7 - Password Notes

WARNING:

• If someone gains access to your session (like your CYGWIN, Debian, or PuTTY session where you have ssh public/private key authentication), they may be able to access all of your hosts, posing as you.
• KEEP YOUR PC LOCKED WHEN YOU WALK AWAY.
• KEEP YOUR PASSWORD and PASSPHRASES SECRET
• USE A STRONG PASSWORD / PASSPHRASE
• A good password uses at least 3 of the following (I use all four):
  • UPPER CASE letters
  • lower case letters
  • numbers: 1 2 3 4 5 6 7 8 9 0
  • special characters: ~ ! @ # $ % ^ & * ( ) - _ = + { } [ ] \ | ; : ' < > " , . / ?
• I recommend at least 12 characters for your password or passphrase.
• Why 12 characters you ask?
  • Password cracking is more popular now and computers are faster thus cracking codes takes less time.
  • Many special character have problems on certain systems and on some systems special characters are not allowed in a password and with certain software you can not use the whole range of characters. The characters hash # and quote " and apostrophe ' , backslash \, and asterisk * are common problem characters for passwords. Also @ = + - ( ) [ ] { } < > . ? are often not used.
  • You end up using just 5 or 6 special characters so password cracking is easier than if you actually used the entire set of special characters. To remedy this you just make your password longer.
• Do not use address information, birthdays, family names, and the like for a password.
• Avoid words or phases with repeating characters.
• Do not use common words or default passwords.
• Do not write your password on a note and post it on you monitor or under the keyboard.
• Do use a Password Safe. I have over 150 password protected sites that I visit, each with it's own unique password. I can NOT remember that many passwords and site URL's. I use PasswordSafe (see my Freeware page) to store and track my information. It works and syncs across my desktops, laptops, iPad, iPhone, Android Phone, and LG Pad. There are several good password safes/keepers. Use one!
• Do read more on the DO's and Don'ts of passwords.