Password Makeover
Password Makeover
http://tech.yahoo.com/blog/worley/235;_ylt=AuXnLJMhgfV80xQtdNawxwgnLpA5
Fri Jul 7, 2006 12:59PM EDT
Passwords are a hassle to make and remember, but they keep us all safe. And it doesn't really have to be a hassle: a strategic password plan can keep the bad guys out and keep you from forgetting your passwords.
Start Your 30 minute Password Makeover
Commit to writing down all the websites or networks where you use a password. Only write down the name of the site, and your user name, NOT your passwords. A master list of passwords is an open invitation for someone to access your accounts: roommate, co-worker, burglar, kids.
Security Levels: High, Medium, and Low
Once that list is done, divide the sites into three categories: high-security, medium-security and low-security.
High-security logons should include anything associated with money or sensitive personal information: financial brokerages, online banking, PayPal, travel sites that store your credit card numbers, any site that has your social security number (school site, medical insurance site, tax site), and your work network.
Medium-security logons should include anything of a personal nature: your email accounts, your ISP account at home, your alumni network, instant messaging logons.
Low-security logons can consist of email groups, news sites that require a logon, or random sites that require you provide a password.
Assign a password to each group
To cover the requirements for all logons, make your passwords eight characters long and a combination of numbers, letters (including at least one uppercase letter), and a symbol, like an *, %, or #. One tip for creating a memorable password is to script it like a vanity license plate: Pr3t3nd$ (Pretends), W8ing4U2 (waiting for you two).
Change your passwords
Now go through your list of high-, medium-, and low-security sites and networks and change the passwords of your accounts. On your master list of accounts and user names, instead of writing the password next to the account, just indicate which security class it's in: high, medium, or low. You know those three passwords by heart (this is the challenge here-you have to memorize those three passwords).
Where to Use Your Passwords
Access your high-security passwords only from home or on trusted computers, never on a public computer that might contain a key-logger. Key-loggers are software programs that record every stroke typed on the computer including every user name and password you enter.
Use your medium-security passwords based on your own judgement - in an Eastern European Internet Café? Not a good idea. In your university's computer lab? That's a better gamble.
Low-security passwords can be used on any public account; if someone gets access to your New York Times log-in? That's not a big deal.
Good luck, stay safe, and hopefully you'll never be locked out of your own accounts again.
http://tech.yahoo.com/blog/worley/235;_ylt=AuXnLJMhgfV80xQtdNawxwgnLpA5
Fri Jul 7, 2006 12:59PM EDT
Passwords are a hassle to make and remember, but they keep us all safe. And it doesn't really have to be a hassle: a strategic password plan can keep the bad guys out and keep you from forgetting your passwords.
Start Your 30 minute Password Makeover
Commit to writing down all the websites or networks where you use a password. Only write down the name of the site, and your user name, NOT your passwords. A master list of passwords is an open invitation for someone to access your accounts: roommate, co-worker, burglar, kids.
Security Levels: High, Medium, and Low
Once that list is done, divide the sites into three categories: high-security, medium-security and low-security.
High-security logons should include anything associated with money or sensitive personal information: financial brokerages, online banking, PayPal, travel sites that store your credit card numbers, any site that has your social security number (school site, medical insurance site, tax site), and your work network.
Medium-security logons should include anything of a personal nature: your email accounts, your ISP account at home, your alumni network, instant messaging logons.
Low-security logons can consist of email groups, news sites that require a logon, or random sites that require you provide a password.
Assign a password to each group
To cover the requirements for all logons, make your passwords eight characters long and a combination of numbers, letters (including at least one uppercase letter), and a symbol, like an *, %, or #. One tip for creating a memorable password is to script it like a vanity license plate: Pr3t3nd$ (Pretends), W8ing4U2 (waiting for you two).
Change your passwords
Now go through your list of high-, medium-, and low-security sites and networks and change the passwords of your accounts. On your master list of accounts and user names, instead of writing the password next to the account, just indicate which security class it's in: high, medium, or low. You know those three passwords by heart (this is the challenge here-you have to memorize those three passwords).
Where to Use Your Passwords
Access your high-security passwords only from home or on trusted computers, never on a public computer that might contain a key-logger. Key-loggers are software programs that record every stroke typed on the computer including every user name and password you enter.
Use your medium-security passwords based on your own judgement - in an Eastern European Internet Café? Not a good idea. In your university's computer lab? That's a better gamble.
Low-security passwords can be used on any public account; if someone gets access to your New York Times log-in? That's not a big deal.
Good luck, stay safe, and hopefully you'll never be locked out of your own accounts again.