Password policy
An effective
password policy is a key element of the strong information security. It
helps avoid password interception and prevent a potential attack.
Password-protected
information
Passwords
were first introduced in the 1960s to protect individual and
organizational information. Since then, the conception of a reliable
password has become much more elaborate. Password selection now plays a
vital role in information security.
To
protect your information against a potential attack, you need to
implement a strong password policy as part of information security
strategy. Password policy is a set of rules concerning accessibility,
length, types, characters and symbols of the password and the frequency
it is changed.
Password policy
rules
The
most useful approach to password policy is to view password-associated
risks differently in different environment. Passwords must be
hard-to-guess, however they should be memorable. The risk of password
interception increases greatly if the password is written down on paper
or stored in a specific file. Passwords must not include personal
information, names, solely numbers or common words, as these are
vulnerable to dictionary attacks. Strong passwords should contain at
least seven to eight characters in a random combination of letters,
numbers and symbols. To memorize a complicated password, one can use a
mnemonic technique or a phrase, replacing each character in the
password with a word.
Good
password:
-
Must
be hard-to-guess
-
Must
not include personal information
-
Should
contain at least seven to eight characters in a random combination
of letters, numbers and symbols
It
is wise to use different passwords to access different files and
computers. If the same password is used next to everywhere, a single
successful attack will open access to a wide range of information for
the attacker.
All
passwords should be replaced periodically to prevent further abuse if
an attacker obtains access to the protected file or computer. However,
the new password must not resemble the previous one and be relatively
easy to memorize.
Passwords are useless if anyone can recover
temporary files. One could read your password protected MS Word
document by recovering temporary file created by MS Word. Consider using Shred Agent background file shredder utility. This
tool deletes securely even temporary
files. |
Password policy
and information accessibility
It
is a hard thing for information security to balance efficiency with
convenience. Most often, information must be secure yet all-time
available. Too much security may bring undesired results, as it can’t
improve human memory performance. The practical solution is to create a
strong password policy that works in the specific environment.
Find
Protected is an utility to force Password Security policy
Find
Protected allows to detect incidents, when one break Password Security
Policy.
-
Prevent
using password protection for not-sensitive documents
-
Prevent
information leakage, when one keep sensitive file in non-secure
location
-
Prevent
in-appropriate using of password protection (for example, password
protection of personal files)
You
can download now an evaluation version of Show Hidden Files program. Download
Show Hidden Files.
Visit
Ordering page to obtain more information about pricing. Visit
Ordering Page.
Visit
Support page to ask some question about Show Hidden Files. Obtain
support.
YOUR FEEDBACK
Please, let us know what you
think about this article:
|