Lab 12 Computer Security Basics


Part B: Password Security

Good password security is the first line of defense against any sort of threat on the Internet. A bad password will make even the best security system worthless, so it is important to follow a few basics about good password creation:

  1. Don't use a common word. There are password-guessing tools out there that use common words as a basis for guessing passwords. They even have dictionaries in other languages that they use, so make sure your password is not a common word in any language!
  2. Make sure your password is at least 8 characters long. Short passwords can be easily guessed, and a longer password will reduce the chances that someone will guess your password using a hacking tool.
  3. Give your password letters, numbers, and non-alphanumeric characters (such as ! and $).
  4. Mix upper- and lower-case letters in with your password.

Many people have a "system" for creating secure passwords. One way to make a good password is to start with some phrase that is easy for you to remember, but difficult for others to guess.For example, if you like the song "Stairway to Heaven" by Led Zeppelin, you could take the first letters from each word in the line "And she's buying a stairway to heaven" as the basis for your password, which would create a password of 'asbasth'. From here, you could mix some upper-case letters in with your password to make it 'aSbAsTh'. To make it a little more complex, you could then replace some of the letters with numbers and special characters that look like the letters they replace, making it '@SbA5Th'. Now, since it's only 7 characters long, we can lengthen it a little by adding an exclamation point, so that it is '@SbA5Th!'.

There are also services online that will help you choose a good password. You may have seen these when setting up an e-mail account. Open your browser and visit Microsoft's Password Checker. Try out a few passwords and see how secure Microsoft thinks they are. Try one of your usual passwords (this webpage does not store your password, but it's good to be thinking about this). Try the method above with a favorite song. Think of a few words in the lyrics of the song and take the letters of each of those words to create a password out of. Then, do some of the above steps to strengthen the password.

You can also find many programs or online services that generate secure passwords for you. This secure password generator has options to add punction, caps, or numerals to our password of specified length. However, we should be wary when using these services as they might be unknowingly storing our generated password to use for malicious purposes. Even though we may have created a secure password, we must always be aware that our password could have been potentially compromised. Thus, it is also good practice to regularly change your password, perhaps once every few months.

Answer questions 2-3 in the Lab 12 Catalyst quiz online.