Having had her email account hacked during the 2008 election season, Sarah Palin highlights issues surrounding password security. Bringing some issues to the public eye, such as her use of personal email for official government business, this event shows that anyone can be the victim of an online attack. In order to prevent the loss of personal information, it is essential to create secure passwords and practice safe habits. The Guide to Password Security provides informative resources regarding how passwords work, and how to implement reliable passwords. Part of our large collection of computer science resources, this guide explains important aspects of password security for anyone who relies on passwords to protect their information, as well as individuals with a more advanced understanding of the topic.
Overview of Password Creation
While having to remember a variety of passwords may seem like a frustrating chore, they are important in preventing the loss of valuable personal information. Even though it may be easy to create a simple password such as your pet’s name, or your birthday, a more complex and secure password could save you a great deal of trouble. Regardless of how unique a password may seem, if it contains common words, or dates it could be easily guessed. Additionally, a brute force approach, which entails trying any combination of words and numbers, is more likely to break through such passwords. Being so important to security, the methods used to store passwords have to be appropriately complex.
By utilizing specific algorithms and creating seemingly random strings of text, passwords can be stored without compromising their integrity. Such techniques make it nearly impossible for them to be externally acquired. A greater threat to security is often low strength passwords that have been created by users. At a time when services are increasingly carried out online, more and more sensitive information becomes potentially obtainable. It is therefore more important than ever, to be certain that the passwords you are using are adequately strong, and that you are practicing safe habits.
How Passwords Work
The function of passwords are much more obvious than the way in which they actually work on different operating systems. This section will explore how passwords operate in order to protect user information. For instance, the resources here will detail what sorts of systems are in place to ensure that these pieces of security are not simply read and exploited.
covers the logistical aspects of passwords explaining how and where they are stored depending on operating system. Beyond basic information, you can also find out how passwords can be circumvented.
provides this overview of password hacking that explains common methods used. Primary types such as dictionary attacks, ciphertext attacks, and brute force methods are covered.
Creating Strong Passwords
In order for a password to work effectively, it is of course necessary to create one that is capable of withstanding an attack. Even something as simple as varying letters and numbers can help protect you from common attacks. While creating a complex password may seem inconvenient, there are some helpful pieces of advice which can help you create a secure password that works for you. For instance, it may be helpful to employ mnemonic techniques of seemingly random strings of text. Using the first letters of lines from your favorite books, or songs may allow you to easily remember a complex password.
investigates the encryption used by websites to protect online passwords. The “grain of salt” concept is clearly explained in a point by point manner, as well as steps you can take to achieve secure passwords.
also known as US-CERT makes this guide which explains why passwords are necessary, and how to create them securely. More information on steps to take in order to protect your secure password are also given.
reinforces the significance of practicing secure password behavior. When personal information and intimate details can be easily learned online, it is important to make sure that passwords are effective. Through multiple scenarios, this article shows users how to be safe in different situations.
provides this guide which informs readers about ideal passwords, and how to achieve optimum security. A method which ensures strong passwords by utilizing punctuation, varying characters, and symbols is also given.
describes methods for creating meaningful and secure passwords with this article. Advice on safe browsing habits and steps you can take in case your password is compromised is also provided.
allows users to create unique secure passwords by choosing important characteristics such as password length, letters, mixed cases, and dissimilar characters. This tool is capable of creating a large number of passwords and is also available in an SSL secure version.
– Microsoft’s password checker indicates the strength of your potential passwords. A safe and powerful tool for creating reliable passwords, the password checker will inform you of its relative security.
The measures taken by websites and operating systems to ensure that passwords remain safe are important to the overall security of your information. In order to do this, algorithms such as the MD5 (or message-digest algorithms) transform sensitive passwords into unique output known as “fingerprints.” Commonly used for securing passwords on websites, such techniques make sure that provided information is consistent. Being informed of beneficial password practices and understanding the security surrounding passwords, it is possible to achieve a higher level of security.
– Symantec offers this resource which explores additional steps to take in order to ensure that strong passwords remain secure. Beneficial password practices for system administrators and organizations are also included.
reviews six password managers, considering their strengths, weaknesses and their cost. Further, special features are explained, allowing users to have informed opinions on password managing software.
– A closer look at MD5, the MD5 Algorithm Overview describes the important characteristics and basic operation of the cryptographic code. Without going into too much technical detail, this overview explains some of the finer points related to MD5.
– The Internet Society provides this document which describes an algorithm that can create single use passwords. Applicable to wireless Internet networks as well as Virtual Private Networks, this algorithm is intended to improve two-factor authentication, resulting in higher security.
– Storing passwords on your computer can be helpful in cases where multiple users are allowed different permissions. Microsoft explains how to save multiple user passwords on a computer or across a network.
is an alternative to DES and IDEA that is openly available. Boasting faster speeds than either of these algorithms, Blowfish is a suitable replacement, and has even been added to the Linux kernel.
Miscellaneous Resources for Passwords
While the previous sections of this resource have focused on specific aspects of password security, this area will provide tools and information that is helpful for understanding the weaknesses of certain password encryption algorithms, available password managing programs, and other password related tasks.
Vsecurity released this advisory regarding password weaknesses in the Google Chrome web browser. Some phishing attacks could exploit Chrome’s password managing capability due to the way that HTTP authentication works.
– Intended specifically for mid sized organizations and companies, Hitachi ID Systems details the best practices for managing passwords across larger networks. Security aspects such as intruder detection/lockout as well as password encryption make this a well rounded guide.
– Joshua Wright from the SANS Institute and Carlos Cid from the Information Security Group analyze the Oracle password hashing algorithm in this thorough report. Many vulnerabilities are brought to light, showing that even those with limited resources could uncover password information without too much difficulty.