Comments on: How easy is your password to crack? http://www.hrtechnews.com/how-easy-is-your-password-to-crack/ HRMS, Internet Monitoring, Payroll Software, Time and Attendance, and more Thu, 04 Aug 2011 15:58:56 +0000 hourly 1 http://wordpress.org/?v=abc By: Randi G. http://www.hrtechnews.com/how-easy-is-your-password-to-crack/comment-page-1/#comment-12249 Randi G. Mon, 29 Jun 2009 23:48:54 +0000 http://www.hrtechnews.com/?p=1572#comment-12249 I found my password posted on the cubicle wall of a departing co-worker. I found my password posted on the cubicle wall of a departing co-worker.

]]> By: Keith Hamm, SPHR http://www.hrtechnews.com/how-easy-is-your-password-to-crack/comment-page-1/#comment-12002 Keith Hamm, SPHR Thu, 25 Jun 2009 14:48:46 +0000 http://www.hrtechnews.com/?p=1572#comment-12002 And don't write your password on the bottom of your keyboard. And don’t write your password on the bottom of your keyboard.

]]> By: Jamal http://www.hrtechnews.com/how-easy-is-your-password-to-crack/comment-page-1/#comment-11879 Jamal Tue, 23 Jun 2009 19:31:21 +0000 http://www.hrtechnews.com/?p=1572#comment-11879 Regarding passwords: I use a simple method to teach users to create strong, but easy to remember passwords. Take a poem, song title, line from a song, quote, etc. and write it down. For example: Four score and seven years ago equals 87 If any of the words are numbers, substitute the digits: 4 score and 7 years ago equals 87 Likewise, you may choose to substitute symbols (although some systems won't allow this*): 4 score & 7 years ago = 87 Keep only the first letter of each word and remove the spaces between: 4s&7ya=87 *In the case of not using symbols, or to add another level of complexity, mix the case of the letters. Starting with: 4 score and 7 years ago equals 87 Capitalize the "major" words, while leaving the "minor" words lower case: 4 Score and 7 Years Ago equals 87 Then keep only the first letter and strip the spaces: 4Sa7YAe87 or 4S&7Ya=87 These passwords will defeat any "dictionary attack" but will be easy for you to remember and type (after the first few tries). Now that you have a good, strong, base password, you can append a number, letter or symbol when you have to change it. Using the symbols on the number keys makes this simple if you use them in order (shift+1=! shift+2=@, etc.) Finally: Do not ever give your password to anyone (even a trusted assistant). If you believe your password may have become compromised, change it immediately. If you have to provide your password to a support person for some reason, change it immediately after they are done working. Regarding passwords:

I use a simple method to teach users to create strong, but easy to remember passwords. Take a poem, song title, line from a song, quote, etc. and write it down. For example:

Four score and seven years ago equals 87

If any of the words are numbers, substitute the digits:
4 score and 7 years ago equals 87

Likewise, you may choose to substitute symbols (although some systems won’t allow this*):
4 score & 7 years ago = 87

Keep only the first letter of each word and remove the spaces between:
4s&7ya=87

*In the case of not using symbols, or to add another level of complexity, mix the case of the letters. Starting with:
4 score and 7 years ago equals 87

Capitalize the “major” words, while leaving the “minor” words lower case:
4 Score and 7 Years Ago equals 87

Then keep only the first letter and strip the spaces:
4Sa7YAe87
or
4S&7Ya=87

These passwords will defeat any “dictionary attack” but will be easy for you to remember and type (after the first few tries).

Now that you have a good, strong, base password, you can append a number, letter or symbol when you have to change it. Using the symbols on the number keys makes this simple if you use them in order (shift+1=! shift+2=@, etc.)

Finally: Do not ever give your password to anyone (even a trusted assistant). If you believe your password may have become compromised, change it immediately. If you have to provide your password to a support person for some reason, change it immediately after they are done working.

]]> By: Jamal http://www.hrtechnews.com/how-easy-is-your-password-to-crack/comment-page-1/#comment-11874 Jamal Tue, 23 Jun 2009 18:24:24 +0000 http://www.hrtechnews.com/?p=1572#comment-11874 Regarding #4, I believe you meant "lock" rather than "log off". If using Windows, and using a "modern" keyboard with a "Windows Key" (looks like the Microsoft Flag, between the left Ctrl and Alt keys), you can lock your computer instantly by pressing and holding the Windows Key and tapping the letter "L". Win+L=Lock. Your screen will instantly clear and be replaced by the "Computer Locked" dialog which prompts you to press Ctrl+Alt+Del to unlock. If using an old keyboard, press Ctrl+Alt+Del then hit the Space Bar to lock. Either way, in less than a second, your computer is secure. As a backup, for the rare event that you forgot to lock before you walk, set your screen saver to activate after 10 minutes of inactivity, and require a password to unlock. It's not perfect, but it provides a safety net, while not being too intrusive. Regarding #4, I believe you meant “lock” rather than “log off”. If using Windows, and using a “modern” keyboard with a “Windows Key” (looks like the Microsoft Flag, between the left Ctrl and Alt keys), you can lock your computer instantly by pressing and holding the Windows Key and tapping the letter “L”. Win+L=Lock. Your screen will instantly clear and be replaced by the “Computer Locked” dialog which prompts you to press Ctrl+Alt+Del to unlock.

If using an old keyboard, press Ctrl+Alt+Del then hit the Space Bar to lock. Either way, in less than a second, your computer is secure.

As a backup, for the rare event that you forgot to lock before you walk, set your screen saver to activate after 10 minutes of inactivity, and require a password to unlock. It’s not perfect, but it provides a safety net, while not being too intrusive.

]]>