![]() | |
![]() | |
![]() |
Security Information |
|
![]() |
Passwords or Pass Phrase? Protecting your Intellectual Property
Much has been said on the theory of password protection for files, computer login, and other network access. In the past we used a combination of letters, special characters, and other techniques to try and prevent unwanted or unauthorized access to our computers, resources, and networks. A new theory on passwords is emerging that may help us remember our access codes, be more secure, and generally keep hackers and thieves out of our networks. A password is a combination of words, letters, and special characters that only the user knows, allowing access to a computer or other information resources. As humans we have a large number of codes and numbers we need to remember every day - such as the key lock on our apartment entries, national identification numbers, automobile license or tag numbers, telephone numbers - it is a large and confusing suite of items we need to memorize. When selecting a new password or pass code for access to a computer system, most of us understand how difficult it is to remember complex codes, and thus we select something already know n to us, such as names, birthdays, national identifiers, or other known items, and then place a number or character in front of the name or number thinking it is secure. This is easy to understand, as most of us simply do not have an ability to instantly recall large numbers of complex codes. In a worst case we simply write down the complex code on a piece of paper, and leave it in a desk, our pocketbook, or in many cases taped to the front of our computer monitor. However, to a hacker this makes access to your network or computer much easier, at they generally only have to learn a couple things about you, and add a few numbers to the front or ending of your personal data - you would be surprised how often this grants access to computers and networks. Ad some good "cracking utilities" to the hacker's suite of tools, and you can understand the threat. PassPhrases are a concept that will help us create more secure, easy to remember safeguards for our computer and network resource protection. A passphrase is a selection of words and/or numbers that are 15 characters or more in length, and are easy for us to remember. A couple examples of a good pass phrases are: ? igotodalaieejdaily ? shehasbeautifulhair ? surfinginhawaiiisgreat According to Mark Minasi, a noted security consultant, a 15 character pass phrase will require a cracking program the following number of computations to try and break a 15 character pass phrase: ? 15 lowercase letters = 1,677,259,342,285,725,925,376 possibilities ? Try a million a second, it'll take 531,855 centuries/years to break the code As you can see, this is a pretty good level of security for your resource. Another concern with passwords is if you forget or lose the password, and are using a utility like Microsoft's Encrypting File System (EFS), you run the risk of losing all access to your important files if you require a hardware reset of your password. All EFS encrypted files are linked to your login profile, meaning if you encrypt a directory or file with EFS, and you do a hardware reset on your computer, those files and directories are lost FOREVER. For Microsoft Windows users you can now also use spaces within your pass phrase, however we would not recommend embedding spaces in your pass phrase, as that actually does allow a cracker better access to getting your code - it may help them crack it in 100,000 years rather than 250,000! (About the Author - John Savageau is a managing director at CRG-West, responsible for managing operations and architecture for several of the largest telecommunications interconnect facilities in the US, including One Wilshire in Los Angeles)
MORE RESOURCES: Why NHIs Are Security's Most Dangerous Blind Spot The Hacker News Security Alert: Los Cabos and La Paz, Baja California Sur U.S. Embassy & Consulates in Mexico (.gov) Belarus Weekly: Russian, Belarusian security services plan violent attacks on Belarusian diaspora The Kyiv Independent Remarks at a UN Security Council Briefing on the Political and Humanitarian Situations in Syria United States Mission to the United Nations (.gov) Summit on the Future of Energy Security IEA – International Energy Agency Defense Officials Outline AI's Strategic Role in National Security U.S. Department of Defense (.gov) He was an undercover cop and Dennis Rodman’s security guard. Now, he keeps the Phillies safe Police1 Everything You Need to Know About the Air Defenses Protecting World Leaders at the Pope’s Funeral The Aviationist Signalgate lessons learned: If creating a culture of security is the goal, America is screwed theregister.com NSA targets OT cyber risks with new smart controller security standards for national security systems Industrial Cyber Allegiant flight attendant finds bomb threat just before St. Pete-Clearwater International departure: Sheriff FOX 13 Tampa Bay Get to know new security leaders at OSU-CHS Oklahoma State University Legislature should provide lobbyists with key fobs to bypass new Capitol security screening The Alaska Landmine US House Committee subpoenas Chinese state telecoms over data privacy, national security concerns Industrial Cyber Inside the Fiasco at the National Security Council The Atlantic Safeguarding Your Corporate Leaders Against Rising Security Threats: FP’s Guide on Executive Protection Fisher Phillips ATA Transportation Security Council Recognizes Fleets American Trucking Associations Mobile Applications: A Cesspool of Security Issues Dark Reading Ukraine, allies working on security guarantees potentially similar to NATO Article 5, Zelensky says The Kyiv Independent New Security Perimeter Around Mt. Kolang Gaz La Secret Nuclear Tunnel Complexes Institute for Science and International Security (ISIS) Hyosung Urges Operators of All ATMs to Follow Previous Security Guidance Due to Large-Scale Cyberattacks Business Wire Court grants NM Tech student temporary restraining order against Homeland Security Source New Mexico US Donates Decommissioned Cutters to Tunisia to Bolster Regional Security The Maritime Executive DOJ’s Data Security Program Final Rules Effective – Implications for Telecom Providers NatLawReview.com Remarks at a UN Security Council Briefing on Haiti United States Mission to the United Nations (.gov) Trump Should Have Stuck With Border Security, Not Mass Deportations New York Magazine UN Security Council condemns Jammu and Kashmir terror attack Department of Political and Peacebuilding Affairs King County Security Tips – “Google” yourself kcemployees.com Fiesta goers can expect increased security at main events Texas Public Radio Homeland Security, Riverside County deputies raid business in Pomona FOX 11 Los Angeles Security increased in disputed Kashmir as India vows to punish perpetrators of attack that killed 26 PBS California security firm CEO, workers charged after woman forcibly removed from Republican town hall Los Angeles Times Footage Reveals New York-To-Paris Delta Flight Stowaway Getting Through Airport Security Travel Noire National Security Commission on Emerging Biotechnology’s Final Report Includes Recommendations to Boost Economy and Protect National Security NatLawReview.com Judges Worry Trump Could Tell U.S. Marshals to Stop Protecting Them The New York Times Rome Health to install new security systems Rome Sentinel Joint Press Statement on United States-Japan-Republic of Korea Trilateral Security Coopera U.S. Department of Defense (.gov) Pete Hegseth’s bad calls: Unfit defense secretary is a major security risk New York Daily News Anton’s Security Blog Quarterly Q1 2025 Security Boulevard Associated Press: Civil rights groups sue to restore jobs at Homeland Security oversight offices that were gutted Robert F. Kennedy Human Rights Climate and National Security: Bridging the Divide in Energy Policy Columbia Business School NSA Publishes Recommendations for Smart Controller Security Controls and Technical Require National Security Agency (.gov) Yes, You Can Take Water Through Airport Security—Here's How Travel + Leisure Temple University stepping up security after several students assaulted near campus last week CBS News Trump administration highlights economic growth and national security wins in April 2025 Fingerlakes1.com Windows "inetpub" security fix can be abused to block future updates BleepingComputer Verkada launches executive protection offering Security Systems News New Syrian foreign minister attends UN Security Council in first US appearance since Assad's fall AJC.com Linux 'io_uring' security blindspot allows stealthy rootkit attacks BleepingComputer Increased Security at City Courthouses? Unanswered Questions Baltimore Witness The Role of Smart Security Systems in Addressing Healthcare Demands Security Sales & Integration ‘We need to apprehend him’: $10K reward offered for Family Dollar ‘security guard’ who killed man WSB-TV |
![]() |
![]() |
![]() |
RELATED ARTICLES
Spyware Attacks! Windows Safe Mode is No Longer Safe Many of us have run into an annoying and time-consuming error. With your machine running goofey you decide to run a scan for trojans and spyware. Top Ten Spyware and Adware Threats Identified On December 8, 2004 Webroot, an award winning anti-spyware solution provider, released a press release identifying the ten most significant emerging spyware and adware threats. Most of these you probably haven't heard of and a few may surprise you. Protection for Your PC - Painless and Free! Viruses, Bugs, Worms, Dataminers, Spybots, and Trojan horses. The Internet is a veritable minefield of things that can invade your PC and affect it's Security and Performance. Is Your Email Private? Part 1 of 3 In a word, no - an email message has always been nothing more than a simple text message sent unencrypted to a recipient we choose. So all the email that we so blithely send all over the Internet everyday is neither private nor secure. Whats All This I Hear About Firewalls? At this point, if you've got the whole "turning the computer on" thing down; you are ready to learn about firewalls. Whether you use your computer for business or pleasure, it is important to have a firewall. 8 Surefire Ways to Spot an EBAY Scam E-Mail and Protect Yourself from Identity Theft Ebay is a great site and is used by many to buy and sell new and used Items. It truly is the worlds Largest Garage Sale Unfortunately when an online site becomes as big and popular as E-Bay the scam artists seem to just naturally follow. Web Browsing - Collected Information You may not realize it, but as you are surfing the web all sorts of details are being left behind about your computer and where you have been. Most of this information is used harmlessly in website statistics, but it could also be used to profile you, or identify you as a vulnerable target for an exploit. Online Shopping: 10 Tips For Safe Online Shopping Have you ever bought a product or service from the internet?Yes? Me too. You're not alone?Some of the reasons why most people are shopping online are: they can buy anything at anytime because Internet shopping is available 24 hours, all the time. Secrets On Security: A Gentle Introduction To Cryptography Let us take the example of scrambling an egg. First, crack the shell, pour the contents into a bowl and beat the contents vigorously until you achieved the needed result - well, a scrambled egg. The Importance of Protecting Your PC from Viruses and Spam Today the internet is a mine field of malicious code looking to harm your computer. Hackers want to have access to your PC for both fun and profit. Mail Forwarding - Why Would You Do It? First of all we need to get some terms stated. I have been in the business for just over two years and there is still some confusion over the topic. Corporate Security for Your Home Business The words Corporate Security may conjure up images of a group of techies working in a wire-filled basement room of Microsoft or HP, combating hackers and terrorists online using words like algorithm and encryption. If you own your own business, do not allow yourself to think that security is only for big corporations. SCAMS - Be Aware - And Report When Necessary The Internet is a vast International Network of people and businesses - and a place where people can make a fairly decent living. However, it is also a place where certain unsavory characters can freely roam - to take your dollars and run. Criminals are Fishing For Your Identity What is Phishing? In a typical Phishing attack, a criminal will send you an email which appears to be from a well known company, bank or government agency. The email will direct you to click on a link which directs you to a Website or pop-up box that looks like the company's or organization's legitimate site. Three-pronged Trojan Attack Threatens Security on the Internet Glieder (Win32.Glieder. Clown Internet Scam - An Internet Scam is Currently Targeting Clowns and Other Entertainers I am the victim of an internet scam. It is very hard to write that sentence, but it's necessary in order to warn my fellow clowns, magicians and other entertainers, and to prevent them from being taken for $2,800. Sarbanes-Oxley: A Cross-Industry Email Compliance Challenge Is your enterprise following the rules?The bulk of financial information in many companies is created, stored and transmitted electronically, maintained by IT and controlled via information integrity procedures and practices. For these reasons, compliance with federal requirements such as the Sarbanes-Oxley Act (SOX) is heavily dependent on IT. Avoid Internet Theft, Fraud and Phishing Since its birth, the Internet has grown and expanded to unprecedented, unmanageable proportions. Information, software, news, and much more flow freely through its twisted pathways. Virus and Adware - Fix them Both! We all get the odd virus now and then, but sometimes that one virus could cause so many problems. In this article I shall be going though just some of the problems that these virus software programs can do, and how to fix them. What is Spyware? The most frustrating part of having Spyware on your computer is the sheer feeling of helplessness that is invoked. Your computer slows down, it no longer does what you instructed it to, it seems to have a mind of its own. ![]() |
home | site map |
© 2006 |