Password – Usage and Awareness
- One of the main Security Breaches is because of using non – complex passwords.
- Extreme care should be taken in choosing your password. If your password is not hard to guess, then someone may be able to access or steal your data. To protect your data and yourself to some extent, you must select good passwords and secure them carefully.
- Users are solely responsible for protection of the systems they use. As a security measure, computer and network passwords should be changed regularly.
- Using different passwords for different systems is a best practice so that the same password won’t automatically allow access to other systems.
- Hackers have some utilities that can crack any password which are found in a dictionary.
- The use of good passwords acts as a prevention against password guessing and also cracking attacks, and can make “brute force” attacks to become difficult to crack
Recommended when Choosing and Protecting Passwords
Make sure that your password is at least 8 characters.
- Use password with mixed-combination (Alphanumeric). Do not just capitalize the first letter, or end with a number. The more complex a password, the longer it will take to crack.
- Use a password that can be typed quickly, without seeing the keyboard. This will avoid other to look at the password when we type .This is known as “shoulder surfing.”
- Change passwords regularly. It is advised to change the password at least once in a month
- Try one of the following methods for password
selection:
Option 1: Select two words divided by a number or punctuation, like “Pl@nt&ati@n” or “l|0n&king”
Option 2: This is the correct option for creating a difficult password without having to remember it. By choosing a portion of the keyboard to select the password. Select on a pattern for the password.
For example, take the upper-left portion (which includes numeric)of the keyboard and select two lines using 1qa2ws
Not Recommended when Choosing and Protecting Passwords
- STOP using the word “password” as your password, in any form (reversed, capitalized, or doubled). This might sound very simple but in live, users are doing this as a practice
- Using names of people or places as a password which is easy to hack.
- Using keys in the order like “ASDFGH”, or “1234” etc
- Using passwords as words with vowels deleted,
(Example: airplane -> rpln, or Super -> spr. - Using information easily obtained about you. This may include your first, middle or last name. These passwords are very easily guessed by someone who knows you.
- Writing passwords in the places which can be viewed by others or in your work cabin. This is one of the most frequent ways where an unauthorized person gains access.
- Using the passwords that you have already used
- Sharing the passwords except during emergency circumstances. Make sure that password has been changed immediately after sharing.
Password Examples
Bad Passwords Description | |
password | Two dictionary words together |
12345678 | Repeating sequence. |
abcdefg | Repeating sequence. |
hello | Less than 8 characters, and based on a dictionary word with common letter/number substitutions. |
test1234 | Very common test or default password. |
admin | Very common default password. |
gandalf1 | Based on the name of a popular character. |
john | Based on the user’s name, too short, no upper case or punctuation. |
ydnic | Still a proper name (even though it’s backwards), too short, no upper case, numbers, or punctuation. |
Pepsi2 | Product name with numbers at the end. |
Good Passwords | |
T*x4^B9n | 8 characters, uses numbers, punctuation, and upper and lower case letters. |
g@F”Pl4Ce | Two words, separated by punctuation, using upper and lower case letters, and numeric substitution. |
X0sf0V@ca8 | Two nonsense words, upper and lowercase letters, and punctuation. |
5tg^YH%TG | Simple pattern that doesn’t require memorization. Not based on a dictionary work, uses upper and lower case letters, and punctuation. |
*RUF8ruf | Another pattern with appropriate characters. |