Sep 25

Build security into your systems part 3

Tips for creating effective passwords
•Secure passwords are more than eight characters in length, and include mixed upper and lowercase letters and at least one numeric digit. Consider combining two unrelated words, and swapping letters out for numbers, for example, b0att!me (swapping a zero for “o” and an exclamation point for an “i”).
•If files are web-published, account names and passwords should only use printable ASCII characters, for example a-z, A-Z, and 0-9. For more secure account names and passwords, include punctuation characters such as “!” and “%,” but do not include colons. If you’re hosting databases with a server, enable SSL encryption.
•Passwords are less secure when they include strings that are easily guessed, such as names (especially the names of family and pets), birth dates, anniversary dates, and the words password, default, master, admin, user, guest, client and similar standard terms.
•Change passwords frequently, perhaps every 30 or 90 days.
•Use passwords only once.
•Wherever possible, assign a unique password for each user. If you must share user accounts, be sure to change the password regularly.
•Do not record your passwords in a master file or list unless the file or list is well secured.
•Do not share user accounts with other users; users should only receive account names and passwords from file administrators.

Leave a Reply