Thursday, March 29, 2007
Pointless Shit
4.3 Password Composition
All personnel:
permitted by the system if that is less than seven characters.
Lowercase letters (i.e., a-z). Uppercase letters (i.e., A-Z). Numbers (i.e., 0-9). Punctuation (e.g., !, @, #, $, %, ^, &, *, -, +, <, >).
If all character types are not permitted by the system, use the greatest variety of
characters permitted by the system.
Use passwords that are difficult to guess. Difficult-to-guess passwords include
those that are:
Not a word in any language, English or foreign, or slang, dialect, or jargon.
Not based on personal, known or guessable information such as:Names of family, pets, friends, co-workers, fantasy characters, etc. Computer terms and names, sites, companies, hardware, and
software.Terms associated with the company (e.g., [Nameless Company], [Nameless Satellite], Consumer name for [Namelss Company],
Riverfront).Birthdays or personal information such as addresses, phone
numbers, employee or badge numbers, or Social Security numbers.Letter or number patterns like abcABC, Qwerty, 123CBA, etc. Any of the above spelled backwards or otherwise obfuscated. Any of the above preceded or followed by a digit (e.g.,
"[namelsscompany1]").
Personal Identification Numbers (PINs), to the extent that such rules are
permitted by the system.
a longer version of a password and is, therefore, more secure because it is
less vulnerable to "dictionary attacks." Policy requirements related to password composition also apply to a passphrase. An example of a
passphrase is: "I went snowboarding 5 times in January!"
So remember, don't have any passwords that contains a word in any language, English or foreign, or slang, dialect, or jargon.
Good advice for us all. Remember, Password Security begins with you!
BOJ
Labels: [Nameless Company], Pointless Shit
# posted by Blind Orange Julius @ 12:36 PM 
Comments:
<< Home
So basically, considering the number of accounts most people in the modern computer age have... you should create a bunch of passwords that you, yourself, will have a high chance of forgetting - requiring you to keep a protected list of them somewhere like in a PDA Password Safe or in a locked paper portfolio. Geez... how much fun that would be for most people.
Quinn
Quinn
# posted by 
: 2:01 PM
: 2:01 PM
Absolutely not!
From the same document:
• Do not write down passwords in any readily-decipherable form and leave them in a place where unauthorized persons might discover them.
• Do not store passwords on a computing device or on-line unless you use a nonreversible encryption method.
From the same document:
• Do not write down passwords in any readily-decipherable form and leave them in a place where unauthorized persons might discover them.
• Do not store passwords on a computing device or on-line unless you use a nonreversible encryption method.
Well a PDA Password Safe is pretty secure. Some PDA's support finger print identification as a security method.
A locked portfolio, well... locks only keep honest people honest but it's better than leaving them out in the wide open.
I guess the best thing to do is come up with your own cypher method and translate any passwords that you create that are able to be remembered into that cypher... but who's going to do that for an e-mail account or something.. certainly not me.
Quinn
Post a Comment
A locked portfolio, well... locks only keep honest people honest but it's better than leaving them out in the wide open.
I guess the best thing to do is come up with your own cypher method and translate any passwords that you create that are able to be remembered into that cypher... but who's going to do that for an e-mail account or something.. certainly not me.
Quinn
# posted by : 4:12 PM
: 4:12 PM << Home
