Carolina Connection
Full Internet Service Provider Help Desk
 

 
Home
0
Help Desk
0
Check your Email
0
Status
0
Tools & Tips
0
Services
0
Search
0
Contact Us
0
Gift Certificates
0
Firefox

News & Events

Password Information Page


Password Best Practices

Using a Secure Password is a Best Practice

As a general rule of Internet conduct, users are expected to be aware of the security policies of computers and networks which they access and to adhere to these policies. Unauthorized access to a computer or use of a network is explicitly a violation of Internet rules of conduct and the Carolina Connections Acceptable Use Policy, no matter how weak the protection of those computers or networks (see RFC 1281: Guidelines for the Secure Operation of the Internet).

According to RFC 1281, individual users have a responsibility to use security mechanisms and procedures available to them on their network to protect their data. Users are responsible for assisting in the protection of the systems they use. For systems which rely upon password protection, users should select good passwords and periodically change them. Password guessing and dictionary attacks are common ways of forcing unauthorized entry to networks, and even the best passwords can eventually be defeated mathmatically, given enough time. The use of strong passwords acts as a firm deterrant against password guessing attacks, and buys additional time against dictionary attacks.

These guidelines cover the selection of good passwords and best practices in handling them.

DO
  • Use a password with mixed-case letters. Do not just capitalise the first letter, but add uppercase letters.
  • Use a password that contains alphanumeric characters and include punctuation, where supported by the operating system.
  • Use a password that can be typed quickly, without having to look at the keyboard. This makes it harder for someone to steal your password by looking at your keyboard (also known as "shoulder surfing").
  • change passwords regularly. The more critical an account to network integrity (such as root on a Unix host or Administrator on Windows NT), the more frequently the password should be changed. This change stops someone who has already compromised an account from continued access.
DO NOT
  • Use a network login ID in any form (reversed, capitalised, doubled) as a password.
  • Use your first, middle or last name in any form. Do not use your initials or any nicknames you may have.
  • Use a word contained in English or foreign dictionaries, spelling lists, or other word lists.
  • Use other information easily obtained about you. This includes pet names, license plate numbers, telephone numbers, identification numbers, the brand of your automobile, the name of the street you live on, and so on. Such passwords are very easily guessed by someone who knows the user.
  • Use a password of all numbers, or a password composed of alphabet characters. Mix numbers and letters.
  • Write a password on sticky notes, desk blotters, calendars, or store it online where it can be accessed by others.
  • Reveal a password to anyone.
  • Use shared accounts. Accountability for group access is extremely difficult.

For more information on password best practices or other Internet security issues, contact our office.

__________________________________________________________________


Acceptable Use Policy
For more information, send email to webmaster@cconnect.net,
fax us at (252) 633-1933 or call  (252) 637-8113.
© 2007 Larry Crow.


Regional Access
    Local Interest
The News & Observer
New Bern Sun Journal
WRAL5 Doppler 5000
NC Hurricane Relief Info
The City of New Bern
The City of Havelock
Craven Regional Airport
Tryon Palace
Local Businesses


    Tools
People Finder
Yellow Pages
411 Locate
Vote Online
TV Guide
Stock Quotes
Time and Date
MapBlast
E Greeting Cards
Old Farmer's Almanac
 
 
©copyright Carolina Connection 2007   design by chargerel