When I first clicked on this article, I expected to see yet another diatribe telling you to use numbers, mixed-case letters, and special characters when you created a password. Boy was I wrong.
Get past some of the geeky language and you'll find a truly eye-opening story about the security of passwords in Windows.
Some key points from the piece (at least, points that challenge the conventional wisdom of password security):
Random passwords aren't necessarily more secure. Strings of garbage like Gh&739(*j are hard to remember, easy to mistype, and can be vulnerable to password crackers, especially if they are short.
The most secure passwords are 15 characters or longer.
Replacing an "o" with a "0" does nothing for security. Do you really think a hacker can't figure out to try d0g instead of dog? Adding a few digits to a cracking program is no big deal.
Realistically, changing your password every four months is good enough.
Documenting your password is not necessarily a bad thing. If a password is written down and stored securely (say, in a safe), this can be useful if an employee quits, for example. Many people store their passwords in a safe deposit box in the event of emergencies, so spouses or children can get access to bank accounts and the like.
Surprisingly, Mark Burnett's piece dates back to 2002, but the lessons are still relevant today. Give it a spin. Maybe consider changing your passwords this weekend.
Get past some of the geeky language and you'll find a truly eye-opening story about the security of passwords in Windows.
Some key points from the piece (at least, points that challenge the conventional wisdom of password security):
Random passwords aren't necessarily more secure. Strings of garbage like Gh&739(*j are hard to remember, easy to mistype, and can be vulnerable to password crackers, especially if they are short.
The most secure passwords are 15 characters or longer.
Replacing an "o" with a "0" does nothing for security. Do you really think a hacker can't figure out to try d0g instead of dog? Adding a few digits to a cracking program is no big deal.
Realistically, changing your password every four months is good enough.
Documenting your password is not necessarily a bad thing. If a password is written down and stored securely (say, in a safe), this can be useful if an employee quits, for example. Many people store their passwords in a safe deposit box in the event of emergencies, so spouses or children can get access to bank accounts and the like.
Surprisingly, Mark Burnett's piece dates back to 2002, but the lessons are still relevant today. Give it a spin. Maybe consider changing your passwords this weekend.
No comments:
Post a Comment