Whether your goal is to protect sensitive company data — or to keep co-workers from reading your personal e-mail — passwords will help. But not just any password will do. Passwords can keep prying eyes from seeing what they shouldn't if you take the time to create strong ones and if you follow some simple rules of password maintenance.
How effective are the passwords you currently use? Ask yourself a few questions:
You should change your PC password regularly, and Windows XP makes it easy to do. Simply open User Accounts in the Control Panel and pick the user account where you want to make the password change. Click on the option to change or reset your password — the wording may vary depending on which version of Windows XP you use. You can also create a password for your account if you don't currently use one.
- Do I use passwords that someone could easily guess — like my birthday or my child's name?
- Do I use common words found in the dictionary for my passwords?
- Do I routinely check the box next to "Remember this password" so I don't have to type them in every time?
- Are my passwords written down where someone might find them?
- Do I use the same password for everything?
If you answered yes to any of the questions, the data on your computer is vulnerable. Your passwords are not working as hard as they could be.Why Am I Vulnerable?
Here's why the very common password practices noted above put you at risk and what you can do to fix them:Easy guesses:
If someone in your office has access to your computer, it's likely they also know something about you. So avoid using your name or the names of family members or pets as passwords. Avoid using information that's commonly known or readily available such as your address, birthday or hobby. Common words:
Hackers can use programs that identify passwords based on dictionary words in multiple languages. Avoid using common words for your password. It is safer to use a combination of letters, numbers and symbols.Automated passwords:
When you check the "Remember this password" boxes often encountered on websites, you'll typically see logon screens pre-populated with dots or asterisks instead of your password when you visit these sites. This can be dangerous if others have access to your computer. Inexpensive, even free, programs are readily available that can decode the dots and asterisks. The best option is to avoid using stored passwords, but either way, make sure your Windows logon is configured with a strong password that you type in each time. That way, you eliminate the opportunity for someone to snoop around.Writing passwords down:
Passwords are only useful if you can remember them, but writing them down on a piece of paper and leaving the paper where someone might see it isn't a good alternative either. We'll talk about ways to create memorable passwords later. But if you have lots of passwords, you might consider storing them in an encrypted format on your PC. Protect them with a really good password that you'll be able to remember. Using the same password:
Many people use the same password — or some variation of it — for everything. That reduces the need to remember lots of different passwords. However, it also means if someone figures out your password once, they can access everything you've password-protected. Not only is it a good idea to have different passwords, it's also a good idea to change them frequently.What's a Strong Password?
A strong password will typically have the following characteristics:
- It's at least eight characters long — and the longer the better
- It includes upper and lower case letters, as well as numbers and symbols
- It is changed frequently
- A new password is significantly different than the previous one
Based on these criteria, the following are examples of strong passwords:
Those passwords would be difficult to crack — but they'd also be difficult to remember, especially if you have a number of passwords with that level of complexity.Creating Strong and Memorable Passwords
Computers running Microsoft Windows XP Professional, Windows Small Business Server 2003 as well as Windows NT and Windows 2000 all support strong passwords. They also support pass phrases, which can be easier to remember. Examples of pass phrases might be:
- I ate 13 (!!) fruits in Hawaii.
- 3 shoes @ the store cost $92.
Another approach is to select a phrase, but use only the first character of every word. For example:
- Ocw13iJ.! (Our cat was 13 in Jan.!)
- Mcif&h@17. (My cat is fat & happy @ 17.)
Another trick for creating easy to remember passwords is to string a couple of words together with numbers and symbols. For instance:
There are several ways to make pass phrases easier to remember. Since you'll be changing them every few months, you might want to look to an upcoming event or something that holds special significance for you. For instance:
Once you've created strong passwords or pass phrases, there are three ways to make sure they remain effective:
- Always log off when you leave your PC unattended
- Change your passwords at least every 90 days
- Don't share your passwords with anyone
By putting the power of strong passwords to work, you'll help ensure your confidential information stays that way.