Beruflich Dokumente
Kultur Dokumente
Computer Pro ± Password Security
As someone providing c
I commonly
find that people are using insecure, easily-guessed passwords. The most frequent
explanation is that the password is ³easy to remember.´
The trouble, of course, is that passwords which are easy to remember are also easy to
guess. But when you institute a series of rules and requirements for secure passwords,
what usually happens is that people write the password on a sticky note and hang it on
the side of their monitor.
The ideal password, of course, looks like random noise. Something along the lines of
K!h8j^)Qv,$g is near impossible to guess, but also near impossible to remember.
Enforcing passwords like this is almost an invitation to write them down somewhere
easy to see.
A more realistic sort of password starts from a word people can remember. Using a
common word, of course, is easy to guess ± and susceptible to what¶s called a
³dictionary attack´ in security circles, where a would-be attacker simply tries every word
in the dictionary until one works.
For further security, one or more capital letters can be mixed into the password, but they
should usually be placed in the middle of the word rather than the beginning. While it
may seem more natural to use ³Giraffe42Zebra´ as your password, security is
significantly higher with ³girAffe42zebrA´ instead ± which can easily be remembered as
having capital A¶s.
When even greater security is desired, adding ³special´ characters or punctuation to the
password can make the password much more difficult to guess. They can be inserted
into the middle of the password, essentially at will ± e.g. ³gir!Affe4*2zeb&rA´ ± or used
to replace letters which look similar, such as ³g!rAffe42zebrA´ (replacing the I with !). A
similar approach can be used with numbers, such as by replacing the letter E with the
number 3 to produce ³g!rAff342z3brA´ and a highly secure password.
Keep in mind that while it may seem tempting to create an office-wide policy of using
animal names or some other category of words, that category may not be particularly
memorable (or well-known) to all of your employees. Simply providing these basic
guidelines and letting them choose whatever words they prefer will accomplish the real
goal: secure passwords which are still memorable.
is a provider of professional c
. If you need for your small business, please contact us at
GONZALES COMPUTER CONSULTANT