Network Security guide for the home or small business network – Part 10 – use good passwords



In a small, trusted network you might be able to get away with weak passwords for file sharing for instance. What’s a weak password? Anything you might find in a dictionary. Most people don’t realize this, but there are programs designed to crack passwords. They’re designed to take a dictionary file and run through it trying every combination possible. It might take a while, but this kind of brute force attack can be VERY effective against a weak password.


Ahh – you say, but I use a tough password, I use the number 1 after the dictionary word. I’ve got news…. they know, there are cracker programs that will take the dictionary words, try those, then those plus numbers, other characters, two dictionary words, words seperated by a number. Anything that involves either 1) only numbers or 2)one or more simple dictionary words is a weak password.

The reason I include number only passwords is because there are so few combinations possible (10) for each character vs. 10+26 for text+alphabet (and then adding in other characters can help too.)

If it’s a trusted network and the service isn’t available from the outside world. Then, I’m likely to be a bit less picky about strong passwords. Especially if the network is comprised only of trusted users, no public access, etc. In other words good physical security can mean internal services can use weak passwords without great risk. However…. since you need to learn to use hard passwords…. there’s no better place…

Anything accessible from the outside world needs a hard password assigned to it. (Preferrably changed on a frequent basis (every 6 months?) (This is something that’s up to you, more frequently can be a stricter, more secure approach, less frequently can be more convenient for end-users.))

What makes a good hard password? A good mix of letters numbers and characters… 5uP89$Q1 Notice that I mixed upper and lower case (passwords usually ARE case sensitive (which adds ANOTHER 26 possibilites per character…)). Some find that they can make passwords from an easy to remember phrase. (Using the first character of each word.) “The sun is bright but the ice is slippery” for instance might quickly become tsibbtiis – ok – but that’s all letters… hmmmm we’ve got a couple of duplicate letters – how about if bb becomes b2 and ii becomes i2 (tsib2ti2s) Not bad… Maybe I’ll capitalize the first letter and the last letter… (Tsib2ti2S) better…. maybe I could substitute a dollar sign ($) for the first s… T$ib2ti2S, (or a 1 for the first i…) T$1b2ti2S That should give you some good ideas.

Related Posts

Blog Traffic Exchange Related Posts
  • $100 notebooks for schoolkids around the world likely will run linux I was reading that Apple had offered free copies of OSX for the $100 laptop project aimed at bringing cheap laptops to schoolkids in the developing world and in some cases even here in the US. They don't have the price down to $100 yet, but OSX was rejected because......
  • Atlantis resort in the Bahamas loses customer information... The identities of 50,000 customers of the Atlantis resort in the Bahamas has been lost. The information was copied from the hotel's customer database and can include credit card information as well as social security numbers as well. The information includes typical information such as names, addresses and credit card......
  • Windows lost administrator password rundown.... I've done one or two mentions in the past of ways to recover/reset lost windows passwords and thought it was probably time for another "brain dump/web research dump" of things that I've run across. This is not just for lost administrator passwords, but could apply to a lost user account......
Blog Traffic Exchange Related Websites
  • 3 Tips for Securing and Remembering Your Passwords I recently had a few friends that had their email accounts hacked. I provided them with a few tips for creating unique, easy-to-remember, and secure passwords. Afterwards, I thought it would be a good idea to share those tips with the rest of you. Use an Easy to Remember......
  • How To Spot A Phishing Scam Phishing is the scam du jour on the internet these days, and it cost the U.S. $3.2 billion in 2007 according to Tom's Hardware.  That's a massive amount of money and the sad thing is, phishing scams are among the easiest to detect and are 100% preventable.  Even users completely......
  • Email Marketing Strategies And Spam Words Today I am going to share with you one of my email marketing strategies. In just about every circle online you will hear people talk about how important building your list is, however just building a list isn't enough to make money online.  Most people join something and are given......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site