2008-05-13

Manage Your Passwords Effectively

You will be storing your vital personal and business-financial information on the web and possibly others’ data as well; it is vital to manage this vital and sensitive information effectively, so here are a few tips on password data; How to and not to: store, choose, use, transmit, share, change, and destroy passwords and other vital computer data.

Store
• Create a file to collect passwords and to cut-and-paste from, but do NOT title it “passwords”.
• Dedicate a binder to vital computer data, but again, label the binder something other than “passwords”.

Choose effective-secure passwords
• Do not use a password more than once.
• Do not use a dictionary word.
• Use at least six characters.
• Use a random combination of upper and lower case characters, both alphabetical and numbers.
• Avoid using characters that are hard to distinguish, namely, “l” (lower case L) & “1”, and “O” (zero) & “0” (upper case “o”).
• Use a password generator:
https://www.grc.com/passwords.htm
Each time anyone views this page, it generates truly random strings of characters. Choose a set at least 6 characters that that you like, preferably one relatively easy to remember or type.
• Use that’s hard to remember, with a way to remember it.
One good way to do this is to think of a book title, such as “The 5 Merry Fisher-men, by Henry Humboldt”. Your password might be t5MFmbHH. It’s not quite “random,” but it is (relatively) secure.
• If you will be taking orders by credit card on the web, your exposure and liability is vast and could be expensive; you will want to learn more and take every precaution, including, possibly, getting insurance and legal advice. (This is not legal advice!)


Transmit and share

• Do not transmit your passwords online.
• Do not share your password.
• Especially, do not share a password between more than one secure, vital financial or email account and any other.
• If necessary to share a password between you and your webmaster, administrator, programmer, or client, give this information by voice, face to face, on the phone, or in writing only, not by e-mail.

Change
• Change your passwords at least annually, all at a set, calendared date, such as new years.
• Change your passwords when the person you have shared them with is done.
Use
• Do not use your passwords on a public computer or in an unsecured wireless hot-spot such as an internet cafĂ©.

Destroy
• Keep all sensitive data in one electronic file and one print file per person. You may want to keep an additional set off-site, away from the office, at home; or, if you work at home, consider having a ‘back-up person’ who will keep an extra copy of your personal and / or business data secure off-site.
• Shred print data when it is no longer useful.
• Overwriting old data, then deleting it, may be more effective than ‘just deleting’ it for most people, since ‘deleted’ data is often retrievable by experts unless the entire hard drive itself has actually been re-written.
• Do not throw away or give away old computers (i.e., hard drives) unless an expert makes certain that all the data is destroyed.
5/13/2008 4:00:16 PM

No comments: