Passwords Protection

Protection of passwords

Step 1

Create passwords with unique combinations of letters, numbers and symbols that are hard for other people to guess. Consult Microsoft's Password Checker to see if your password is easy to guess or difficult to crack.

Step 2

Change your passwords regularly. Then in the event someone has retrieved a password of yours, that person won't be able to use it for long.

Step 3

Have different passwords for different websites and applications. If you keep the same password for every site or program, someone who obtains that password can access everything.

Step 4

Cancel the option to save your password when software applications offer it. This option seems convenient, but it just allows anyone who has access to your computer access to your life.

Step 5

Use only secure web browsers, email and File Transfer Protocol (FTP). Encrypted connections protect your interests and keep your passwords and related information safe from hackers.

Step 6

Refrain from writing down your passwords, emailing them or sharing them in any other way with anyone else, even your best friend or spouse. In the event you do need to write passwords down, protect them by keeping them in very safe places where you are positive no one else will find them.

Step 7

Avoid accessing password-protected sites when using computers at public places like libraries and Internet cafes. You never know who will use the computer after you are finished with it.

Easy to remember, hard to guess password

The easier a password is for the owner to remember generally means it will be easy for a hacker to guess. Passwords which are difficult to remember will reduce the security of a system because:

(a) users might need to write down or electronically store the password.
(b) users will need frequent password resets.
(c) users are more likely to re-use the same password.

Similarly, the more stringent requirements for password strength, e.g. "have a mix of uppercase and lowercase letters and digits" or "change it monthly", the greater the degree to which users will subvert the system.

However, asking users to remember a password consisting of a “mix of uppercase and lowercase characters” is like asking them to remember a sequence of bits: hard to remember, and only a little bit harder to crack (e.g. only 128 times harder to crack for 7-letter passwords, less if the user simply capitalises the first letter). Asking users to use "both letters and digits" will often lead to easy-to-guess substitutions such as 'E' --> '3' and 'I' --> '1', substitutions which are well known to crackers. Similarly typing the password one keyboard row higher is a common trick known to crackers.