[Security] Create Stronger Passwords to Minimize IT Risk

-
Essential Computer Security: Everyone's Guide to Email, Internet, and Wireless SecurityPasswords form our first line of online security, from logging on to corporate PCs to checking status on Facebook using mobile devices. And yet, many of us put convenience ahead of protecting company assets (and ourselves) by using poorly constructed passwords -- or no passwords at all.

I admit I've also been guilty of this in the past. When I used to test software builds, I "collected" several workstations in my office to use as test machines. Over time, managing login passwords for so many different machines (each with several different iterations of Windows, Mac OS, and other operating systems installed) became quite a chore. I'd been an adherent of the "don't write them down" school of password-security thought, so that wasn't an option to me then. I thought I'd make life less complicated by creating passwords for all the test machines that were very similar variations on something familiar to me.

Although these machines were never used for higher-risk activities outside the corporate network like browsing the Web, this still reflected bad judgement on my part. My scheme wasn't all that hard to figure out, and, when I forgot one of those passwords, my department's desktop support person person gave me a much-deserved lecture.

From that point, I adopted a better password creation and management system. To make these workstations less vulnerable to security breaches; 
  • I changed my passwords frequently. 
  • Stopped using the same or similar passwords across PCs, even if they weren't network-connected. These weak passwords could have put proprietary information stored on my local drive in jeopardy. 
  • Started using a password manager program and a password-protected spreadsheet. The program helped me create stronger passwords that didn't rely on any easily obtainable personal information. The spreadsheet gave me a secure, easy way to keep track of all the different passwords created by the program that I applied to my test machines.


I'm not saying the system is complete or 100 percent unbreakable, but it's far better than my prior approach. I also applied portions of this strategy to devices on my home network, making them less susceptible, too.

The Knowledge Network contains several handy resources on creating secure passwords, including a sample password policy designed for organizational use. For my password carelessness, I got lucky in that all I suffered was a little embarrassment; I could have contributed to a security breach that might have been very damaging to the company. Use our tools and templates to create and implement a password policy to minimize risks associated with compromised information.

Comments

Post a Comment

Popular posts from this blog

[Joke] Password selection rules

-
Image
Another joke from lolisoft today...   CORPORATE DIRECTIVE NUMBER 88-570471 In order to increase the security of all company computing facilities, and to avoid the possibility of unauthorized use of these facilities, new rules are being put into effect concerning the selection of passwords. All users of computing facilities are instructed to change their passwords to conform to these rules immediately. RULES FOR THE SELECTION OF PASSWORDS: 1. A password must be at least six characters long, and must not contain two occurrences of a character in a row, or a sequence of two or more characters from the alphabet in forward or reverse order. Example: HGQQXP is an invalid password. GFEDCB is an invalid password. 2. A password may not contain two or more letters in the same position as any previous password. Example: If a previous password was GKPWTZ, then NRPWHS would be invalid because PW occurs in the same position in both passwords. 3. A password may not contain the name of a
Read more

Get it better with disk defragmenter

-
Image
If you have managed your system with file manager , you can go further with "real file manager on hard drive".  Disk Defragmenter is a computer program included in Microsoft Windows designed to increase access speed by rearranging files stored on a disk to occupy contiguous storage locations, a technique commonly known as defragmenting. The purpose is to optimize the time it takes to read and write files to/from the disk by minimizing head travel time and maximizing the transfer rate. As of Windows XP, Disk Defragmenter is also used to improve system startup times.  Two softwares are recommended for this purpose: Auslogics Disk Defrag and MyDefrag .  Auslogics Disk Defrag is a compact and fast defragmenter that supports both FAT 16/32, and NTFS file systems. It is supplied with advanced optimization techniques, which will remedy your system sluggishness and crashes caused by files fragmentation. There are 7 advantages in using Auslogic Disk Defrag as mentioned on its we
Read more

[Tips] Extra virtual RAM on your USB Drive

-
Image
We have posted a tips on how to speed up your computer . One of the tips is add more RAM. Now we will show you another tips related with RAM, it's "virtual memory". In computing, virtual memory is a memory management technique developed for multitasking kernels; this technique virtualizes a computer architecture's various hardware memory devices (such as RAM modules and disk storage drives), allowing a program to be designed as though: there is only one hardware memory device and this "virtual" device acts like a RAM module. the program has sole access to this virtual RAM module as the basis for a contiguous working memory (an address space). For the best results, Instructables user MoritzB suggests using a USB drive smaller than 4 GB for this little trick. Here are the steps to make your USB Drive works as virtual RAM: Rename your thumb drive as "RAM DRIVE" or something similar, so you can see which drive is being used as RAM. Delete all
Read more