Use Passphrase Rather Than a Password


To prevent unauthorized physical access to your computing devices, use passphrases, rather than passwords. It is easier to create a long passphrase than a password, because it is generally in the form of a sentence rather than a word. The longer length makes passphrases less vulnerable to dictionary or brute force attacks. Furthermore, a passphrase maybe easier to remember, especially if you are required to change your password frequently. Here are some tips in choosing good passwords or passphrases:

Tips in choosing a good passphrase:

  • Choose a meaningful statement to you

  • Add special characters, such as ! @ # $ % ^ & * ( )

  • The longer the better

  • Avoid common or famous statements, for example, lyrics from a popular song

Recently, United States National Institute for Standards and Technology (NIST) published improved password requirements. NIST standards are intended for government application but can also serve as a standard for others as well. The new guidelines aim to provide better user experience and put the burden of user verification on the providers.

Summary of the new guidelines:

  • 8 characters minimum in length, but no more than 64 characters

  • No common, easily guessed passwords, such as password, abc123

  • No composition rules, such as having to include lowercase and uppercase letters and numbers

  • Improve typing accuracy by allowing the user to see the password while typing

  • All printing characters and spaces are allowed

  • No password hints

  • No periodical or arbitrary password expiration

  • No knowledge-based authentication, such as information from shared secret questions, marketing data, transaction history

Click here to learn more about the improved NIST password requirement.

Even with access to your computers and network devices secured, it is also important to protect and preserve your data.

Popular posts from this blog

Lab – Who Owns Your Data?

Image
In this lab, you will explore legal agreements required to use various online services. You will also explore some of the ways you can protect your data. Lab - Who Owns Your Data
Read more

The LibreJS project is seeking more JavaScript programmers to help maintain this browser extension.

Image
  GNU LibreJS aims to address the JavaScript problem described in Richard Stallman's article  The JavaScript Trap . LibreJS is a free add-on for GNU IceCat and other Mozilla-based browsers. It blocks nonfree nontrivial JavaScript while allowing JavaScript that is free and/or trivial. Downloads Installer It will add LibreJS to GNU IceCat or any Mozilla browser. You just need to give it the permissions it requires. Latest installer LibreJS is also available at the  Mozilla Add-ons site . Due to Mozilla's review process, the version of LibreJS available at the Add-ons site is often outdated. This isn't in our control. As with all Mozilla add-ons,  disabling or removing LibreJS  can be done without restarting the browser, via the Tools/Add-ons menu. This is even simpler in IceCat: the front page has a switch to enable and disable LibreJS. Source files They can be found on the main GNU download server ( HTTPS ,   HTTP ,   FTP ), and its  mirrors . The automatic  mirror selector
Read more