Notes
Outline
Good Password Practice
Note: This is a short extract from a training course developed by Cosaint Inc. which is aimed at the users of computer systems. You should assume that we have already covered what makes a password strong, and what makes a password weak earlier in the course.
For more information about this and other information security training courses available from Cosaint, please visit http://www.cosaint.net/
What You’ll Learn
In this section you’ll learn :
about the advantages of using several passwords
some tips to help you choose and remember a strong password
Using Several Passwords
There's a big difference between the password you use to access your bank information across the Internet, and a password you need to access your fantasy baseball league.
You could use a cheap disposable password for things that don't require strong security, but use a good (and different) password for sensitive information.
You should never use your work passwords for personal accounts.
Things You Like To Do!
One way to select a password is to choose:
two things you like to do; or
two things that you dislike; or
two movies you like to watch …
Example: an outdoor enthusiast might use
2Hike&Run
This password is:
easy to remember
long enough (nine characters)
uses lower case, upper case, digits and symbols
Try It Now …
Think of 2 things that you like (or dislike?) - for example:
a sports activity
a type of music
a game
Combine 2 words that relate to these activities.
Replace some of the letters with numbers or special characters.
Do you have a password that is:
strong?
(relatively) easy to remember?
Phrases
A good way to remember a password is to base it on a phrase.
For example, the expression "Crime Never Pays" might remind you that your password is
Cr1mE_NP
Notice we changed the letter 'i' to the numeral 1. We also mixed in some capital letters.
Try It Now …
Think of a simple phrase that you can remember.
Take some of the letters - for example:
first letter of each word
first and last letter of each word
Combine the letters.
Add some numbers and/or special characters. Replace some of the letters with numbers or special characters.
Do you have a password that is:
strong?
(relatively) easy to remember?
Writing Down Your Password
Sometimes, you just have to write down a password. If so, try to disguise it in some way.
You might invent a person and address in an address book.
Jack Frost
1094 Saint Joseph Court Apt 3
Austin, TX
which might remind you that your password is:
JF1094SJC#3
Only you know that this person is imaginary so this is pretty secure!
Try It Now …
Create a strong password:
use at least 8 characters
mix together letters, numbers & special characters
Invent a “name and address” that you could write down (if absolutely necessary) to remind you of the password.
Ask another student to try to figure out the password from the name and address.
Using Images as Reminders
You could use a picture or series of pictures to remind you of your password.
Just don't make the pictures too obvious. Maybe a picture of three boats and a ship sailing on the ocean could remind someone their password is
3Boats&1Ship
Try It Now …
Take one of the passwords that you created in an earlier exercise.
Draw a picture that reminds you - in some way - of the password.
Ask another student to try to figure out the password from the picture.
What You Should Have Learned
Use weaker but easier-to-remember passwords where you don’t really need strong security.
Ideas for creating & remembering strong passwords:
things that you like (or dislike?)
phrases
writing down your password
using pictures as reminders