Internet security: Password
One of the most important things for interntet business is security. The nature of banking transactions has changed dramatically since the advent of the automated teller machine and the personal identification number (PIN). A PIN, a secret four- or more digit number, is used in combination with an ATM card to verify that the person withdrawing cash from the automated teller is authorized to do so. Without the PIN, the card is useless. Simple but effective.
Computer systems offer a similar security strategy through account passwords, with which users can identify themselves as owners of authorized accounts.
Unlike an ATM system, however, computer users are sometimes free to choose not to have passwords or to select passwords that are not very secure. (For example, how secure would you feel if your PIN for your checking account was an easily-guessible 1234 or worse, wasn’t even needed to use your bank card?). Choosing a poor password or not having any password at all is a bad idea, and we strongly urge against this practice. It’s like playing Russian roulette with your company’s data: The single most effective way to foil Internet intruders is to require a password to enter your computer system.
Nevertheless, for reasons that inevitably seem ridiculous after a break-in, users and systems managers frequently ignore or circumvent this important aspect of system security. Others, not realizing the danger, use vendor-supplied passwords that come with the system, choose a password and never change it, or even write down the password and tape it to their computer!
Here are some road-tested tips for choosing passwords that are both easy to remember and secure:
■ Use a password that is at least six characters long.
■ Use both digits (numerals) and letters.
■ Mix upper- and lowercase letters.
■ Make sure the password isn’t in the dictionary.
■ Change passwords at least every sixty days.
■ Make sure a password is not a name or word associated with you or the account.
Examples of easily guessed passwords would include your birthday, your social security number, your license plate number, your dog’s name, or any word that might appear in a dictionary. Better passwords are those that combine characters and digits in a mnemonic fashion that’s easy for you to remember but difficult for intruders to guess. For example, hi2all and 21ogIN! are impossible for a program to guess, whereas lindal and XcatX are okay but could be better.