By QUINCEY HOBBS
A chain is only as strong as its weakest link. The same is true for computer security. You can have the latest firewall, router, or encryption code, but if you have a poor password management policy, then it is all for naught. This is true for both corporate networks and home computers.
Many computer users are creatures of habit by nature. When many users find a password that they like and that they can readily remember, they keep it.
This is a good practice in relation to shoes and breakfast cereal, but not passwords. Some of the most common user passwords are god, lust, money, private, secret, sex, snoopy, and password, because no one would ever think of that.
Other popular selections revolve around personal info link maiden names, birth dates, pet names, egotistical titles and terms. See, I have already guessed two thirds of your passwords.
Part of the effectiveness of passwords is making them as difficult as possible to decode. To do this you can do one of two things. The first is to construct an alphanumeric password that is case different. This means that instead of setting your password as “minors” you could construct it as ” M9n0Rz”.
Another key in constructing a good pass word is to make it as long as possible. This doesn’t mean that you should set your password as supercalifragilisticexpialidocious, but you should make it between 6-8 letters minimum or the maximum that your log in recognizes.
An easy way to construct passwords in an alphanumeric manner is to use a password generator. You can find them on freeware Web sites sauch as snapfiles.com.
Another element of password effectiveness is ensuring that it is secure.
Kevin Mitnick, a renowned hacker, has used a technique called social engineering to gain access to computers and networks. Social engineering is a glamorized name for conning.
Employees are deceived into revealing network passwords by a nonemployee who gives them the impression that they work for that company. Next, the con artist will pretend not to know a password, and ask an actual employee for assistance.
Another technique is to simply observe someone as they enter a password. For this reason, it is imperative that passwords are changed regularly. Usually about every month.
Technology is beginning to address the password security issue also.
The trend seems to be moving towards biometrics.
This is were physical features are used to access computers and networks. One of the leading products for the desktop market is a digital fingerprint access device.
The device scans your finger and authenticates your log in. With this device, you potentially would not need to remember passwords.
Some stand alone models already are on the market (digitalpersona.com), but the next generation of these devices will be integrated with the keyboard.
Biometric thumb drives are currently on the market. The amazing part is that all of these products come in at or below $100.
Quincey Hobbs has more than 10 years of experience in the information technology field including time working with signal routers (hubs) as a switch communications team member, team member of the University of Arizona’s Center for Computing and Information Technology and as an instructor at Pima Community College. E-mail questions to firstname.lastname@example.org or send a fax to Business Editor at 573-4569.