|
Use Strong Passwords Make passwords easy to remember but hard to guess
|
| bet | 5/6 | | Sana | 13.05.2024 | | Hajmi | 7,53 Mb. | | #228915 |
Bog'liq USG Security Awareness Primer Make passwords easy to remember but hard to guess - USG standards:
- Be at least ten characters in length
- Must contain characters from at least two of the following four types of characters:
- English upper case (A-Z)
- English lower case (a-z)
- Numbers (0-9)
- Non-alphanumeric special characters ($, !, %, ^, …)
- Must not contain the user’s name or part of the user’s name
- Must not contain easily accessible or guessable personal information about the user or user’s family, such as birthdays, children’s names, addresses, etc.
Creating Strong Passwords - A familiar quote can be a good start:
- Using the organization standard as a guide, choose the first character of each word:
- Now add complexity the standard requires:
- L1A$mwTF0S (10 characters, 2 numerals, 1 symbol, mixed English case: password satisfies all 4 types).
- Or be more creative!
“LOVE IS A SMOKE MADE WITH THE FUME OF SIGHS”
William Shakespeare
- Never use admin, root, administrator, or a default account or password for administrative access.
- A good password is:
- Private: Used by only one person.
- Secret: It is not stored in clear text anywhere,
including on Post-It® notes! - Easily Remembered: No need to write it down.
- Contains the complexity required by your organization.
- Not easy to guess by a person or a program in a reasonable time, such as several weeks.
- Changed regularly: Follow organization standards.
- Avoid shoulder surfers and enter your credentials carefully! If a password is entered in the username field, those attempts usually appear in system logs.
- Do not open email attachments unless you are expecting the email with the attachment and you trust the sender.
- Do not click on links in emails unless you are absolutely sure of their validity.
- Only visit and/or download software from web pages you trust.
|
| |
