Skip to main content

Overcoming Password Woes - A Presentation

With our recent change to everyone's password and the hardening of some of our standards, we've understandably got a bit of internal confusion over passwords. I decided to not only sort out our internal problems but also give our users some great tips for their internet passwords.

Here's a presentation I've prepared for our users. I've stripped off branding and names so that
you can use it in your own organisations. You have my permission to reuse it as you see fit.



Comments

Graham Dodge said…
All good stuff ... I liked the system of taking the first letters from a memorable phrase so that I can easily remember my password is 'mhall1fwwas' by combining 'Mary had a little lamb its fleece was white as snow. with a number/letter swap for the 'i'.

There are so many memorable phrases in IT:
* "No Computer Will 3ver Need More than 640k Of Ram".
* "Trust Me... 1'm A Consultant".
* "This 1s Another Fixed Price Development Project From ".
* "We Have Now Assigned To Your Project Because 1s No Longer With The Company".
* "1 Did Not Have Sex With That Woman".
.
grumpy_coder said…
Gavin,

Excellent presentation. I practice something similar, but I apply a basic principle with passwords.

I classify systems/web-sites into 2 categories, mission-critical, and non-mission critical.

For mission critical things like email passwords, I use a couple of super complex passwords. Whenever I register for non-critical sites that "need" an email account to verify my identity, I use a couple of non-critical passwords for those accounts.

The point being, if these other sites get hacked, they will see my email account and probably try the same password. So, if the password is vastly different between mission critical things and gaming sites or whatever, there is a reasonably good barrier to entry in trying to get to really sensitive stuff.

The other thing to is eliminating identity theft. Usually you will put your birth date or some other personal info into these sites as well. Designers of these sites are also inviting hackers to build a better profile of you. So, also, have a fictitious birth date. So, don't be too liberal with your personal identity, otherwise it's not going to personal for long.
Gavin Bollard said…
Great ideas guys. I know that this won't provide the most "perfect" passwords but there's a fine line between being too secure and too difficult. ... especially with our users.

Popular posts from this blog

How to Change Your Notification Options for New Lotus Notes Mail in version 8.x

Don't worry, I'm not patronizing you (my readers), I just decided to re-document this for one of our internal users and thought you might want to be able to use it in your own user documentation. WHAT IS THIS DOCUMENT ABOUT? Some people who don't get a lot of mail, like to be notified when such an event occurs. Notification can be; via a sound via a pop-up box via the system tray (where the computer clock is) The pop up box looks like this; Other people, who like myself, get too much mail would rather not be notified. The aim of this document is to tell you how (and where) to turn these options on and off. CHANGING YOUR SETTINGS To change your settings from the Notes 8.x client; On the Menu, click File , then Preferences... On the left hand side , click on the little plus sign to the left of Mail to expand the options. Click on the option marked Sending and Receiving . In the middle section, under receiving, you can control your notifications. If you untick the box mark...

How to Create a Bootable DVD Using Nero Burning ROM 9

I often need to create bootable CDs and DVDs but it's weird because I frequently end up buring myself a new coaster instead. It's not that the process is difficult, just that nero has a few too many options and I forget which ones to choose and end up picking the wrong one. I figured that the best way to avoid this mistake in future would be to write the steps down. Procedure Insert CD or DVD into your DVD Burner. Start Nero Burning ROM 9 Choose DVD-ROM (Boot) or CD-ROM (Boot) depending on what you're creating You'll be prompted for a disk image source. Choose a Nero Source - you'll usually find them somewhere like this... C:\Program Files\Nero\Nero9\Nero Burning Rom\DOSBootImage.ima Leave the Boot Locale as English - unless you really need a different keyboard layout Tick the box marked [X] Enable Expert Settings Choose Hard Drive Emulation and leave any other settings as they are. Click the button marked New Add any files you want but don't try to add operati...

How to Create an Auto-Response Mail Message in Lotus Notes 8.5.3+

Why would you do this? Suppose that you have an externally accessible generic email address for your company; support@mycompany.com or info@mycompany.com. You might expose this to the web and allow people to send messages to you. Setting up an auto-response email will tell the senders that their message reached its destination and that it will be dealt with accordingly.  It's also good practice to include links to FAQs or other useful information. Why 8.5.3 The techniques we'll be using here work in older versions of Notes but some of the options seem to have moved around in 8.5.3.  I figured it was a good time to show you where they've moved to. The Procedure Start Domino Designer and open the Mail file to be modified.  A really quick way to do this is to right-click on the application tab and choose "Open in Designer". In the Left hand panel of designer, expand Code and then double-click Agents.  A new window should appear. Click the action ...