Saturday, 15 August 2009

Passwords

I thought a few reminders about the importance of passwords wouldn’t be amiss!!!!!

Do use a password manager like “Roboform”

DO change passwords frequently. I change mine every six months or whenever I sign in to a site I haven't visited in long time. Don't reuse old passwords. Password managers can assign expiration dates to your passwords and remind you when the passwords are about to expire.

DO keep your passwords secret. Putting them into a file on your computer, e-mailing them to others, or writing them on a piece of paper in your desk is tantamount to giving them away. If you must allow someone else access to an account, create a temporary password just for them and then change it back immediately afterward.
No matter how much you may trust your friends or colleagues, you can't trust their computers. If they need ongoing access, consider creating a separate account with limited privileges for them to use.

DON'T use passwords comprised of dictionary words, birthdays, family and pet names, addresses, or any other personal information. Don't use repeat characters such as 111 or sequences like abc, qwerty, or 123 in any part of your password.

DON'T use the same password for different sites. Otherwise, someone who culls your Facebook or Twitter password in a phishing exploit could, for example, access your bank account.

DON'T allow your computer to automatically sign in on boot-up and thus use any automatic e-mail, chat, or browser signins. Avoid using the same Windows signin password on two different computers.

DON'T use the "remember me" or automatic signin option available on many Web sites. Keep signins under the control of your password manager instead.

DON'T enter passwords on a computer you don't control — such as a friend's computer — because you don't know what spyware or keyloggers might be on that machine.

DON'T access password-protected accounts over open Wi-Fi networks — or any other network you don't trust — unless the site is secured via https. Use a VPN if you travel a lot. (See Ian "Gizmo" Richards' Dec. 11, 2008, Best Software column, "Connect safely over open Wi-Fi networks," for Wi-Fi security tips.)

DON'T enter a password or even your account name in any Web page you access via an e-mail link. These are most likely phishing scams. Instead, enter the normal URL for that site directly into your browser, and proceed to the page in question from there.

Following these tips will help you keep your personal data safe online.

No comments: