Mistrealm

Security

Security - Passwords

In todays world, our user accounts can often be very powerful, potentially providing access to the servers that we use.

The simplest passwords are often just regular words, and are easy to break with a "dictionary" attack (basically just trying many of the words found in the dictionary). Dictionary cracks can be done in mere seconds.

For strong passwords, it is best have a password that is 6 or more characters, and does not contain any "dictionary" words, and especially not "admin", "administrator", "pass", or "password"

In addition, it is suggested that passwords be made up of at least three of the following types of letters:

Uppercase letters (ABCD...)
Lowercase letters (abcd...)
Numbers (1234...)
Non-alpha letters (!@#$...)

For example, Tiger Woods might need to select a password...

If he selected "golf" that would be too short, found in the dictionary, and only be one of the 4 types of letters.

If he selected "g0lfClub$" it would be long enough, not in the dictionary, and have all four types of letters

Even with a relatively secure password like this, a determined hacker with access to your network can still crack your password, but it will take more time and effort.

We generally change the admin passwords on our servers once a month. It might be a good idea to change your personal passwords on a regular basis as well.

This page has been visited 262 times. Any additions, comments or questions for the webmaster?