IT Security and You! Did You Lock the Doors and Windows When You Left For Work This Morning? Part 1: Passwords
Overview In this series of articles I will cover several security related issues that apply to how we use computers and what we can do to prevent financial loss, embarrassment and loss of business. We can all blame any browser and any operating system for the flaws they have, some favour Firefox some IE as browsers. Many that have said one is more secure than the other may have and often do have a valid point; however, some of them and maybe you are worried about the security of a browser, yet, leave the front door wide open and the pc un-attended logged into the bank account!
The above might sound far-fetched, and indeed if you drive round your local neighbourhood you will see, most if not all front doors closed (but not windows). When I speak of the front door I am actually referring to the many doorways we can potentially leave open into our personal and professional lives and businesses.
If you think I am referring to techi hackers, and think why would they target me, don’t stop reading, I will tell you why they would target you and why it is not just the techi hacker.
This series of articles will not cover all IT security measures but will give some guidance on several common areas.
Who am I? I am a ‘Techi’, a developer of large client server applications including the online business community, SME Guild. To become a ‘Techi’ of this level I have experienced many other levels of IT and business, both related to and as far removed from IT as you can imagine. I am also a businessman with my own company.
The reason I am telling you this is so you can see that what I write in this article is based on experience, not just what I have read elsewhere.
Passwords I have in the past had to access other peoples PCs and they have not been there to give me the password, yet I rarely had trouble getting logged on, yet I am not a hacker and at the time was hardly what I would class as technical. Good systems prevent bad passwords, but many people still either do not activate higher levels of security or are using less secure systems that let them get away with being lazy.
Remember if something is designed to ask for a username and password, it is meant to be secure to some level and you should respect that, it is protecting something, normally YOU!
Do not use a blank password, or any of the following:
Sex, God, Admin, System, Money, Love
Especially do not use PASSWORD in any of its forms; it is the default for all sorts of things, including Routers – how mad is that?
Do not use your email address.
Whenever any of the above did not work I asked the PC owners co-workers and often they knew the password (Not a good idea). Sometimes they knew an old one, so I would add numbers sequentially to the old password and most times that would work (Do not keep adding numbers to your password each time you change it).
Do not keep a book or Post It with your passwords on in an unsecured location, what is the point of a password if there is a big yellow sticky thing with PASSWORD: blah blah, stuck to your monitor, people do it!
Finally in the password issues raised here, do not use a loved-ones name, be it a pet or a person. I once employed an IT manager who should have known better, but used his girlfriends name, he did add one twist that made it a little harder to crack, he replaced some letters with numbers like on a calculator L= 7 E = 3 and so on.
So, do have passwords, use them whenever prompted, make them difficult to guess, stay away from words that can be associated with you like interests (Do not use one theme like Star Trek, or Composers) and names, use upper and lower case letters, some punctuation and numeric’s, and never do a password less than 6 characters in length.
David Baldwin is the Managing Director of Working Pulse Ltd (http://www.workingpulse.co.uk ).
David designed and created SME Guild, the online business community (http://www.smeguild.com ) so all businesses (self-employed to large SME’s) could benefit from each other’s experience, find business contacts, new suppliers, networking opportunities, buy and sell online and much, much more!
Join before 1st May 2007 to get one year's FREE membership to SME Guild.