Be Strong when Choosing Passwords

            Recently, I got an e-mail with a link to Microsoft TechNet’s “10 Immutable Laws of Security.”  Law #5 is “Weak passwords trump strong security.”   (You can find this and the other nine laws at http://www.microsoft.com/technet/archive/community/columns/security/essays/10imlaws.mspx) Let’s talk about passwords a little.  Think of the various items that you may have passwords for:  e-mail, Ebay, Amazon, Instant Messenger, accounts at work, your internet service provider, your on-line banking service, and so on.  That’s a lot of passwords to choose and remember.  How can you make sure you don’t choose “weak” passwords?

            First, let’s define “strong” passwords.  Actually, that’s a real computer techie term.  Microsoft encourages the use of strong passwords when setting up their server software, and they define them as:

bulletat least 6 characters long (others say at least 8)
bulletcontaining both letters and numbers
bulletcannot be looked up in a dictionary
bulletcontaining both upper and lower case characters

Think of your various passwords.  How many of these rules do they break?

            In addition to the above, other guidelines for good passwords include:

bulletDon’t make them so complicated that you need to write them down.  Passwords should never be written down and placed near your computer, especially in the workplace.
bulletDon’t use the same passwords for work as for personal use.
bulletDon’t use the same password for “less risky” uses like instant messenger as for “more risky” uses such as on-line banking.
bulletDon’t ever use family member’s names, your birth date, your phone number, etc.
bulletChange your password(s) fairly frequently – at least twice a year.
bulletNever tell anyone else your password.  If you do, or you suspect that someone else knows it, change it immediately.

            If you’re now thinking that you’re terrible with your password(s), check out this link to the Human Firewall project and look at the top 10 security mistakes made by individuals.  Of course, not all are related to passwords.  http://www.humanfirewall.org/issues.htm#top10.  Hopefully, you haven’t done many of those!

            For another useful article about passwords, as well as articles on a plethora of useful computer topics, look at AARP’s Technology How-to Guides at http://www.aarp.org/learntech/computers/howto/.

By Carol Sabbar from the Kenosha News on 4-10-05