Computer Security – How to Create and Protect a Strong Password.
A strong computer password to restrict access to your computer system from unauthorized access is vital to your business security. Your password is your first line of defense, and should be taken very seriously: The last thing you want is to compromise your data, your company secrets, and your clients’ confidential information. Once someone accesses your computer, they may now be able to access your bank accounts, credit cards, Social Security number and other information that you do not want others to have. A strong password must be difficult for a hacker to figure out, must be changed often, and must be kept in a safe place where no-one else may find it.
A good password must contain at least eight characters, must include UPPER CASE and lower case letters, and must contain several numbers. You should also use special characters – such as @ $ % ^ &. Many systems can handle a twelve-character password, which is that much more secure.
Never use real names, dates, English words, or anything like addresses, date of birth, kids’ names or anything that can be figured out by a hacker who might sift through your garbage for clues. If your name is Stephanie and you were born in 1980, the dumbest password you could create would be “Stephanie1980”. Any smart hacker will be able to figure that one out in minutes. Hackers have programs which contain every word in the dictionary, as well as variations on English words. All they need is time. So make it as hard for them as possible.
Here is an example of a strong, effective password that is very difficult for an intruder to hack:
Generate a strong password like the one above. Note that this password contains at least one or more of the following:
- Upper Case Letter
- Lower Case Letter
- Numerical Character
- Special Character
Give this password only to those who need it, and make sure it isn’t left lying around where people could see it. Never stick it to the monitor or under your keyboard. If you can’t remember your password, write it down and carry it somewhere safe – like your wallet. And don’t write: “This is the password for the computer in the office”. Even if somebody finds it, they should not know what this password is for. A good trick is to write down your password backwards, making it that much harder for someone finding it to figure it out. If you lose your password (or the wallet that it’s in) change the password immediately.
Even if your password is strong and might not be able to be figured out by a hacker’s computer program, there are many other ways for someone to access your password. “Phishing” scams use an official-looking and urgent-sounding email to get your attention and try and get you to send them your password or other confidential information. These emails look as if they come from your bank, your Internet service provider, or even the IRS. They ask you to log on to a site to change a password, provide bank account information, or give your Social Security number. Once you respond, the hacker clears out the funds in your bank account before you know it. Never respond to such requests for this type of information. And inform your employees about this danger and warn them not to open or respond to any suspicious or doubtful emails. If you are not sure about the legitimacy of an email request from an outfit where you do have an account, call the bank or whatever organization seems to be represented in the request for information, and check to see if they did in fact sent you the email. Don’t take chances.
Another way people can access your password is by “shoulder surfing” – a person looks over your shoulder and watches you enter your password. This can be a real problem if you are doing work in a location other than your office – say, at your local Starbucks. Try and enter your password as quickly as you can: if possible, enter it without looking at the keyboard. Shoulder surfing can easily be done when you use a computer in a public place like Internet cafes or the library, where hackers lurk with the express intent of watching for people who might enter their passwords where they can be seen by others.
When you have finished using a computer in a public place, make sure you log off. This must always be done, even if you are using a friend’s computer in a private, relatively secure place.
And your password must be changed often. Given enough time, almost any password can be figured out. Some companies change passwords every week. At most, change it every few months. Every time you change your password, switch between the uppercase and lowercase letters and switch the positions of the numbers and the letters. Avoid creating a pattern where after a while a hacker can figure out your new password based on your old ones.
If you have to terminate (fire) an employee who has had access to one or more of your passwords, you must change these passwords immediately.
In the end, all security is dependent on awareness. Keep your eyes open, don’t be careless, and don’t try and be smart. Follow the simple rules outlined here, and always try to bear in mind that your confidential information is ALWAYS going to be at risk. The best you can do is to be alert and vigilant.
For a broader survey of password secrets, visit this site at Symantec one of the leaders in cybersecurity: http://www.securityfocus.com/infocus/1192
You may also be interested in looking into some additional computer protection systems beyond a mere password. Today, you have the option to install a computer security system which reads voice, fingerprints or even your eye. These may cost more money but are very effective.