A Password Tutorial
Good passwords are our first line of defense against hackers. Usually, a hacker needs an account on the system they intend to hack. Keeping everyone's password safe and secure prevents us from being an easy target.
- About email
Email is not secure. You should *NEVER* send a password in email. (Naturally, this would apply to credit cards numbers as well.) Email often bounces or gets sent to multiple people so that it could end up in the wrong hands. If you need to communicate a password, do it over the phone, or do it via the "talk" function on unix.
- Good passwords
Passwords should be at least 7 characters long and should be as unguessable as possible. I generally try to include at least one capital letter, number, and special character. There exist libraries of words that hackers use to try and crack passwords. The first library they'll use is one consisting of women's names. The second is a dictionary. See the file included below for password tips.
A good password scheme might be to take the first letter from each word of a song you know, or a phrase. E.g., S!itn0l = Stop! in the name of love. Note the use of a capital (S), an number (0), and a special character (!). Easy to remember, hard to crack.
- Different passwords
You should have a different password on each machine. That way, if a hacker gets one of your password, they won't automatically have access to all your accounts.
- Changing passwords
Passwords should be changed every 1-2 months. Some people may argue sooner, but there has to be a balance between security and convenience.
- User's passwords
Finally, if you come across someone who has a simple password, or who hasn't changed it in eons, have them change it or change it for them.