Passwords – Protecting your website series part 1
Here is the first post for “Protecting your website” series.
Passwords! As you all know a password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource. The password must be kept secret from those not allowed access [via].
Passwords are used in connection strings, directory security, admin areas etc… Most of the time we dont give much importance while choosing a password. Most of the websites require user names and passwords and the list is increasing day by day. On an average I use 25 passwords daily. We also tend to use the same password as we don’t have to remember them all. Here are some tips to choose a better password.
- Don’t use dictionary words : This is not a new tip. Every security related site will ask you not to choose a password which can be found in a dictionary. Choosing a easier password will enable any hacker to find your password with less effort. This includes foreign words, words spelt backwords etc
- Password is not a word : Strong passwords are not usually words. Most often people forget that special characters can be used in a password. Try to use a password which has ! “ £ $ % ^ & * ( ) _ + [ ] { } ; ‘ # : @ ~ \).
- Replace characters with numbers : This is a simple but effective way of generating a strong password. Try to use a password which has numbers in place of some characters. You can replace 1 with i, 4 with a, 3 with e, 0 with 0, 5 with s and so on. Example : c0deg33k5 can be used in place of codegeeks.
- Choose a long password : Most of the sites tell you that your passwords should be atleast 8 characters in length. This doesn’t mean that your actual password should consist only 8 characters. Try to create a password using a long sentence. Example : ikwydls can be used in place of I know what you did last summer. Replacing the above word with the tip 3 makes it more secure.
- Use password generators : Use a good password generator to choose a secure password.
- Check strength of your password : Use a software or a website to check the strength of the password you have chosen. Here is one such Password Checker from Microsoft.
Okay! You have started using a secure password but your job does not end there. Make sure you take care of your password by following these steps.
- Never share your password with others : No matter what, never share your password with others. If you want to share it for something very urgent make sure you change your password the next time you log in.
- Never write down you password : I have seen a PC with a sticky on it (user : admin password : adm1n). Now the password looks secure but what is the use in keeping the password public. Never write it down on your diaries, behind your keyboard etc
- Change it regularly : Believe it or not passwords are like your undergarments change it regularly. If you are a web developer try to force password expiration in your applications.
- Dont use Same password : Its like using the same key for all the locks. Never use the same password for all the logins.
Do you follow any other way for choosing a secure password? Share it with us.
![[Post to Twitter]](http://www.codegeeks.net/wp-content/plugins/tweet-this/icons/tt-micro4.png){kind=icon}
![[Post to Plurk]](http://www.codegeeks.net/wp-content/plugins/tweet-this/icons/tt-plurk-micro4.png){kind=icon}
![[Post to Digg]](http://www.codegeeks.net/wp-content/plugins/tweet-this/icons/tt-digg-micro4.png){kind=icon}
![[Post to ping.fm]](http://www.codegeeks.net/wp-content/plugins/tweet-this/icons/tt-ping-micro4.png){kind=icon}
.jpg)
The best advice I can give about passwords is to use a software to store it. That way you don’t have to remember it – making it possible to create very complicated passwords. I would suggest KeePassX for this.