Se­cu­rity Helpdesk

Your ques­tions an­swered by se­cu­rity spe­cial­ists

Web User - - Stay Safe Online -

David Emm, prin­ci­pal se­cu­rity re­searcher at Kasper­sky Lab ( www.kasper­sky.co.uk)

QOther than chang­ing my pass­words reg­u­larly, what can I do to pro­tect them against hack­ers? Sam Don­nelly, Face­book

AYou should fol­low these guide­lines to keep your pass­word se­cu­rity wa­ter­tight:

• Make ev­ery pass­word at least 15 char­ac­ters long – the longer the bet­ter – and com­bine let­ters (in­clud­ing up­per­case let­ters), numbers and sym­bols.

• Don’t make them eas­ily guess­able. There’s a good chance that per­sonal de­tails such as your date of birth, place of birth, part­ner’s name and so on can be found on­line – maybe even on your Face­book wall.

• Don’t use real words. They are open to ‘dic­tionary at­tacks’, where some­one uses a pro­gram to quickly try a huge list of pos­si­ble words un­til they find one that matches your pass­word.

• Make pass­words unique for ev­ery ac­count: don’t ‘re­cy­cle’ them, for ex­am­ple ‘david1’, ‘david2’ and ‘david3’.

• Use a pass­word man­ager that en­crypts and stores unique pass­words for all your ac­counts in one con­sol­i­dated and pro­tected lo­ca­tion.

• Con­sider a tiered ap­proach to pass­word man­age­ment in­stead of a one-size-fits-all strat­egy. Cre­ate strong, unique pass­words for im­por­tant on­line ac­counts, where a com­pro­mise would have se­ri­ous con­se­quences: for ex­am­ple, those linked to credit cards. But use a sim­pler pass­word for ac­counts where no sen­si­tive per­sonal data is stored.

• Don’t con­tin­u­ally change your pass­word. There’s no need to change it just for the sake of it, and it’s dif­fi­cult to re­mem­ber a new one ev­ery few weeks.

• Don’t save your pass­word – the “save your pass­word” op­tion of­fered by browsers may be convenient, but it’s not as se­cure as us­ing a pass­word man­ager.

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.