Create a valid password in English
content:
Password basic inefficient password How to create a good password Create a valid password scheme Conclusion Reference information About the author to this paper
more content:
All articles teaching
Computer System-based Strategy Rob Shimonski (RShimonski@rsnetworks.Net) Chief Network and Security Engineer September 2002
password. This annoying guy seems to have 5 to 10, while many years ago, most people may only have one or two. Today, with up to 10 passwords at once, it is already a lot of things, but managing them is more likely to be more likely to. This paper studies the use of passwords: Why is it a problem and what you can do. This article describes a simple system for creating a password for secure and easy memory.
The password base password is the first defense line of your system and personal information. The size of this system can be any size, from a computer to a residential alarm system to an enterprise network consisting of hundreds or thousands of computer; information can be any type, from social insurance number to private letters to confidential documentation. By the combination with the username, the password provides a set of credentials accessing these systems. Username is usually a "account" that creates it to let you use it with your password. Here is a list of information that requires protection; some of these items are for individuals, while others involve highly sensitive business or government information:
Financial Data Credit Card Number Health Information Private Document Cookie COOKIE (including sensitive information) Company confidential intellectual property design map military data password has a wide range of applications, but for simplicity, this article only involves computer-based systems. The following is a system example that should be protected with a password.
Workstation Application: Email, Word, Excel, etc. Server login router (other devices) Log in to the website e-commerce site PDA (Personal Digital Assistant) So, what is the most important? Oh, let us consider problems like this. You have a workstation at home and working place. You have a bank account, an email account, and more. Additional one by one. Now suppose you work in the IT field, you might want to remember 50 or more passwords. What if you have to change your password every month? Not only do you have to remember (or may be a few) password, but also need to change them and remember the new password immediately. One of the biggest obstacles to creating a valid password is lazy. We all hope that the password is better, so it is often not very cautious or creative when designing passwords. So you must pay attention to the company's strategy for password security. Most companies have appropriate strategies to force all users to create new and unique passwords every month. As a result, the end user only added a number at the end of their last time. If the password is "DOG", then the new password becomes "DOG1", and finally expands to "DOG11". Such password creation techniques are unsafe, and such technologies are not allowed when the end user writes its password on the note and puts this note under its keyboard or on the display. Many users think it is safe enough to hide the password with its desk drawers. Another place that is often used to store the password is PDA, which will be good if the PDA will never lose or stolen. There is actually a security solution for PDA, such as PDA Secure, which is a program that adds protection to your PDA (see Resources to get link). But the best suggestion is to avoid storage passwords in your PDA or like a desk drawer. As a security analyst, when I maintain the integrity of multiple platforms, I often be asked and recommendations about creating a valid password. In the next few sections, I hope to provide some useful ideas. The most important thing to remember if the inefficient password is: any password you created is weak to the attack called password stealing or crack. This is to steal your credentials through unauthorized access. INTRODUCTION TO Password CRACKING (see Resources) Provides detailed information about password cracking technology. The first step in designing a good password is to study what should be done when creating a password. First, avoid using a dictionary word. Any word from the dictionary is easily attacked, and if you don't change it, it will eventually be cracked. The main problem with the creation of a password with a Dictionary is that any password crack tool is eventually able to use a dictionary attack to guess it. In addition, don't expect to write a dictionary word, or add a simple numeric value after the dictionary is written. These password crack tools also try these combinations. The following is some examples of a bad password: Cracker Cracker1 RekCarc These passwords are easily utilized. Avoid other problems when you create a password:
Never use personal information as a basis for password. For example, if you are a Star Trek fan, don't set all your passwords to "spock", "vulcan" or "spock1". Anyone who knows you can easily guess these passwords. Sports are unable to use their idols for passwords. I know that there are several administrators to use the team or athletes they like to have the basis of the password. Don't use the password based on items you put on your desk. I used to see his daughter's photo on a customer desk, followed by using his daughter's name into his server. Do not save your password file on your local machine or shared network. This is only protected by file level access, and the machine itself may be leaked. If someone re-sets the permissions and incorrectly sets the permissions, the permission of the subfolders within the folder is also reset, which will cause all passwords on the network. How to create a good password The following is some general rules that create a valid password: Save the password's uniquely safe place is your head or lock safe, only you know the box of the safe. The effective password must be quite long, but it can't grow to you cannot remember their extent. The password of the three characters is too short. Use special characters, uppercase letters and numbers in a reasonable way. Here are some examples:
Capital Letters: If you have the "case sensitive" function, combine uppercase letters and lowercase letters can provide some protection. This way, you can use the password "heyyou", which is different from "Heyyou". Add a level of complexity to add a capital letter to make the password more difficult to crack. Special characters: Use special characters such as "#" or "%" will also add complexity. Use the word "Money", add # (Money #) behind it, so you have a quite effective password. Numbers: Use numbers to increase the complexity of this mixture. If your social insurance number is 123-45-6789, you can use the last four digits and an easy memory word (such as "Money") to generate your password "Money6789". Muncy phrase: If you are a phrase collection of a movie or song, you can use a wonderful phrase and make it a password. Assume that you are a Star WAR fan. You can use the phrase: "May the force be with you" and then use the first character of each word to create a password "MTFBWY". Replace: You can replace words with numbers or symbols. If you know the "$" symbol equivalent to the word "Money", you can combine it into the password scheme, such as "Ilove $". This is a password that is easy to memorize and difficult to crack. Next, we will process the problem of creating a valid password scheme for multiple systems. Creating a valid password scheme In this section, we have studied the password scheme for personal, home-based machines, and work-related systems and networks, as well as password schemes for Cisco routers and switches that do not use Ciscosecure-based TACACS . Ciscosecure is a product that does not use typical saved login passwords in the device itself, but uses the TACACS protocol to allow external sources such as UNIX servers to execute routers and switches login verification. The effective cryptographic scheme based on home PC based on home-based personal PC is the combination of the above theory. You will want the password very easy to memorize, because once you forget it, you don't have the skill of cracking your password, you have become a problem. You also need to consider the following:
If you are running a Windows 9x platform, you don't have to worry about your password because the password is meaningless for local machine security. Your password is based on a profile. If you press Cancel, you can bypass the login of the machine. In addition, you can bypass the password protected screen saver by rebooting the machine. If you are running a Windows NT, 2000 or XP platform, you need to make sure not to forget your password. You need to make sure you lock the Administrator account with a good password and make sure you hide your machine to avoid your machine being invaded. However, if you have forgotten your password, you want to have a way to find it. This can be done by creating a new account and password that protects the password, so you have a "back door". Household security and business security have great differences, so principles are based on personal level comfort and preference. Here is an easy-to-memory household password scheme: mix using nickname, uppercase letters, and the last four digits of your social security number and a special character. The password you created may be similar to: Butch # 8976 This example can also be used for websites, bank accounts, and other personal systems. In fact, such passwords are impossible to crack, and it is easy to keep in mind. Network Administrator System If you are in a heavy task network administrator location, what will it? Oh, it is a bit difficult because you will be responsible for the password of many systems. Password protection follows the same rules as previously, just a wider range. You are likely to have a number of systems that need to be protected by password, more, you even divide the password level according to the hoping type of access type. In other words, you can divide the login access of the Cisco router into a variety of levels, each level awarded more privileges than the previous level. You can use the same theory (uppercase, special characters, etc.) listed in Section 1 in this article, but you need to make some new changes. You will need to propose a topic instead of using a good name or single word that is easy to keep in mind. Note: Do not use my example. It has been used earlier. A film I have always love is "Reservoir Dogs". In this movie, all bad guys are named: Mr. Black, Mr. White and Mr. Pink. This topic can be combined into a password scheme for your web server. The following is a few of its possible cases: server name server type password MNN-DC-1 domain controller PINK $ DC1MNN-DC-2 domain controller White $ DC2MNN-DNS-1DNS server Black $ DNS1MNN-DNS-2DNS server RED $ DNS2MNN-DHCP-1DHCP Server Green $ DHCP1MNN-WINS-1Wins Server Orange $ WINS1MNN-FS-1 file server YELLOW $ fs1 Please note that the password for each server includes color and a special character (all passwords use the same special character) And part of the server name. In addition, pay attention to the use of uppercases. These passwords are extremely likely to be cracked. This is an example of a reliable cryptographic scheme; it is effective, and you can remember it without much strength. In addition, you can customize (and should) according to your own needs. The Cisco Administrator Password Solution The following table shows the valid password scheme of the Cisco router. Cisco router requires two password levels: an initial password and enabling Secret Password.
Password Enable confidential Donot $ HackMedonot $$ Pingmedonot $$ CRACKMEDONOT $$ SPOOFME Because the Cisco router accepts case sensitive passwords, you have a good case, special characters, and easy-to-keep in mind. For Cisco, you need to log in to the initial password for the router and the secondary password for safer access, you can configure the secondary password to enable confidentiality. This chart provides you with the idea of configuring this option. By associating the password scheme (such as movie), you are more likely to remember it (not all related to security) must become a bitter thing!); But more importantly - make sure it It is safe. Conclusion The password is required, although some inconveniences, it has become part of our lives. All systems require a password to have a first-level access security that is easy to implement. The problem facing IT professionals and users at all levels is how we use them and how can we not forget? In this article, we demonstrate how to effectively create separate passwords and password schemes. The password and password scheme must be difficult to cracked and easy to keep in mind. Because passwords are difficult to remember and understand, people often create little energy to create them, so they will endanger themselves and others' safety. However, remember this is important: no matter how effective, there is always a certain degree of risk associated with the password. Referral Please refer to the article on DeveloperWorks Introduction to Password Cracking to get an overview of password cracking technology. Sans Institute Reading Room is a great reference for security related topics. You can find it here: http://rr.sans.org/authentic/improve.php Find it. Need to register, but it is free and easy. Http://www.ja.net/cert/belgers/unix-password-security.html can find a great unix password security overview. The University of Michigan provides a great password security overview on http://www.umich.edu/~policies/pw-security.html. PDA Secure application information can be found on http://www.trustdigital.com/prod1.htm. On http://www.ftp.cl.cam.ac.uk/ftp/users/rja14/tr500.pdf (PDF format), you can get an article from Cambridge University Computer Laboratory, The title "The MemorabilityAnd Security of Passwords: Some Empirical Results".