Passwords are your protection against fraud and loss of confi dential information, but few people choose passwords that are truly secure.
Make your password as long as possible:
The longer it is, the harder it is to guess or to fi nd by trying all possible combinations (a “brute-force attack”). Use eight characters or more.
Use different types of characters:
Include numbers, punctuation marks, upper-case and lower-case letters.
Don’t use words that are in dictionaries:
Don’t use words, names or place-names that are usually found in dictionaries. Hackers can use a “dictionary attack” (i.e. trying all the words in the dictionary automatically) to crack these passwords.
Don’t use personal information:
Others are likely to know information such as your birthday, the name of your partner or child, or your phone number, and they might guess that you have used them as a password.
Don’t use your username:
Don’t use a password that is the same as your username or account number.
Use passwords that are diffi cult to identify as you type them in:
Make sure that you don’t use repeated characters or keys close together on the keyboard.
Consider using a passphrase:
A passphrase is a string of words, rather than a single word. Unlikely combinations of words can be hard to guess.
Try to memorize your password:
Memorize your password rather than writing it down. Use a string of characters that is meaningful to you, or use mnemonic devices to help you recall the password.
Don’t store your passwords on your computer or online:
Hackers may be able to access your computer and fi nd the passwords.
If you write down your password, keep it in a secure place:
Don’t keep passwords attached to your computer or in any easily accessible place.
Use different passwords for each account:
If a hacker breaks one of your passwords, at least only one account has been compromised.
Don’t tell anyone else your password:
If you receive a request to “confi rm” your password, even if it appears to be from a trustworthy institution or someone within your organization, you should never disclose your password. (See Phishing).
Don’t use your password on a public computer:
Don’t enter your password on a publicly available computer, e.g. in a hotel or internet café. Such computers may not be secure and may have keystroke loggers installed.
Change your passwords regularly:
The shorter or simpler your password is, the more often you should replace it.
Sophos.com
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment