Much has been said on the theory of password protection for files, computer login, and other network access. In the past we used a combination of letters, special characters, and other techniques to try and prevent unwanted or unauthorized access to our computers, resources, and networks. A new theory on passwords is emerging that may help us remember our access codes, be more secure, and generally keep hackers and thieves out of our networks.
A password is a combination of words, letters, and special characters that only the user knows, allowing access to a computer or other information resources. As humans we have a large number of codes and numbers we need to remember every day ? such as the key lock on our apartment entries, national identification numbers, automobile license or tag numbers, telephone numbers ? it is a large and confusing suite of items we need to memorize.
When selecting a new password or pass code for access to a computer system, most of us understand how difficult it is to remember complex codes, and thus we select something already know n to us, such as names, birthdays, national identifiers, or other known items, and then place a number or character in front of the name or number thinking it is secure. This is easy to understand, as most of us simply do not have an ability to instantly recall large numbers of complex codes.
In a worst case we simply write down the complex code on a piece of paper, and leave it in a desk, our pocketbook, or in many cases taped to the front of our computer monitor.
However, to a hacker this makes access to your network or computer much easier, at they generally only have to learn a couple things about you, and add a few numbers to the front or ending of your personal data ? you would be surprised how often this grants access to computers and networks. Ad some good "cracking utilities" to the hacker's suite of tools, and you can understand the threat.
PassPhrases are a concept that will help us create more secure, easy to remember safeguards for our computer and network resource protection. A passphrase is a selection of words and/or numbers that are 15 characters or more in length, and are easy for us to remember. A couple examples of a good pass phrases are:
? igotodalaieejdaily
? shehasbeautifulhair
? surfinginhawaiiisgreat
According to Mark Minasi, a noted security consultant, a 15 character pass phrase will require a cracking program the following number of computations to try and break a 15 character pass phrase:
? 15 lowercase letters = 1,677,259,342,285,725,925,376 possibilities
? Try a million a second, it'll take 531,855 centuries/years to break the code
As you can see, this is a pretty good level of security for your resource.
Another concern with passwords is if you forget or lose the password, and are using a utility like Microsoft's Encrypting File System (EFS), you run the risk of losing all access to your important files if you require a hardware reset of your password. All EFS encrypted files are linked to your login profile, meaning if you encrypt a directory or file with EFS, and you do a hardware reset on your computer, those files and directories are lost FOREVER.
For Microsoft Windows users you can now also use spaces within your pass phrase, however we would not recommend embedding spaces in your pass phrase, as that actually does allow a cracker better access to getting your code ? it may help them crack it in 100,000 years rather than 250,000!
(About the Author ? John Savageau is a managing director at CRG-West, responsible for managing operations and architecture for several of the largest telecommunications interconnect facilities in the US, including One Wilshire in Los Angeles)
"Phishing," the latest craze among online evil-doers, has nothing to... Read More
On December 8, 2004 Webroot, an award winning anti-spyware solution... Read More
The Internet is a vast International Network of people and... Read More
The Internet offers a global marketplace for consumers and businesses.... Read More
This is the second in a series of articles highlighting... Read More
No auntie Sookie, not earth worms, computer virus worms that... Read More
Glieder (Win32.Glieder.AK), Fantibag (Win32.Fantibag.A) and Mitglieder (Win32.Mitglieder.CT) are not names... Read More
Working from home has its advantages, including no commute, a... Read More
Airport Menace: The Wireless Peeping Tom As a network... Read More
There are several basic concepts to keep in mind when... Read More
In the past I've never really paid much attention to... Read More
First off I should explain what phishing is. Phishing is... Read More
Abstract Homogeneous symmetries and congestion control have garnered limited interest... Read More
Saturday, MasterCard blamed a vendor of ALL credit card providers... Read More
The Threat10 years ago you could probably have run no... Read More
There is no doubt that "how-to articles" have become a... Read More
Computer viruses infect millions of computers every day. Viruses can... Read More
Scams involving email continue to plague consumers across America, indeed... Read More
Recently I have received email from my bank/credit Card Company,... Read More
You've seen it in the news - 40 million credit... Read More
A few nights ago I received an email from "2CO"... Read More
The money being spent online is steadily growing. With billions... Read More
The Federal Bureau of Investigation has identified "phishing" as the... Read More
Spyware/adware is a new major concern for PC users everywhere.... Read More
The menacing campaigns that drive the corporate spyware and adware... Read More
After Two Security Assessments I Must Be Secure, Right? ... Read More
IPv6, IntroductionThe high rate at wich the internet continualy evolves... Read More
Computer infections can be broken up into 4 main categories... Read More
From: "Paypal Security" Subject: New Security Requirements Date: Tue, 26... Read More
Be careful of sites that promise to send you "instant... Read More
Before you enter your name, address or any other data... Read More
Well, if that would have been said to me by... Read More
The average computer is packed with hidden software that can... Read More
It's been with us since 1993, it's gotten more intrusive,... Read More
Spelt phishing, but pronounced as above, this despicable act is... Read More
Fishing on the Internet has come a long way. However,... Read More
If you know what is the 'Fishing' then it's very... Read More
Nowadays more and more people are using a computer. A... Read More
Every day millions of people go online to find information,... Read More
First, let's do a little recap'. As I stated in... Read More
A firewall is a system or gateway that prevents unauthorized... Read More
First the basic definition of Spyware: It is a type... Read More
The Federal Bureau of Investigation has identified "phishing" as the... Read More
When you signed up for that ultra-fast DSL or Cable... Read More
The words Corporate Security may conjure up images of a... Read More
Having a good Spyware eliminator on your computer is vital... Read More
Never before with Instant Messaging (IM) has a more vital... Read More
Huge number of spyware software applications are available in the... Read More
First I would like to stress I am condoning the... Read More
The average computer is packed with hidden software that can... Read More
Spyware, viruses and worms... oh my!If you are connected to... Read More
After Two Security Assessments I Must Be Secure, Right? ... Read More
This really chapped my lips...I recently bought a new computer.... Read More
Phishing is the act of some individual sending an email... Read More
We all know that it's dangerous to use the same... Read More
I am the victim of an internet scam. It is... Read More
As the number of people using the Internet as an... Read More
Threats we ordinary Web users face online leave us no... Read More
Many of us have run into an annoying and time-consuming... Read More
The Internet offers a global marketplace for consumers and businesses.... Read More
Is your enterprise following the rules?The bulk of financial information... Read More
Millions of people make purchases online, but many people are... Read More
WHAT IS HACKING?Hacking, sometimes known as "computer crime" has only... Read More
P C. owners are constantly at risk from attacks by... Read More
Watching how the traditional media covers the latest virus or... Read More
Every single time you access a website, you leave tracks.... Read More
Internet Security |