Page 30 - ICT Nepal News Issue 01
P. 30

Password Security






                                           The Password  Security Checklist


           7. Never share  your password with    .   Tech support                the safe if you can have the bank
           anyone. seriously.                    .   Cops                        manager  open it up for you?
              The very first thing you're going to  .   Your friend who is actually
           want to do, if it wasn't part of your OS  really cool                 2. Create  a Strong Possword
           setup, is change the root password.   o  I judge                         Not just  any password will do,
           This should be self-evident,  but can  .   Mom                        and the reason why relates to how
                                                 .
           be surprisingly  overlooked during  a     Someone  asking for it in   passwords are cracked. lf a person
           routine  server setup. The password       an email                    were trying to guess your password,
                                                 .
           should  be at least 8 characters,  using a  Your boss                 they might try ten or so passwords
           combination  of upper and lowercase   o   Famous  hacker Kevin Mitnick  a minute, if they're fast. A computer
           letters, numbers and symbols. You     o   Literally  anyone           can guess much,  much faster. So how
           should also set up a password  policy  Your password  is what makes   many permutations  does it take to
           that specifies aging, locking,  history  you accountable for the actions  get your password?  Here are three
           and complexity requirements if you  taken under your account. Socially  key factors:
           are going to use local accounts.  ln  engineering  a  password  out  of  .   Length. Each character
           most cases you should disable the  someone  is often much easier than  increases the        complexity
           root user entirely and create non-  "hacking" their account.  Most  *ishing  exponentially. This is why passwords
           privileged  user accounts  with sudo  schemes trick you into giving up your  typically have a   minimum
           access  for those who require  elevated  password  in some way or another.  requirement  of 8 characters.
           rights.                           Why go to the trouble of blowing      .    Character. sets.  Each



                                                 (30) IITINErAL (fanuary  Z0t7)
   25   26   27   28   29   30   31   32   33   34   35