BYTE.com
RSS feed
Archives
Columns
Features
Print Archives 1994-1998
Special
Michael Abrash's Graphics Programming Black Book
101 Perl Articles
About Us
Write to BYTE.com
Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
Email Address
First Name
Last Name




 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE    
BYTE.com > Features > 2005

And the Password Is...

By Edward Smith

May 2, 2005

(And the Password Is... :  Page 1 of 1 )



On the 70s game show Password, contestants provided single-word clues to each other as they attempted to guess the secret password. When they guessed correctly, contestants won cash and valuable prizes. Surprisingly, today's real world of password security works pretty much the same way.

A world of security policies and "best practices" exist that address password security. Following is a recap of some of the password instruction I've been given over the years:

  • Use passwords between 8 and 15 characters
  • Use a combination of upper and lower case characters
  • Don't create passwords that include your spouse's or children's names, or any other personal information that could be easily guessed
  • Don't use common words
  • Don't use common words spelled backwards
  • Don't use words substituting numbers for letters
  • Include random characters
  • Use a pass-phrase rather than actual words
  • Don't write passwords anywhere
  • Don't keep passwords in a PC file
  • Don't keep passwords on PDAs
  • Don't share passwords with others.
  • Don't place passwords on a sticky note on the PC, under the keyboard, in a wallet, or any other typical hiding places
  • Change the password at least every 90 days, and preferably every 30
  • When changing passwords, don't just add "1" to the current password (i.e. mydog12 to mydog13)
  • Use a different password for all logins to reduce loss if a single password is compromised

I've come to a conclusion regarding corporate password security—it generally isn't effective.

Let's face it—we're only human, which is a significant part of the problem. The typical human mind can't easily remember complex passwords like i5oPhT6k(fi. The complexity increases further if you need to change those passwords every 30-90 days, and then remember the new one. You also need unique passwords for all systems scattered throughout your work environment. I currently have more than six logins to access my corporate network, and another two dozen or so that enable me to access my banking, rewards programs, and everything else that my personal virtual world requires today.

 Page 1 of 1 


BYTE.com > Features > 2005
Dr. Dobb's Media Center
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE: Volume 2 - Heuristic Algorithms
The Best of BYTE: Volume 2 - Heuristic Algorithms
In this volume of Best of BYTE, we explore the emergence of some heuristic algorithms. Although we have only scratched the surface of this intriguing subject, we hope we've suggested the potential of the synthesis of heuristics and algorithms.

© 2008 Think Services, Privacy Policy, Terms of Service, United Business Media Limited
Site comments: webmaster@byte.com
Web Sites: BYTE.com, dotnetjunkies.com, Dr. Dobb's Journal, SD Expo, Sys Admin, sqljunkies.com, Unixreview



MarketPlace
IT Service Management that Delivers. Real Value. Real Flexibility. Real Results. Free Demo.
Automatically capture customer crash data, no debugger required. Support for .NET, C++, OS X, Java.
One Stop to Buy All Your Business IT Solutions. Browse Through Dell's Best Deals Online Now!
Find Scalable and Secure Dell� Network Server Solutions at Dell� - Official Site.
Advance Your Business Technology Now with the Thin and Portable Business Solutions at Dell.com Now!
Wanna see your ad here?
 

web2