Choosing good passwords for data encryption

It all starts with a strong password. We all have more passwords we care to have. It might sound simplistic, but strong passwords are a must for good security. Strong passwords to your web, ftp, and data servers are the easiest first step toward a secure web presence.

What Makes A Strong Password?

�A three-character password is much weaker than a six or eight character password. A good rule of thumb is never to use password shorter than eight characters.

�In no way should you use the default password

�Never make a word found in a dictionary your password. One of the most common methods to break into systems is to run scripts that try using dictionary words to guess your password. The less your password looks like a dictionary word, the less likely will someone guess what it is.

�Include numbers and special characters

�Avoid repeated numbers, characters or sequences such as 12345678, bbbbbbbb, or 33333333

�Never use the user name, or any combination of it, as your password. Don't use your domain name as your password either.

�Don't use look alike substitutions like "4ufromme", or n0t@home"

�Use the entire keyboard, and try to use the less common keys

�Use different passwords for different accounts. If you use the same password for all of your accounts, you may find multiple of your accounts compromised simultaneously.

�Never, ever use a blank password.

Examples of strong passwords are:

A combination of several words that aren't themselves a word interspersed with special characters (e.g., !4scOrE&sDayNYeaRs_ag0)

A word with digits of a memorable date sprinkled inside it (e.g., vacation -> 0vac2a0t9io19ln99)

Keep Your Passwords Safe

Ideally, you would never write down your passwords, but it is becoming difficult to do with so many accounts. If you have to write them down, keep them locked in a safe or some other secure environment. Passwords on Post It notes are a recipe for disaster. Don't do it!

Don't share your passwords with other, not even friends or family members. If someone has to use one of your accounts, log them in instead of sharing your password. Don't give out your password over the phone unless you have initiated the phone call. For example, you may receive a phone call from your Internet Service Provider asking for your password. Ask for their phone number, cal them back, then give out your password. Telephone conversations are not considered secure. Neither are online chat, email, or instant messaging.

Change your passwords regularly. A new password every 45 days is a good practice. Having the same passwords for years is a weak security practice. Set yourself reminders in your calendar. Make it a routine procedure. You'll see that after a few months, it becomes a habit.

Avoid typing your password on public computers. Unfortunately, many public computers have been compromised, making their users vulnerable for malicious keystroke logging scripts.

Released AEP 2008 PRO&STD&Lite v.4.7.7 No periodic program crash when decrypting file from shell context menu using private PKI key file. RSA Key Generator adds generated keys to the list of known key files automatically. Some other bug fixes.

Released CryptoExpert 2008 Pro&Lite v7.6.2 Tray Icon. Added new menu item: Explore Z: to open mounted virtual drive in Windows Explorer.

Released AEP 2008 PRO&STD&Lite v.4.7.6 No periodic program crash on Vista SP1 when creating new pair of PKI keys.

Released Master Voyager v1.15 Beta Software for encryption of DVD/CD discs and USB Flash Memory Sticks. New version has ability to remove secure partitions from media. Many minor bugs were fixed.

Become our reseller or affiliate!
You can get an additional month income by selling our products to your customers. We have good discount rates for every kind of reseller. Please take a look at our reseller's agreement 

Last column? What can we say... We at SecureAction Research are working hard to create software which is useful for business. Your Business!.