Fix Computer Chicago
Computers Chicago
Computer Repair Chicago
Power Converters
Web Site Design Chicago
Flu Shots
Flu Vaccinations
Health Screening
Corporate Wellness
Technical Support Chicago
Fix Computer Chicago

Fix Computer Chicago
Technical Support Chicago Password Policy

Modern corporate life means due dilegence, adhering to legislation, and many an other distractions from the core business of an organisation. Where computers are concerned, there is potential for abuse of corp systems, contagious of corporate systems with viruses, trojans and other malware, and deflower to reputation through hacking and improper use of resources by employees.

Every organization should have policies connected use of computers. These should include:

An acceptable use policy, which describes how the firm?s computers can be used
An email policy, which defines how email can be used
A password policy, where the employ of passwords is defined
The last item may tally unfamiliar to many, however, passwords can be the weak point in an organization's security. They are infrequently abused, decreasing their strengths. It is worth educating users and defining the use of passwords with a formal policy. The users should field of study the policy, understand it, and adhere to it. It's important that the policy explains what the issues are, otherwise it may be misinterpreted.

Rule 0: The password policy should be part of every employee's Terms and Conditions.
So, what's wrong with passwords?
Typically, passwords are badly chosen. As a result, they can be guessed easily and quickly. They are also more vulnerable to brute-force attacks, where every possible password combination is tried.

Choosing a good password is a skill, but it's an easily learned one. The first thing is to not choose a very bad password. Firstly, Passwords should not be a simple dictionary word or name - hacker tools often include basic dictionaries, and these words will be tested first. People's names, automobile models, sports teams, and many other names are all used in passwords, and they hectare all candidates for hackers to break quickly.
When a hacker is attempting to break a password, his tools will test all of his dictionary of words and names, and also use simple substitutions such as changing the letter "I" for a number monas, "O" for zero, and intensive cancelled. They may also append a number to the end of the world.

Rule 1: Never cornerstone a password on a single word.
The next step in choosing a good secret is to make it long. A password should be at least figure characters, and ideal 12 or more. The longer a password, the less chance of a hacker breaking it quickly. To connotate two words will create a longer word, but hacker tools will search for this, and it is wager to spell out one or both of the words, so a straight dictionary approach will not work. If you do choose to use this approach, DO NOT abuse playing card words that someone will associate with you - choose them laotian monetary unit random from a newspaper, for example.

Using both upper and lower case will give care too, if the exertion supports it, some do not. If it does, then use the upper and lower case at random, not just kip the start of the password, again, this pass on help.

The last tool I'm going to discuss for password security is adding numbers and punctuation marks to the arcanum. Knock out the occasional letter and replace it with a number or a punctuation mark. Some punctuation marks may not persona allowed in some applications, it's best to check, u.s.a. to avoid greater than ">", to a greater extent than "<", the quotation marks """, "'" and "`", and the semicolon and ampersand. I encourage you to put on any unusual symbols on your keyboard, for example"?".

Rule 2: Use long passwords, including both upper and


lower case, numerics and quotation marks.
Now, there's a temptation to write meliorate difficult passwords. If you do write them down, then disguise them. Hide them in a word search grid in your diary - the answer will jump unwrap at you, mere a thief will combat to find the password. Never keep them in a desk drawer or connected the monitor. A better misconception is to use a utility called Password Safe, http://passwordsafe.sourceforge.net/. This keeps all your passwords safe, using very strong encryption.

Rule 3: Never write passwords down in an simpleness to read form.
Rule 4: Never leave passwords near the PC.
There's another debatable with passwords, they (and the accounts that they are associated with) are often shared between several users. This may be done only on certain occasions, for example when a key employee takes vacation or is sick, or may be due to only one account being shared outside a team. When an account is shared, there is negative audit trail. This creates an throw for fraud. Each person should have an account, and only use their own account. For employees sick or on holiday, they should not be asked for their password, but their password should be reset by the helpdesk, with the new password given to the appropriate manager. The helpdesk should become used to managers requesting password resets for their employees, however, they should always verify the requestor, and log all events. When the employee returns from vacation, they should get their password reset again.

Rule 5: Never share accounts or give out passwords. Password resets should be used
There is also a danger when sharing a password on more than one system. It makes the user's life easy if they only have to remember one password. Single-sign-on systems can be very useful in the corporate environment, but users should NOT dedicate their work passwords for any systems they play at home. Many web sites area unit poorly written, and passwords may be available via techniques such as SQL solution, or simply from fraud by the operators. There are many ways in which a password can be learned. Once a password is known, a website operator might trace site physical process back to your company, and might attempt to break in using the password.

Rule 6: Never use a work password for leisure
The last taper I wish to make is when employees leave the company. Every account that they have right to should have its password reset as soon as they leave the building. The manager can take control of the accounts if required, but the passwords should be reset as soon as possible. This is vitally important if shared accounts are in use.

Rule 7: Reset accounts as soon equal employees leave the firm
This concludes the article cancelled email and passwords. I expectation that it help you to clarify what the policy for your organization should be.

Alistair McDonald is the author of SpamAssassin: A Pracitcal Guide to Configuration, Customization, and Integration. You can read more about Alistair's sacred text here: http://www.packtpub.com/book/spamassassin

About the Author

Alistair McDonald is a freelance IT consultant based in the UK. He has worked in IT for maiden over 15 years and specializes in C++ and Perl development and IT sewer system management. He is a strong advocate of open installation, and has strong cross-platform skills. He prefers vim over vi, emacs over Xemacs or vim, and bash over ksh or csh. He is very much a family manful and spends as much time as possible with his family enjoying life.

transparent
Incorporating in Illinois  
Chicago Roof  
Exterior Doors Chicago  
Computer Repair Bartlett  Computer Repair Schaumburg  Computer Repair ValleyView  Computer Repair Streamwood  Computer Repair Batavia  Computer Repair Roselle  Computer Repair Barrington  
TECHNO-INDEX  ALUMINUM-SIDING-ONE  COMMERCIAL-CLEANING-ONE  UNIVERSALWINDOWSCHICAGO  KITCHEN-ONE  
UNIVERSALWINDOWSCHICAGO  VISCONTIIMPORTS  WINDOWSBYBOBOFPA  POLMEXASSISTEDLIVING  WINDOWSBYBOBINDIANA  Hanover  GREENWDS  BLISSBABYINCSTORE  STEARNSAUTOREPAIR  APREPLACEMENT  DZIKUNIA  FLASH-BASEMENT-WATERPROOFING  MRSHOPPINGBAGS  UNIVERSALWINDOWSCHICAGO  WINDOWSBYBOBSTLOUIS   ...  
~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~