CHOOSING AND PROTECTING
PASSWORD
Passwords are a common form of authentication and are often the only barrier
between a user and your personal information. There are several programs
attackers can use to help guess or "crack" passwords, but by choosing good
passwords and keeping them confidential, you can make it more difficult for an
unauthorized person to access your information.
Why do you need a password?
Think about the number of personal identification numbers (PINs), passwords,
or passphrases you use every day: getting money from the ATM or using your
debit card in a store, logging on to your computer or email, signing in to an
online bank account or shopping cart...the list seems to just keep getting
longer. Keeping track of all of the number, letter, and word combinations may
be frustrating at times, and maybe you've wondered if all of the fuss is worth
it. After all, what attacker cares about your personal email account, right? Or
why would someone bother with your practically empty bank account when
there are others with much more money? Often, an attack is not specifically
about your account but about using the access to your information to launch a
larger attack. And while having someone gain access to your personal email
might not seem like much more than an inconvenience and threat to your
privacy, think of the implications of an attacker gaining access to your social
security number or your medical records.
One of the best ways to protect information or physical property is to ensure
that only authorized people have access to it. Verifying that someone is the
person they claim to be is the next step, and this authentication process is
even more important, and more difficult, in the cyber world. Passwords are the
most common means of authentication, but if you don't choose good
passwords or keep them confidential, they're almost as ineffective as not
having any password at all. Many systems and services have been
successfully