• silicon.com
• Technology
• Software

By editorial@silicon.com, 29 May 2002 12:15

NEWS Security experts this week urged corporate users to be more careful when it comes to picking passwords. Most users still pick passwords which are easy to remember, but which consequently are also easy to guess, such as their spouse's name or their favourite football team (see: http://www.silicon.com/a53600 ). But workers are being warned that obvious passwords are an open door for hackers who use social engineering to guess them. Here are just a few of your suggestions... For passwords, think text messaging
From : Antoinette Carter A good way to include that 'hard to guess' numeric element in a password is to write numbers for words i.e. when I got engaged last year to a certain Mr Peters, my password became 'soon2BMrsP'! Change them regularly
From : John Norman Sansom As your article says passwords should be changed regularly. We used to have a system that enforced change once a month. So I chose a sequence of twelve events in my childhood and based the passwords on the initial letters and the month and year of the event. I only need to know what month it is to work out where in the sequence I am. I doubt if even my wife knows me well enough to put dates to the sequence. That's if she can guess what the sequence is and their initial letters! I go completely random
From : Marie Griffiths I look around my office for ideas and say, if I saw a cactus, I would go for the name of a plant, so oaktree and then I add on a random number and randomly capitalise one letter of the password. e.g. oaktRee7 Numbers are everywhere
From : Simon England We are surrounded by collections of digits - number plates! Simply look at a car you regularly walk past on your way to the office, use its reg. and there is no connection to you. Number substitution
From : Ken Smith I always pick a word of more than eight characters, then replace i's with 1 or o's with 0, or s's with 5. Gives an alphanumeric password with the numbers randomly within the password. A good way to choose a password
From : Mark Kinsley Any existing word (English or other language word) is a BAD password. Numbers in a password help, but just substituting i-1, o-0 etc... just isn't good enough. If your memory is really bad, try taking letters from an easily remembered phrase... for example 'hlvbast2' taken from 'Hasta La Vista Baby - Arnold Schwarzenegger, Terminator 2'. Stretch your memory, try inserting random numbers into your passwords. As processing power increases, the relative weakness of a password within a system increases. *Don't re-use a password too many times
*Choose a password according to what it protects Password advice
From : Marc Harry A good method of setting up passwords is to use the phone pad method - choose a word over eight letters and replace the letters from the numbers on your phone - it's right there on the desk so no one will even notice you doing it! PASSWORD becomes 72779673.