 |
Your password, please!
Sarah Granger, writing for Security Focus, has made a
point: "Let´s be honest, passwords are annoying".
Yet they protect our personal information - financial,
health data, and private documents. In a professional
context, this refers to trade secrets, financial data,
intellectual property, customers list, etc.
|
|
Banks and stores like passwords because
they are simpler and cheaper than other forms of authentication.
But as the responsibility for your password is all
yours, you have to protect it from crackers, a difficult
task because password cracking is fairly easy and
can be done in many different ways. The main one is
social engineering, that is, with some information
about your personal data, pet and family names, nicknames,
phone numbers, and so on. Remember that it was "social
engineering" that revealed the name of Rumpelstiltskin
to the miller´s daughter, in the Grimm brothers
story. |
Experts tell us not to use dictionary words, proper names,
numbers tacked onto the end, coventional words written
backwards, etc. Granger makes it clear: "While these
prove to be difficult for people to figure out, they are
no match for the brute force attacks of password cracking
tools".
A good password includes the following character sets
in its formation:
1. A mixture of uppercase and lower case letters like
A, a, B, b, C, c, etc.
2. Numerals, like 1, 2 , 3 , etc.
3. Special characters like &, %, $, @, etc.
4. Alt characters like æ (alt-145), ¤ (alt-15),
etc.
Alt characters are obtained pressing the alt key simultaneously
with a number that goes from alt-15 (¤) to alt-244
(). You have to try them out on your computer or get a
list from the Net.
The University of Michigan gives other tips related to
password creation:
1. Use at least seven characters (you have up to 63 in
some systems).
2. Pick letters from a phrase that´s meaningful
to you, and here´s an example: "Do you know
the way to San Jose?" is the source of your password
D!Y!K!twTSJ?
3. Use lines from a childhood verse, like "Yankee
Doodle went to town" (YDwto#town), expressions inspired
by the name of a city, like "I love Partis in the
springtime" (ILpinST), city expressions like "Chicago
is my kind of town", food disliked in childhood like
rice and raisin pudding, boiled broccoli, etc.
4. Use transformation techniques like transliteration,
where "photografic" becomes foTografik, interweaving
of characters as in "iron horse", which becomes
ihrOrnSe, etc.
5. To avoid bad passwords you must not use dictionary
words, foreign words, simple transformation of words (7eleven),
names and double names, alphabet sequences, or keyboard
sequences, short words, words with vowels removed, etc.
Del Armstrong and John Simonson in www.seas.rochester.edu:880/CNG/docs/Security/security.html
say that "A good password is easy to remember, but
hard to guess". As you have to change your passwords
from time to time, the second item above is very important
since all experts advise passwords owners not to write
them down in any circumstance. So if you´re thinking
that you could use a very long German word like Überschallgeschwindigkeit,
supersonic speed, where Ü is alt-154, forget it -
it is in the dictionary and if you are not German it would
give you a big headache to remember. Stick to the advices
given by the experts.
Related news:
";
while ($row = mysql_fetch_array($sql_result2))
{
$news_id = $row["news_id"];
$title = $row["title"];
$url = $row["url"];
$image2 = $row["image2"];
$image_visible2 = $row["image_visible2"];
if(($colcounter=='1') && ($image_visible2=='Yes'))
{
echo "
|
|
";
}
if(($colcounter=='2') && ($image_visible2=='Yes'))
{
echo "
|
";
}
if(($colcounter=='3') && ($image_visible2=='Yes'))
{
echo "
|
";
}
$colcounter++;
}
echo "
";
//Create the SQL statement
$sql3 = "SELECT news_id, title, url, image2, image_visible2 from $NewsTable WHERE visible='$visible' AND publishing_time<'$nowtime' AND (description LIKE '%$keyword1%' OR description LIKE '%$keyword2%' OR description LIKE '%$keyword3%' OR description LIKE '%$keyword4%' OR description LIKE '%$keyword5%') AND image_visible2='$image_visible2_2' ORDER BY news_id DESC LIMIT 1,3";
//Execute the SQL statement
$sql_result3 = mysql_query($sql3, $link) or die ("Couldn't execute query: " .mysql_error() );
$colcounter = '4';
while ($row = mysql_fetch_array($sql_result3))
{
$news_id = $row["news_id"];
$title = $row["title"];
$url = $row["url"];
$image2 = $row["image2"];
$image_visible2 = $row["image_visible2"];
if(($colcounter=='4') && ($image_visible2=='Yes'))
{
echo "
|
|
";
}
if(($colcounter=='5') && ($image_visible2=='Yes'))
{
echo "
|
";
}
if(($colcounter=='6') && ($image_visible2=='Yes'))
{
echo "
|
";
}
$colcounter++;
}
echo "
";
while ($row = mysql_fetch_array($sql_result))
{
$news_id = $row["news_id"];
$title = $row["title"];
$url = $row["url"];
echo "- $title
";
}
echo " ";
//Close connection
mysql_close($link);
?>
|
|
