P for Positive » Computer Security

Choosing Your Password – 2

admin — Sun, 26 Jul 2009 19:30:37 +0000

Since I wrote about choosing a password, there have been tons of blogs, articles and comments on the recent hacking of Twitter accounts. Among other things, security experts are talking about how to choose a good password. Following are some tips that I would like to add to my previous blog:

1. Single Dictionary words make a very weak password. Choose at least three word phrase.

2. Changing the letter case of just first or last letter is not good enough. Change the letter case of letters other than first or last letter.

3. Adding a number just to the beginning or end of the password to make it alphanumeric is also not good enough.

There is no perfect way to choose a good password. If you can create a unique account for each of your accounts and remember the login information, do so. For most people, creating a unique login account everytime is impractical. You just cant remember that many passwords. Is writing down passwords a good idea? It depends. How secure is the place you are storing your password in? One solution is to categorize
accounts and use same password for different categories such as work-important, work, home-important and home. The problem is that if one of your passwords is compromised, your other passwords in that category are also compromised. This maybe an acceptable risk.

As I said earlier, there is not perfect solution. What you can do is take all factors into account and create your own strategy.

Choosing Your Password

admin — Sat, 18 Jul 2009 02:22:21 +0000

It seems that I sign up for a new service or a new application every week. And every time I have to choose a user name and a password. Over the years, I have learned a few techniques to choose passwords that are fairly difficult to guess but are easy to remember (for me).

1. A street address: A street address makes a perfet password as long as is not directly related to you. Your home or office address would be make poor passwords. Address of a friend’s home, library or your favorite coffee shop can all make good passwords.

13BowmanDr and 3505thAve (Empire State Building) are examples of two address turned into passwords.

2. Rhymes or song lyrics: Pick a sentence from a rhyme or a song. Pick a year or a month. This could be when the song was released or when you first heard it. Combine the first letter of each word and the year or month you chose.

Twinkle Twinkle Little Star - ttlS2009

Pocket Full Of Sun Shine – Pfoss2008

3. If you are a good typist, then pick a phrase. A quote you like or an idiom would make good password.

’Knock on Wood’ has three words. So the password becomes ‘3KnockonWood‘.

Norton Internet Security 2008

admin — Tue, 11 Sep 2007 00:41:00 +0000

I downloaded and installed Norton Internet Security 2008 a couple of weeks ago. So far, I like the software. The GUI is different than NIS 2007 and there are some new features. However, one thing has not changed: it takes triple the normal time to boot after installing NIS. Really, I think the boot time is worse than as in NIS 2007.

Once cool new feature is Network Security Map. It gives information about the computers on your network such as name, IP address and MAC address. This is a good place to look for uninvited neighbors connecting to your network.

Another feature that I like is Security Inspector. It checks browser settings, IM, IP addresses and Windows passwords for vulnerabilities. It is a nice feature that should be run once in a while.