What is your password?
by webdesign
Just how many passwords do you need to have these days?
password
Your banking, computer login, email, webmail, work computer, blog, server, admin passwords…
And how many pins do you need to use as well?
Pins for swipe card, door access, credit card, bank card, phone, message, blah blah blah.
They are driving me crazy!
You are not supposed to write them down for safety reason. You are supposed to remember them in your head.
They need to be changed regularly for safety reason as well. The longer the password the better (at least 9 characters long for goodness sack).
Worse still, it is recommended that you use combination of upper and lower case, plus digits and non alpha-numeric characters like $#%&*^.
What the hack!
But why?
Here’s why. Hackers can crack passwords if they are weak.
They can crack passwords in many ways.
If your computer has not got any policy that lock out the account after every few incorrect guesses, hackers can use programs to guess the password.
Passwords can be intercepted as they travel in the network. Password logging programs can be installed in your computer by hackers to record your passwords.
Do not use words from the dictionaries in any language as they can be cracked very easily. Do not try the common trick e.g. n0w0rr1e5! instead of noworries!
Do not use the same password for everything.
The next issue is the number of login names you need to remember as well, even it is not as bad.
However, never use the administrator as login name in Windows. Administrator is the default login name for some versions of Windows. Create a new login name instead.
Tags: hacker, password, Security
Posted in Security | No Comments »
Is your Windows secure? – part two
by webdesign
windows
- Passwords. It is suggested to use password protected screen savers, and the use of ‘Ctrl-alt-del’ combination of keys on keyboard for user logon though in the remote desktop environment users do not have to push the keys of the keyboard physically in order to logon. Use complex or strong passwords to logon the systems. A combination of alphabets in upper and lower cases, numeric, special characters should be used in a reasonably long password of more than eight characters long for extra security. Passwords must be changed regularly and should not be re-used.
- User Accounts. The account can be locked if there is an attempt to access the system fails to get through the password for more than a certain amount of tries. Enforce account lockout and user re-login requirement if the computer has been inactive for a certain amount of time. User login and password are always required to access the network or computer at all times. User accounts must be deleted or disabled when no longer required. Other accounts such as test accounts, duplicate accounts and shared accounts must be deleted from the system as well.
- Services. All nonessential systems, processes and functions must be disabled or turned off. In fact this is one of the first tasks to harden a server. The services that the operating systems run in the background can be the main targets for attacks. These services provide unseen applications that invite attackers to attack. Services also are linked to open Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) ports. Avoid installing applications on the server unless they are absolutely necessary to the server’s function.
Tags: password, Security, windows
Posted in Security | No Comments »
