Network Security guide for the home or small business network – Part 10 – use good passwords



In a small, trusted network you might be able to get away with weak passwords for file sharing for instance. What’s a weak password? Anything you might find in a dictionary. Most people don’t realize this, but there are programs designed to crack passwords. They’re designed to take a dictionary file and run through it trying every combination possible. It might take a while, but this kind of brute force attack can be VERY effective against a weak password.


Ahh – you say, but I use a tough password, I use the number 1 after the dictionary word. I’ve got news…. they know, there are cracker programs that will take the dictionary words, try those, then those plus numbers, other characters, two dictionary words, words seperated by a number. Anything that involves either 1) only numbers or 2)one or more simple dictionary words is a weak password.

The reason I include number only passwords is because there are so few combinations possible (10) for each character vs. 10+26 for text+alphabet (and then adding in other characters can help too.)

If it’s a trusted network and the service isn’t available from the outside world. Then, I’m likely to be a bit less picky about strong passwords. Especially if the network is comprised only of trusted users, no public access, etc. In other words good physical security can mean internal services can use weak passwords without great risk. However…. since you need to learn to use hard passwords…. there’s no better place…

Anything accessible from the outside world needs a hard password assigned to it. (Preferrably changed on a frequent basis (every 6 months?) (This is something that’s up to you, more frequently can be a stricter, more secure approach, less frequently can be more convenient for end-users.))

What makes a good hard password? A good mix of letters numbers and characters… 5uP89$Q1 Notice that I mixed upper and lower case (passwords usually ARE case sensitive (which adds ANOTHER 26 possibilites per character…)). Some find that they can make passwords from an easy to remember phrase. (Using the first character of each word.) “The sun is bright but the ice is slippery” for instance might quickly become tsibbtiis – ok – but that’s all letters… hmmmm we’ve got a couple of duplicate letters – how about if bb becomes b2 and ii becomes i2 (tsib2ti2s) Not bad… Maybe I’ll capitalize the first letter and the last letter… (Tsib2ti2S) better…. maybe I could substitute a dollar sign ($) for the first s… T$ib2ti2S, (or a 1 for the first i…) T$1b2ti2S That should give you some good ideas.

Related Posts

Blog Traffic Exchange Related Posts
  • Atlantis resort in the Bahamas loses customer information... The identities of 50,000 customers of the Atlantis resort in the Bahamas has been lost. The information was copied from the hotel's customer database and can include credit card information as well as social security numbers as well. The information includes typical information such as names, addresses and credit card......
  • Viruses and worms can come in from many directions For a long time, email was the primary vector for viruses, before that floppy discs carried bugs from pc to pc. Then came network worms exploiting windows security vulnerabilities which led to the rise of firewalls and the increase in viruses piggy-backing into the system through browser bugs. But, any......
  • Google roundup.... 55 ways to have fun, ipv6 and schoolkids Social Security Numbers.... There are a few Google related stories of the last few days to catch up. 1)55 Ways to have fun with Google is an e-book available for purchase on Amazon or Lulu.com, but it's also avaiable as a free pdf download. (And it's licensed so you can mix it up/etc...)......
Blog Traffic Exchange Related Websites
  • 3 Tips for Securing and Remembering Your Passwords I recently had a few friends that had their email accounts hacked. I provided them with a few tips for creating unique, easy-to-remember, and secure passwords. Afterwards, I thought it would be a good idea to share those tips with the rest of you. Use an Easy to Remember......
  • Best Practices for Creating a Password Passwords are usually the first line of defense when it comes to protecting computers and information assets. What happens when that first line of defense is not properly created? I think we already know… One of the best ways to create a strong password is to create a pass-phrase. One......
  • Why You Won't Read a SmartyPig Review Today A couple of weeks back the fine folks at SmartyPig wrote me to tell me about their new service. They even offered me a $50 gift card to either try the service or give away to a reader. I decided to keep it for three reasons: I have had a......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site