Carroll County Times Articles
Passwords Are the Keys
to Keeping Internet Information Safe
by Richard Lord – February 2, 2006
While you might consider passwords a pain, could you imagine if your Internet service provider didn't require them? Anyone could log on to the Internet using your user-name. While that doesn't seem too dangerous at first thought, it could lead to your being blamed for something you didn't do, such as breaking user agreements, or even doing something illegal. Hundreds of millions of people are on the Internet. It would be nice if they couldn't go snooping through your personal information. For that very reason, your accounts have a username and a secret password associated with them.
The passwords that you create should be something that no one could ever guess. Since you have to remember your password, the temptation to make passwords easy to remember often leads to trouble. Creating passwords that contain your name or nickname, your dog's name or something that is commonly known are too easy for someone else to guess. Don't be fooled by thinking that others would never guess a simple password. You would be surprised how easy it is.
General Rules For Creating Passwords
When passwords are required, there may be different rules for each application. General rules for passwords are:
- Passwords should contain at least eight nonblank characters
- Passwords should contain a combination upper and lowercase letters, numbers, and at least one special character within the first seven positions
- Passwords should not contain the user ID, friend's or relative's name, employee number, Social Security number, birth date, telephone number, common words from an English dictionary or a dictionary of another language with which the user has familiarity, commonly used proper names, including the name of any fictional character or place, or simple pattern of letters or numbers such as “qwertyxx” or “xyz123xx.”
- Password should be changed at least every sixty days, as soon as possible after a password has been compromised, or after you suspect that a password has been compromised.
Making Hard-to-Crack Passwords Easy To Remember
The key to a good password is to make your password easy for you to remember but hard for someone else to guess. Because hackers have access to powerful password-cracking tools that incorporate extensive word and name dictionaries, passwords should never be dictionary words or names.
Create a pattern from a phrase when you create your passwords, such as using upper-case letters for vowels and lower-case for consonants, so it would be easy to remember but hard to crack. The phrase “I Can't Remember My Username and Password” 1C'tRmU&P or “Finally!, A Good Password Scheme” “F!,@GpA55w0rDs”
What To Do If You Forget A Password
Nothing can be more frustrating than forgetting a password! Here are some tips for what to do if you have forgotten a password.
- At Websites look for a link that says, “password reminder”.
- Contact their support department. Often they can reset your password.
- If you have forgotten your password for your ISP, contact their support department.
Use Different Passwords for Different Accounts
If you use a single password for all of your accounts, it's like using the same key for your car, house, mailbox, safety deposit box, etc. If you lose that key, whoever finds it will have access to everything.
Store Passwords Securely
If you write down your passwords, be sure to keep your lists in a safe place, such as tucked in your wallet, or on a floppy disk kept in a locked personal cabinet. While this sounds obvious, don't leave your password on a post-it note on your desk, or written where it could easily be found.
Equally important, don't leave your passwords where others can have electronic access to them. Never send them in an email or in a document titled “passwords”.
If possible, never tell anyone else your password. If you find it necessary to do so, immediately change your password.
Taking a little extra thought while creating your passwords, changing them frequently, and keeping your list of passwords secure will go a long way to ensuring that your privacy will be protected.
About the Author
Richard Lord is a CEO for Information Technology and Security Solutions, and a Board member of the Carroll Technology Council, a non-profit organization dedicated to educating businesses, government and residents about technology issues. Questions are welcomed and may be addressed in future articles. Email advisors@carrolltechcouncil.org or go to www.carrolltechcouncil.org for a list of Advisor categories.
