One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 812285 |
| Date de publication | 2018-09-17 13:00:00 (vue: 2018-09-17 17:02:37) |
| Titre | People and Passwords |
| Texte |
In today's world, the Internet is a vast place filled with websites, services, and other content. Most content along with computers and other technology requires a password. The number of passwords a person has to know continues to grow. While it’s safe to say we use passwords to keep your accounts confidential, they can also be very frustrating and inconvenient to create and remember. The outcome is the use of simple, common passwords, same password on different accounts, and habits such as writing passwords.
Weak passwords are common
For example, reports from Techspot.com, Fortune.com, and USAToday.com show, that in 2017, passwords like 123456 and football were two of the top ten most used passwords. Why are such passwords still being used? They are easy to remember. People will often add weak passwords into simple variations where the alpha and number (numeric) strings combined with special characters. For instance, Football and 123456 become Football123456!, a memorable yet easily guessed password.
Current practices require complex passwords
Various companies have released their own best practices. Symantec’s how-to article, for instance, states a secure password is at least eight characters in length, has an uppercase, lowercase, and a number. Take [Football] for example. You can replace the “o” for a “0” and “a” for “@” resulting in F00tb@ll. Here, the updated password meets most policies enforced by many web applications such as Google and Outlook. It has an uppercase (F), a lowercase (tball), a number (00), a special character (@), and meets a minimum length of eight characters. Microsoft, however, takes this a step further in some of their guidelines. They state it must not be in the dictionary or incorporate the name of a person or computer. Guidelines such as those in place, demand a complex password. For example, W#T24.ro5*&F is complex yet painful to memorize.
There is a problem with difficult passwords
People, out of convenience and frustration, will try to circumvent password policies the mentioned. This becomes more prevalent as the policies get stricter. It is hard enough to remember a password like W#T24.ro5*&F. By the time you’ve memorized it, the time has come to change it and you can’t repeat the last 8 passwords. So what do people do? They add or change one or two characters (i.e. W#T24.ro5*&F turns into W#T24.ro5*&F1 or W#T24.ro5*&F123 and F00tb@ll turns into F00tb@ll123 or F00tb@ll321). While password expiration policies are arguably a best practice, they are not common outside an enterprise environment. Many websites, such as banks, do not require you to change your password regularly and those that do, might not have a decent policy on repeating passw |
| Envoyé | Oui |
| Condensat | a for fortune guidelines here it lastpass many microsoft might nist take this while will 100 123456 2017 2cats3dogsrunfar 800 a password about accommodate for account accounts across actor add added adding advised aiding all along alpha also and usatoday any anything applications apply are aren't arguably at least authentication bank banks base because become becomes beginning being best better browser browser's but by lastpass states can can replace can’t cannot change character characters circumvent clarify collection com com show combined come common companies complex compromised computer computers confidential considered content continues convenience couple; coworkers' crack create current dangerous dashlane dates days dealing decent demand dictionary different difficult does each easier easily easy eight enable encourages end enforced engineering enough enterprise environment even everkey everybody everything example expiration f00tb@ll f00tb@ll123 f00tb@ll321 factor find five football football and football123456 for example four free from from frustration frustrating frustration further get gets google grow guessed habits hard has hashes have having how however immune includes including inconvenient incorporate inexpensive instance instead internet is complex it's it’s itself job just keep keeper keeping know last later leads learning length lengthy like longer lowercase make malicious manager managers many mean meets memorable memorization memorize memorized mentioned minimum modern more most much multi must mutli name names need not notably now nuisance number numbers numeric numerical of people of simple offer offers often one other out outcome outlook outside overall own painful passphrase passphrases password passwords passwords into pay people person place place filled point policies policy practice practices prevalent problem with puts recommended regularly released remember remembering repeat repeating replaced reports require requires research responsible resulting reuse risk risky ro5*&f ro5*&f turns ro5*&f1 or w#t24 ro5*&f123 roboforms safe same say secrets secure security service services similar simple social some some password space spaces special starters starting state states stems step stolen store stored strengthen stricter strings strong such supports sure symantec’s takes tball technology techspot ten their guidelines then things those thus time to article today's tool toolkits top try turns two updated password uppercase usage use used users using variations various vast versions very w#t24 want weak web website websites what when where which why will with special words work world worse writing yet you’ve your |
| Tags | Tool Guideline |
| Stories | LastPass |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.