Require passwords to be a minimum of eight characters. Passwords of less than eight characters can easily be cracked using the slowest brute-force method. Even with a combination of upper- and lower-case letters, numbers, and symbols, the longest time to crack a six-character password is roughly five hours.
Do not use dictionary words, acronyms, or common permutations in any language. Dictionaries can be downloaded for free in multiple languages, and enhanced wordlists created specifically for use with cracking software are also available.
Require passwords to contain upper- and lower-case letters, numbers, and symbols. A potential hacker would likely give up before a password of sufficient length containing these characteristics is cracked.
Capital letters, numbers, and symbols should not just be used at the beginning or end of a password because the software recognizes this as a common pattern, which shortens the cracking time.
Do not use personal information. Cracking software will try permutations of usernames. It is also easy to obtain personal information such as a user’s address, birthdate, or names of family members.
Limit the number of times a person can incorrectly enter a password. Limiting the number of authentication attempts that can be performed in a certain timeframe prevents password-cracking software from trying thousands of passwords per second. Systems commonly accept three failed attempts before locking a user out of the system.
Restrict document access. Like paper documents stored in locking cabinets, electronic files should be restricted to allow access only to authorized users. Sensitive information should be compartmentalized so a person can access only the information needed
No comments:
Post a Comment