How to Create Strong Passwords
Choose a password with the following criteria:
- At least 8 characters in length
- At least 1 number
- At least 1 special character like & or *
- Both upper and lowercase characters.
Passwords with difficult combinations make it harder for password cracking tools to figure out your password.
Don't use personal information such as birthdays, children names, or first and last names when creating a password. Avoid using words or phrases that could be found in a dictionary or easily guessed.
Password Safety 101
Don't share your password with others including your spouse, children, Help Desk personnel or System Administrators at work. IT professionals at your job or Internet Service Provider (ISP) will not normally ask you for your password.
If the IT professionals at your job need it, give it to them in person and ensure you change it as soon as they are done with their task. You may even want to change your password first to something generic, give the IT person THAT password, then change it back when they are done with their task.
Be aware of a common tactic used by hackers, in which they call up unsuspecting users and pretend to be from the computer support staff. This is more likely to happen in very large companies where users might not know everyone on the IT staff.
Another tactic is to send a legitimate looking email asking the user to type their password into what looks like a legitimate site; this practice is known as "phishing." Be aware that a legitimate businesses will NEVER ask you to submit personal information via email.
Also, be vigilant.. these phishing scams are not easy to spot. I make my living as an email administrator, and I was almost taken in by one of these scams. The email was supposedly from my AT&T Internet service account. I pay it each month on one of my credit cards. The email was "notifying" me that my credit card had expired and that I needed to update my credit card information to continue my service. There was just enough truth in the way the email was written that I actually started to click on the button to do it. Thankfully, my brain kicked in and I caught myself before I made the blunder.
If you use the web to access important personal information, such as online banking or health records, ensure that the website offering the service uses some type of secured method of encryption.
You can determine this by checking to see that the website's address (URL) begins with an "https://" (Note the extra "s").
Also, look for a yellow lock in the bottom right hand corner of the website page. That's an indication of SSL security being enforced.
0 comments:
Post a Comment