You saw in the previous topic how to protect his password, here are more details techniques. But let's start with a story:
Once upon a time there was a poor lumberjack, who surprised 40 thieves storing their rapines in their safe (a cave). Hearing the leader of the bandits pronounce the password "sesame open! ", the little lumberjack had only to serve after the departure of the bandits. Everyone will have recognized Ali Baba and the forty thieves. This shows that even the best password is at the mercy of an indiscretion of its holder.
The different scenarios.
The multiple terminals we have all contain a more or less important share of ourselves (photos, bank documents, etc.). or our working papers. It is therefore essential to restrict access to others.
- Computers, whether personal or business, must be operated only in user mode. The Administrator mode (Root) should be reserved for software updates and installation. The two modes must have different passwords.
- Smartphones or tablets must also have their blocking codes enabled. It is binding to have to retype it systematically, but these two tools are most exposed to theft.
- Wi-Fi networks are particularly vulnerable to hacking. You should know that automated attack software tries several billion passwords in a relatively short period of time. Therefore, it is essential to make it difficult for them to choose a password larger than ten characters.
What a good password.
It is like the armoured door, an obstacle that must discourage an intrusion into the aircraft by time and the means that will be necessary to break it. There are three fundamental elements to consider.
- The length of the password. The minimum (for a portable device) is 4 to 6 characters when the system accepts them. For Wi-Fi networks and computers the 10 characters are a minimum.
- Complexity is acquired by alternating capital letters and tiny letters, numbers and always if the operating system accepts it, punctuation marks.
- The validity in time that must be as short as possible. The right compromise is to change your passwords every two to three months.
Last obvious but that deserves to be recalled. Every material, every network, every online access must have THE OWN PASSE MOTS.
How to keep your passwords safe.
We've seen the specifics of good passwords, but that's not enough. We must also ensure the physical protection of the latter, through attitudes that must become reflexes.
- When you type your password at the office, there should be no one last on your back (work colleagues, representatives…).
- Always in the office, you should check regularly that no small unknown accessory (keylogger) is connected to a USB port and especially to that of the keyboard.
- Use keychain systems (Mac OS) that require only one password.
- Retaining a password of more than 10 characters is often difficult. It is therefore possible to fabricate a strictly personal phrase such as: "jE ha-e-chieN dE mA neighbouringE-lolA".
Everything that has just been said may seem restrictive, or even bordering on paranoia. However, you should know that 95% of passwords are breakable in … less than 60 seconds by user negligence.