|
|
|
Note: This is a short extract from a training
course developed by Cosaint Inc. which is aimed at the users of computer
systems. You should assume that we have already covered what makes a
password strong, and what makes a password weak earlier in the course. |
|
|
|
For more information about this and other
information security training courses available from Cosaint, please visit http://www.cosaint.net/ |
|
|
|
|
|
In this section you’ll learn : |
|
about the advantages of using several passwords |
|
some tips to help you choose and remember a
strong password |
|
|
|
|
|
|
There's a big difference between the password
you use to access your bank information across the Internet, and a password
you need to access your fantasy baseball league. |
|
|
|
You could use a cheap disposable password for
things that don't require strong security, but use a good (and different)
password for sensitive information. |
|
|
|
You should never use your work passwords for
personal accounts. |
|
|
|
|
|
|
|
One way to select a password is to choose: |
|
two things you like to do; or |
|
two things that you dislike; or |
|
two movies you like to watch … |
|
Example: an outdoor enthusiast might use |
|
2Hike&Run |
|
|
|
This password is: |
|
easy to remember |
|
long enough (nine characters) |
|
uses lower case, upper case, digits and symbols |
|
|
|
|
|
|
|
|
|
Think of 2 things that you like (or dislike?) -
for example: |
|
a sports activity |
|
a type of music |
|
a game |
|
|
|
Combine 2 words that relate to these activities. |
|
|
|
Replace some of the letters with numbers or
special characters. |
|
|
|
Do you have a password that is: |
|
strong? |
|
(relatively) easy to remember? |
|
|
|
|
A good way to remember a password is to base it
on a phrase. |
|
|
|
For example, the expression "Crime Never Pays"
might remind you that your password is |
|
|
|
Cr1mE_NP |
|
|
|
Notice we changed the letter 'i' to the numeral
1. We also mixed in some capital letters. |
|
|
|
|
|
|
|
Think of a simple phrase that you can remember. |
|
|
|
Take some of the letters - for example: |
|
first letter of each word |
|
first and last letter of each word |
|
|
|
Combine the letters. |
|
|
|
Add some numbers and/or special characters.
Replace some of the letters with numbers or special characters. |
|
|
|
Do you have a password that is: |
|
strong? |
|
(relatively) easy to remember? |
|
|
|
|
|
|
|
Sometimes, you just have to write down a
password. If so, try to disguise it in some way. |
|
|
|
You might invent a person and address in an
address book. |
|
|
|
Jack Frost |
|
1094 Saint Joseph Court Apt 3 |
|
Austin, TX |
|
|
|
which might remind you that your password
is: |
|
JF1094SJC#3 |
|
|
|
Only you know that this person is imaginary so
this is pretty secure! |
|
|
|
|
|
|
|
Create a strong password: |
|
use at least 8 characters |
|
mix together letters, numbers & special
characters |
|
|
|
Invent a “name and address” that you could write
down (if absolutely necessary) to remind you of the password. |
|
|
|
Ask another student to try to figure out the
password from the name and address. |
|
|
|
|
You could use a picture or series of pictures to
remind you of your password. |
|
|
|
Just don't make the pictures too obvious. Maybe
a picture of three boats and a ship sailing on the ocean could remind
someone their password is |
|
3Boats&1Ship |
|
|
|
|
|
|
Take one of the passwords that you created in an
earlier exercise. |
|
|
|
Draw a picture that reminds you - in some way -
of the password. |
|
|
|
Ask another student to try to figure out the
password from the picture. |
|
|
|
|
|
Use weaker but easier-to-remember passwords
where you don’t really need strong security. |
|
|
|
Ideas for creating & remembering strong
passwords: |
|
things that you like (or dislike?) |
|
phrases |
|
writing down your password |
|
using pictures as reminders |
|