Creating Strong Passwords
It's a fact: Computer users hate passwords. Some just leave the password blank or are inclined to use an extremely simple (and obvious) password, such as password, test, or their user name. Others attempt to be a little more secure by using a special date or the name of a spouse, pet, or favorite sports team. Still others, thinking they're being more secure, use random words that occur to them. None of these approaches is any match for a sophisticated password-cracking program, which can usually correctly ascertain such passwords in a matter of minutes. (For more information about password cracking, see Recovering a Lost Password.

The following common practices—widely understood and exploited by attackers—must be avoided to maintain security:

Using a word found in any dictionary, including foreign-language dictionaries
Using the names of people, pets, places, sports teams, and so on
Writing down your password on a note stuck to your monitor or placed in your top desk drawer
You can defend against password-cracking programs by using strong passwords. Ultimately, such passwords can also be cracked, but it can take months instead of hours. In the meantime, attackers have moved on to easier targets. And if you're following best security practices, you'll have changed to a new strong password before the current one is cracked. A strong password

Contains at least eight characters
Contains a mixture of uppercase and lowercase letters, numerals, and symbols
Changes periodically and differs significantly from previous passwords
Does not contain your name, user name, or any other words or names
Is not shared with anyone
Unfortunately, such gobbledygook passwords can be as difficult to remember as they are to crack. You can, however, use some mnemonic tricks to create and remember them.

One effective approach is to distill an easy-to-remember phrase into a difficult-to-crack password. For example, you could use the phrase "Security is everyone's business" to come up with this password: Sie1'sbs. History buffs might use the title of the World War I marching song "It's a Long, Long Way to Tipperary" to create the seemingly random, yet memorable, password IaL,LW2T. You get the idea.

Another trick is to take a memorable phrase ("It was the best of times") and intersperse its initial letters with a memorable number (such as your anniversary). Using a date of March 18 (3-18) yields this password: I3w-t1b8ot.

Not everyone agrees that your password must be an unpronounceable collection of apparently random letters, numbers, and symbols. Some experts argue that such cryptic passwords are less secure than ones made up of several words interspersed with numbers and symbols, because you're almost certainly going to write down a cryptic password. You can find an interesting discussion of password security in "Ten Windows Password Myths," an article written for SecurityFocus by Mark Burnett

Libellés : Creating, Passwords, Strong, Windows