Passwords are the keys to your kingdom; you must use them wisely. In this newsletter we discuss how to create strong passwords that bad guys cannot easily guess and how to use them securely.

Passwords are the keys to the kingdom. Once someone knows your password, they can steal  our identity or access all of your personal information. Let’s learn what makes a good password and how to use them securely. There are two key points to good passwords:

• First, you want passwords that are hard to guess. This means do not use simple passwords such as 123456, your pet’s name or your birth date.

• Second, use passwords that are easy to remember. If you keep forgetting your passwords, they are not very helpful.

The problem is cyber criminals have developed sophisticated programs that can guess (or brute force) your passwords, and they are constantly getting better at it. This means that they can break into your accounts if your passwords are not  strong enough. To protect yourself, you want your password to be as long as possible. The longer your password is, the stronger it is. In fact, instead of using just a single word as your password, use multiple words. This is called a passphrase.

For example, your passphrase could be something simple like: time for chocolate

To make your passphrase even more secure, do the following:

• Use a number in your passphrase.
• Have at least one lower case and one upper case letter in your passphrase.
• Use a symbol in your passphrase.

Let’s take our passphrase and make it even more secure by replacing some of the letters with numbers and symbols, as we just discussed. First, replace the first letter with a capital letter. Next, we can replace letters with numbers or symbols. For example, you can replace the letter ‘a’ with the ‘@’ symbol or replace the letter ‘o’ with the number zero. In addition, we can add symbols using common punctuation such as spaces, a question mark or an exclamation point. As a result, we now have a strong password that is very difficult for cyber criminals to compromise, yet is simple to remember and easy to type: Time for ch0c0l@te!

Using Passwords Securely
In addition to creating strong passwords you must also use them securely. A strong password is of little use if the bad guys can easily steal it from you.

• Never share your password with anyone else, including fellow employees. Remember, your password is a secret; if anyone else knows your password it is no longer secure.

• Do not use public computers, such as those at hotels or libraries, to log into a work or bank account. Since anyone can use these computers, they may be infected with malicious code that captures all of your keystrokes. Only log into your work or bank accounts on trusted computers or mobile devices you control.

• If you accidently share your password with someone else, or believe your password may have been compromised or stolen, be sure to change it immediately.

• Be careful of websites that require you to answer personal questions. These questions are used if you forget your password and need to reset it. The problem is the answers to these questions can often be found on the Internet, or even your Facebook page. Make sure that if you answer personal questions you use only information that is not publicly known.

• Many online accounts offer something called two-factor authentication, or two-step verification. This is where you need more than just your password to log in, such as codes sent to your smartphone. When possible, always use these stronger methods for authentication.

Different Passwords for Different Accounts
Be sure to use different passwords for different accounts. For example, never use the passwords for your work or bank accounts for your personal accounts, such as Facebook, YouTube or Twitter. This way, if one of your passwords is hacked, the other accounts are still safe.

If you have too many passwords to remember, consider using a password manager. This is a
special program you run on your computer that securely stores all of your passwords for you.
The only passwords you need to remember are the ones to your computer and the password
manager program. Check with your supervisor, the help desk or the information security team to see if a password manager is an option you can use.

Print this newsletter: Module07-Passwords-Newsletter

© The SANS Institute 2013  /  Used with permission from The SANS Institute.


This entry was posted in Cyber Security Tip. Bookmark the permalink.

30 Responses to Passwords

  1. Delilah says:

    Great delivery. Outstanding arguments. Keep up the good work.

    Also visit my web-site :: homepage (Delilah)

  2. k450 review says:

    Needless to say, I found out through Internet research while thios
    Toshiba was a close model to compare tto my Lenovo, both as
    I mentioned before are older and possibly outdated models; hers also cost around $800 a year ago.
    Another is usually a “hybrid challenging drive,” or HHD,
    which combinss memory chips having a standard hard disk, for more quickly start-ups.
    The hottest self defense stun gun on the market iss Knuckle Blaster; brass knuckles and stun gun built into one device.
    Getting more done in less time can happen with this Lenovo laptop G560 59-055709.
    If there is something you need tto carry with you that has to be carried safely as well as stylishly, then what you
    need is an aluminum carrying case.

  3. wkrg says:

    A warm-hearted and exclusive community for singles and friends with herpes , HPV,
    HIV/AIDS or any other STDs.

  4. VDsUn says:

    56529 739904Hey there! Great post! Please when all could see a follow up! 340251

  5. Your style is unique in comparison to other people I have read stuff from.
    Many thanks for posting when you’ve got the opportunity,
    Guess I will just book mark this page.

  6. Pingback: URL

  7. I am curious to find out what blog platform you have been using?
    I’m having some minor security issues with my latest blog and I’d like to find something more secure.

    Do you have any recommendations?

  8. gkv says:

    Hi there friends, good piece of writing and fastidious urging commented at this place, I am actually
    enjoying by these.

  9. Superb post but I was wanting to know if you could write a litte more
    on this topic? I’d be very grateful if you could elaborate
    a little bit further. Bless you!

  10. The types that are available are numerous
    and you can choose your pick from the ones that range from hand press
    models to ones that are electrically operated. Compared to most other masticating juicers on the market today, this machine
    has superb looks. A form of the herb licorice, called
    deglycyrrhizinated licorice (DGL), was explored for canker sores in a small study.

  11. Summer says:

    Being healthy to travel around the planet. Have a very beach home near the water.

  12. They can also be very attractive and add to the
    overall look of the room. They have a very elegant pattern to them that distinguishes them from other kinds of bathtubs.
    You are just restoring the surface of tub to remove scratches, chips and stain.

  13. Although you’re taking a risk, you can attempt this on your own. Ignoring some of these rules will just make you look like a jerk and possibly leave you humiliated.
    The number of expected wedding guests must also be kept in mind including the
    proportion between relatives and friends.

  14. Thanks for any other fantastic article.
    Where else could anybody get that type of information in such a
    perfect approach of writing? I have a presentation next week,
    and I’m at the search for such information.

  15. Barney says:

    What a fantastic idea, I cannot wait around to receive my first letter!

  16. I think this is one of the so much vital info for me.
    And i’m happy reading your article. But should commentary on few common things, The website taste is perfect, the articles is actually excellent
    : D. Good task, cheers

  17. Heya i’m for the first time here. I found this board and I to find It truly helpful & it helped me out much. I hope to give one thing again and aid others such as you helped me.

  18. Home Page says:

    Very interesting subject, regards for posting.

  19. You could certainly see your expertise in the article you write.
    The world hopes for even more passionate writers like you who aren’t afraid
    to mention how they believe. Always go after your heart.

    My web site: pirater un compte facebook gratuitement

  20. I am regular visitor, how are you everybody? This post posted at this web page is truly pleasant.

    Feel free to visit my site :: spill automaten

  21. Dillon says:

    I assumed this was a genuinely superior blog publish. I usually like reading articles like this a single. I should go through more of the posts.

  22. You have remarked very interesting details ! ps decent website .

  23. Hey there! This is kind of off topic but I need some help from an established blog. Is it very difficult to set up your own blog? I’m not very techincal but I can figure things out pretty quick. I’m thinking about setting up my own but I’m not sure where to start. Do you have any ideas or suggestions? Thanks

  24. I was just looking for this info for some time. After six hours of continuous Googleing, finally I got it in your web site. I wonder what is the lack of Google strategy that do not rank this type of informative sites in top of the list. Normally the top websites are full of garbage.

  25. instagram says:

    You have brought up a very great details , regards for the post.

  26. Today, I went to the beach front with my kids. I found a sea shell and gave it to my 4 year old daughter and said “You can hear the ocean if you put this to your ear.” She put the shell to her ear and screamed. There was a hermit crab inside and it pinched her ear. She never wants to go back! LoL I know this is completely off topic but I had to tell someone!

  27. Nice post. I learn one thing more difficult on totally different blogs everyday. It’ll always be stimulating to read content from other writers and apply just a little something from their store. I’d choose to use some with the content material on my blog whether you don’t mind. Natually I’ll provide you with a hyperlink on your web blog. Thanks for sharing.

  28. In 2009, Charlie Bronson’s latest (some say half-hearted) attempt at parole was rejected. The chairman of the parole board explained that he considered Charlie had not reformed his ways adequately.

  29. dili optim says:

    This really answered my downside, thank you!

  30. health news says:

    Charlie Bronson was born in Wales, Aberystwyth to be precise. Most of the evidence recommends that he experienced an unremarkable childhood, it has been mentioned by several who knew him that he was a smart well mannered boy, someone who would stand up for the small guy. Obviously something anywhere along the line was the switch for a transformation in his persona.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>