Lavasoft News - December S2006

Passwords: One Piece of the Privacy Puzzle

In our technology-centered world, passwords are used to secure everything from bank accounts to cell phones, not to mention computers. Developing strong passwords is a necessary way to protect private cyber information, but exactly how to do this is up for debate.

Should we create strong, complicated passwords that we cant remember, but need to write down - whether its stored on paper or electronically - widening the security risk of them being accessed by another party? Or should we use passwords that are simple enough that we can commit them to memory, but increasing the risk that they can be more easily cracked?

There is no exact science for creating strong passwords. Conventional wisdom from security professionals can help to set a few basic guidelines.

The pros advise that you should never simply use words that are found in a dictionary. Instead, mix characters and numbers in a way that is memorable to you.

When selecting numbers, do not choose ones that may be personally identifiable to you; your birthday, Social Security number and phone number are off limits.

Always use different passwords for accounts that involve monetary transactions. The only thing worse than having one account cracked into, would be to have all of your accounts cracked into. It is also a good idea to change your passwords regularly.

It is not easy to follow these rules, and try to commit passwords to memory. The rampant use of little yellow Post-it notes, cluttering all of our desktops or jammed into our wallets is a telling sign of this.

Keeping passwords secure at the office is not any simpler, and may have larger implications.

According to a recent study by Nucleus Research and Knowledge Storm, one in three workers undermines company security by writing down computer passwords.

Technological shortcuts lie in more advanced methods like biometrics, smartcards, and even password management software, which are all available options, especially for companies looking to ease security risks.

 

Home  arrow

 
Quick Buy: Ad-Aware SE Plus, Professional & Enterprise *offer ends 31/12/2006
In the spirit of giving this holiday season Lavasoft is giving you 15% off all Ad-Aware SE products Plus, Professional and Enterprise the entire month of December. Take advantage of this merry deal and keep yourself and your loved ones spyware free!

* Please enter the following coupon code to retain your rebate: zz46tv12x8c

Holiday Shopping Stats
American consumers will spend more than $32 billion in holiday Internet purchases this year.
Source: Jupiter Research

As many as 12 million people could fall prey to ID theft in some form 40% of them between mid-Nov. and Jan.1.
Source: LifeLock Inc.

Trojan horse

Term of the Month
A zero-day attack is a virus or other exploit that takes advantage of a newly discovered hole in a program before the developer has made the fix available, or sometimes even before they are aware the hole exists. "Zero-day" is the day you open the virus-infected e-mail or get hit by a drive-by download because the anti-virus or anti-spyware software you keep up-to-date knew nothing of the attacks.
Read more at Wikipedia here.

Tech Tips
Attention Windows Users: If Microsoft Windows is your main operating system, be sure to visit Microsoft Security Updates and stay on top of all of the security patches that Microsoft releases on a monthly basis. Ongoing Microsoft vulnerabilities underscore the need to:

1) Regularly update your operating system with the latest patches, and

2) Maintain active virus, hacker, spyware and other identity theft protection.

Lavasoft AB
Lilla Bommen 1
411 04 Gothenburg
Sweden

www.lavasoft.com
editor@lavasoft.com

Page footer