1)Must never keep dictionary words as passwords. Yes , because they can easily be guessed. Dictionary attacks are possible where an attacker tries random dictionary words as passwords.
Passwords are stored in the form of hashes (which are one-way functions) but an attacker can hash all dictionary words randomly and compare them with the ones stored. So yeah, cross out all dictionary words for passwords.
2)Passwords should be as long and random as possible. "How are we supposed to remember them , then", would be her younger sister's question , she knew. For that , she had a well though-out solution. One could select an easy-to-remember sentence and construct a password from the first alphabets of all words put together.For instance, the famous quotation ,"Always prefer to believe the best of everybody - it saves so much trouble" could be used to form the password "APTBTBOE-ISSMT" ". Special characters could be added to make it more random eg "A*TTBOS-ISSMT"
3)Must never write down passwords in order to remember them.
4)Must never keep passwords based on personal information. For example, One's registration number or relative's name should make bad bad passwords.
5)Must never use the same password for multiple accounts.
Yes yes, all this needed to be told...
*********************************************************************************
Author : Haleemah Zia
No comments:
Post a Comment