Creating a strong password

Creating a strong password

The best secure password is difficult to guess and difficult to crack, but easy for you to remember. To provide the highest level of security, the password should challenge password cracking software so that it takes more time to crack than most people would be willing to devote to it.

The following types of passwords are insecure because they are easy to guess by people you know or easy to crack by people you do not know:

Any word, common or not, even one in a foreign language

Any name (yours, your spouse or children, your boss, your pet)

Any password made up of all numbers (bank card number, house numbers, telephone numbers, US Social Security number, or car license plate number)

A secure password should contain at least three of the following elements:

Have at least eight characters (the more characters, the longer it takes to crack)

Have both upper and lower case letters

Contain both letters and numbers

Contain special characters (interspersed between letters and numbers)

In addition, a secure host password should also be easy for you to remember so that you are not tempted to write it down and leave it in an insecure area (such as taping it to the unit). As mentioned in the previous section it is a good idea to note any password (or name) that you create or change and keep it in a secure area that is still accessible to the rest of your team members.

Note: One common method for creating a strong password entails swapping out alphabetic characters with numeric or special-character equivalents. For example:

the word baseball becomes b@s3B@11

the phrase playmahjong becomes p!@yM@4j0nG

For more information on securing hosts on the Internet, see http://www.cert.org/.