Technical Security
It has come to my attention that a lot of you lack knowledge of how to write a password. Here are the rules for writing a solid password.
1. Don't use normal words. Not just "password" or "god" - two favorites - but any word you would find in a dictionary, or any name.
2. Use upper- and lowercase letters, and numbers as well.
3. Use unusual characters. This can supercede rule one - "U@ic0rN" works, for example.
4. The longer the better, while still being short enough to remember. "U@ic0rN!@#" isn't hard - it's U@ic0rN followed by the first three special characters in the numberset - but it's probably long enough and difficult to defeat 99.99% of attempts.
5. Nothing will defeat someone sufficiently dedicated with sufficient resources. If the NSA wants access to your accounts, they can manage it given enough time.
6. Use different passwords for different sites. This is annoying. Consider, however, that I juggle at least 8 passwords at work, all of which change at regular intervals. Even the ones that only lead to systems with no public access. And I don't get to select most of them.
The best way to do all this is with a password managment program. The best of them, such as KeePass - http://keepass.info/ - will maintain URLs directly to the site in question, so you can copy the password, click the link, and enter the password directly in the proper location. No, I don't get to use one of these at work, either.
In the interests of proper security, I will perform random testing on those of you I deem cute enough. Excuse me, those I deem worthy of mocking. Or both.
"Let's be careful out there." Bonus point for naming the show.
1. Don't use normal words. Not just "password" or "god" - two favorites - but any word you would find in a dictionary, or any name.
2. Use upper- and lowercase letters, and numbers as well.
3. Use unusual characters. This can supercede rule one - "U@ic0rN" works, for example.
4. The longer the better, while still being short enough to remember. "U@ic0rN!@#" isn't hard - it's U@ic0rN followed by the first three special characters in the numberset - but it's probably long enough and difficult to defeat 99.99% of attempts.
5. Nothing will defeat someone sufficiently dedicated with sufficient resources. If the NSA wants access to your accounts, they can manage it given enough time.
6. Use different passwords for different sites. This is annoying. Consider, however, that I juggle at least 8 passwords at work, all of which change at regular intervals. Even the ones that only lead to systems with no public access. And I don't get to select most of them.
The best way to do all this is with a password managment program. The best of them, such as KeePass - http://keepass.info/ - will maintain URLs directly to the site in question, so you can copy the password, click the link, and enter the password directly in the proper location. No, I don't get to use one of these at work, either.
In the interests of proper security, I will perform random testing on those of you I deem cute enough. Excuse me, those I deem worthy of mocking. Or both.
"Let's be careful out there." Bonus point for naming the show.