How to Secure Your Computer: Maxim #4

In How to Secure Your Computer: Maxim #3, I stressed the importance of changing the default username and passwords of all configurable network devices. That’s good advice. But a weak password, one that is easily guessable, is almost as bad as no password at all.

For example, if you use a password that conforms to common patterns that most people tend to use, it can be easily guessed. According to Wikepedia,

Repeated research has demonstrated that around 40% of user-chosen passwords are readily guessable because of the use of these patterns:

  • blank (none)
  • the word “password”, “passcode”, “admin” and their derivates
  • the user’s name or login name
  • the name of their significant other or another relative
  • their birthplace or date of birth
  • a pet’s name
  • automobile licence plate number
  • a simple modification of one of the preceding, such as suffixing a digit or reversing the order of the letters.
  • a row of letters from a standard keyboard layout (eg, the qwerty keyboardqwerty itself, asdf, or qwertyuiop)

So, the lesson here is simple, and becomes Maxim #4:

Use an unguessable,  or difficult-to-guess password always.

What’s an unguessable password? I’ll cover that in a future post.

The Geek

Have a computer problem? A question about your latest gadget? Click here to Ask the Geek! Kenny “The Geek” Harthun has been playing with geeky stuff since 1965. He’s a Microsoft Certified Systems Engineer with Connective Computing, Inc. providing network, desktop and info security support services to a wide range of clients.