Most Passwords Are Unsafe

Many attempts against the security of systems are performed in an attempt to get a hold of encrypted passwords. These password files are then subjected to brute force attacks using common or dictionary words. Unfortunately these type of attacks are often successful.

Secure Password Tips

• Don't use words that can be found in the Dictionary. Password hackers use hundreds of thousands of common words when they're trying to crack your password. Make something up.
• Don't use any personal information. Someone who does some research can usually find out your phone number, birth date, special dates, names of your kids or pets, etc. Keep away!
• Do use special characters. Include punctuation characters and numbers in your passwords.
• Do use mixed case. Include both UPPER and lower case characters in your pASSwoRd!
• Use different passwords for important systems. Never use the same password you may have assigned yourself at a web site for your file server, or even internal e-mail system. By using different passwords often, you are limiting your exposure for a password breach to (hopefully) one system.
• Don't give your password to anyone. Your system administrator can reset your password if necessary, but make sure you change it soon. If someone is asking you for your password treat the conversation like they were asking for your social security number or your credit card information.

Check out

• C/Net -- Passwords: The Weakest Link?
• Microsoft -- Security and Privacy for Home Users.
• SANS -- Strong Passwords

What to do?

• Follow the tips shown above.
• Use the Online Secure Password Generation Tool, and then use the passwords it generates for your systems.