and "i" with "1" gives:

M@h@@l1l@

This creates a pretty strong password. But, many organizations require the user to change passwords periodically. In these environments, most users will simply add a "1", "2", "3" until they can use the original password. Not surprisingly, this isn’t very secure.

To deal with periodic password changes in a secure way, an easy way is to simply add the date the password was change to the end of the password (or before, depending on preference.) So, if the password was changed on November 2008, then "1108" would be added to the password.

This gives:
M@h@@l1l@1108

This password should meet most organization’s password security requirements, yet still allow for the password to be easily remembered by most users.

But, how does one know how secure their password is? Here are some sites that check how strong a password is:
Microsoft’s password checker site:
http://www.microsoft.com/protect/yourself/password/checker.mspx

Password Strength Checker:
http://www.passwordmeter.com

Advertisements
This entry was posted in Computers and Internet. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s