If your network is compromised, identity thefts could use your company's customers credit card numbers and social security numbers to destroy their lives. And it's not only your company's customers who are going to suffer. When the source of the security breach is traced to your company, the result will be a negligence lawsuit.
Welcome to Bucaro TecHelp!

Welcome to Bucaro TecHelp!
Maintain Your Computer and Use it More Effectively
to Design a Web Site and Make Money on the Web

[About BTH]  [User Agreement]  [Privacy Policy]  [Site Map]  [Contact Form]  [Advertise on BTH]  [News Feed]
Google
Web
This Site

Implementing a Secure Password Policy

By Stephen Bucaro

I don't need to tell you the importance of good network security - but I will. If your network is compromised, competitors could obtain information about where your company gets their resources, steal your company's research, learn your company's marketing plans, and other sensitive information that could destroy your company's competitive advantage. The loss of competitive advantage could require your company to reduce its labor force - in other words you could lose your job.

If your company's network is compromised, identity thefts could use your company's customers credit card numbers and social security numbers to steal their identities and destroy their lives. And it's not only your company's customers who are going to suffer. When the source of the security breach is traced to your company, the result will be a negligence lawsuit. And after you get a reputation for being incompetent in the area of network security, try to get a network administrator job at another company.

Having a secure password policy is the front line of network security. What good is a firewall and ant-virus protection if hackers can easily log on and have their way with your network? A secure password policy requires the following steps:

* Require users to create secure passwords
* Configure your system for password security
* Disable default administrator accounts
* Create a Written password security policy
* Continuously communicate the password policy

How a Password Cracking Program Works

Hackers trying to break into your company's network will use a password cracking program. The program runs continuously on one or more computers. At predefined intervals it attempts to logon to your company's network using the next username and password in sequence in its dictionary. After a predefined number of failed attempts, it will wait for a predefined interval before making another attempt.

A password cracking program is not so aggressive that its activities are easily detectable. You'll never know about the hacker's activities unless you carefully analyze your server logs. A hacker will continue to run the password cracking program for years. They have lots of patience because, after all, they are just sitting watching TV while the password cracking program trys to break into your company's network. And when it finally breaks into your system, the hacker can sell your company's customers personal information for hundreds of thousands of dollars.

Require Users to Create Secure Passwords

Your job, as network administrator, is to force you users to create passwords that are very time consuming for the password cracking program to discover. In order to do this, users must create passwords that are not at the beginning of the password cracking program's dictionary. If one of your users thinks it's cute to use the name of their pet as a password, I can assure you that the word "scooter" is very close to the beginning of the cracker's dictionary. Your networks security might not last the week.

Computer Networking Sections
Network Troubleshooting and Support

[Site User Agreement]  [Advertise on This site]  [Search This Site]  [Contact Form]
Copyright©2001-2007 Bucaro TecHelp P.O.Box 18952 Fountain Hills, AZ 85269