Home > Security Featured Topic
EMAIL THIS
 Featured Topic:  Password mania
Last Updated: Dec 07, 2002 
We hear again and again that password management is both a user and administrative nightmare. This week, we look again at some of the latest articles, resources and tips to help manage this problem. >> Share your password tips in our anonymous discussion forum
>> Jon Callas or Scott Baetz can answer password questions.
NEWS:
>> Experts: Smart cards have their advantages over passwords (SearchSecurity.com) 22 Nov 2002
>> New worm preys on password promise  (SearchSecurity) 16 Jul 2002
>> Testing password strength gives policy some bite (SearchSecurity.com) 23 Oct 2002
>> Proper password policy is imperative (SearchSecurity) 08 Jul 2002
>> Passwords protect VPNs (Tech Republic) 19 Jun 2002
>> Why passwords will always be a pain (ZDNet) 28 Feb 2002
>> A picture may be worth a thousand passwords (The Wall Street Journal) 27 Nov 2000
>> Passwords don't protect Palm data, security firm warns (CNET) 02 Mar 2001
>> User-friendly and secure passwords (SearchSecurity) 15 Oct 2001
>> Fending off the enemy within (SearchSecurity) 25 Jun 2001
>> Quick Takes: Password management made easy (SearchSecurity) 19 Mar 2002
LINKS:
>> Best Web Links-->Common Vulnerabilities and Prevention Tips-->Password Cracking
>> Best Web Links-->Securing the Desktop-->Passwords/authentication
>> Best Web Links-->Security Management-->Security Policy & Infrastructure
ADVICE:
>> Passwords and authentication
TIP :A look at some password policy rules.
>> Setting up Windows 2000 without a log-in password
ASK THE EXPERTS :

I have a stand alone Windows 2000 machine with several infrequent users. We all use it as Administrator. Some users ...

>> Passwords: Complexity equals easy to forget
TIP :Complexity equals easy to forget; try this policy to get your users to create better passwords.
>> Infosec Know IT All Trivia: Secure passwords
TIP :Strengthen your passwords with the information you'll learn taking our trivia.
>> CORRECTION: Password re-use bypass
TIP :Watch out for this password security loophole in Win2k.
>> Passwords based on events
TIP :David Wall advises drawing upon life events to create secure passwords.
>> Passwords with symbols and numbers
TIP :This simple tip allows users to secure the password of their choice.
>> Password variations for multiple accounts
TIP :Learn to create password variations for multiple accounts with this tip.
>> Keeping passwords to sensitive accounts safe
TIP :Here is a tip on keeping passwords to sensitive accounts safe from end users.
>> Password shadowing across Unix platforms
ASK THE EXPERTS :I'd like to implement password shadowing across a few Unix platforms. From what I've read, HP-UX doesn't support shadow ...
>> Securing the Domain Administrator password
TIP :SearchSecurity member Marty Puzio offers this tip on securing the Domain Administrator account.
>> Stop password farming
TIP :A searchSecurity user offers two tips for putting an end to password farming.
>> Dropping the vowels in passwords
TIP :This user submitted tip offers an easy alternative for creating simple passwords.
>> Awareness campaign for nontechnical users
ASK THE EXPERTS :I am responsible for deploying information security across our IT infrastructure. How do I explain the importance of ...
>> Memorize your password
TIP :Here's a tip for remembering passwords.
>> Theme-related passwords
TIP :User Mark Waugh offers this tip for encouraging safe passwords.
>> Random passwords
TIP :You'll discover a wealth of obscure passwords with this tip.
>> Guidelines for creating secure passwords
TIP :Consider these guidelines for strengthening the security provided by your users' passwords.
>> Creative user education
TIP :Educate your users with these creative tips provided by searchSecurity member Michelle Levine.
>> Non-dictionary passwords users can remember
TIP :Here's a tip for generating creative passwords.
>> Pattern-based passwords: Easy to remember non-dictionary-based passwords
TIP :Here is a tip on how to generate passwords that are not found in the dictionary and are easy to remember.
>> Changing local admin passwords easily
ASK THE EXPERTS :A generally accepted security practice is to make passwords expire. With 1,000 computers to manage, is there a way to change ...
>> Verifying an encrypted password against a shadow password file
ASK THE EXPERTS :I'm doing a project named Webmail (with Linux/Perl as backend). When a user registers on our site by giving a username and ...
>> What is password shadowing
ASK THE EXPERTS :What is password shadowing, and what are its benefits?
>> Recovering lost passwords
ASK THE EXPERTS :How do you recommend an ASP enable customers to recover lost passwords? Letting them request their password by e-mail is ...
>> Obfuscated password storage by fictitious telephone numbers
TIP :A searchSecurity members offers this handy tip for creating passwords.
>> Strong passwords with Win2k
ASK THE EXPERTS :Windows 2000 Advance Server supports card key or token authentication so users do not have to remember a complicated/strong ...
>> Acronym-based passwords
TIP :SearchSecurity user Keith Langmead offers this tip for creating secure passwords using acronyms.
>> Password file issues
TIP :Aeleen Frisch offers advice for password maintenance in this tip.
>> Password variations for multiple accounts
TIP :Learn to create password variations for multiple accounts with this tip.
>> Keep it (really) simple
TIP :SearchSecurity member David Heydecker offers this tip for password security.
>> Mnemonic-based passwords
TIP :SearchSecurity member Mark Farrar offers an alternative method for creating passwords.
>> Recovering lost passwords
ASK THE EXPERTS :How do you recommend an ASP enable customers to recover lost passwords? Letting them request their password by e-mail is ...
>> Secure passwords that are already written down
TIP :You need look no further than your desk for these secure passwords.
>> Disabling the option to save a password on Internet Explorer
ASK THE EXPERTS :We run a Netscape proxy that we use to authenticate our internal users when they go out via the firewall to browse the Web. ...

BROWSE BY TAG
Passwords/authentication,   Securing the Desktop,   Common Vulnerabilities and Prevention Tips,   Password Cracking,   Security Policy & Infrastructure,   Security Management,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Passwords/authentication
Passwords: Do you speak Geek?
Infosec Know IT All Trivia: Secure passwords
Crash course: Authentication

Password Cracking
Week 2: Passwords -- Updating, selecting and recording user and administrative passwords
Infosec Know IT All Trivia: Secure passwords
Crash course: Authentication
Computer Security: 20 Things Every Employee Should Know

Security Policy & Infrastructure
Tier-1 policy overview: Procurement and contracts, records management
Tier-1 policy overview: Corporate communications, work place security
Action-forcing mechanisms encourage policy compliance
Presentation: Essential strategies for policy development
Developing security policies
Best practices: E-mail security policies
Week 2: Passwords -- Updating, selecting and recording user and administrative passwords
What constitutes acceptable use?
Infosec Know IT All Trivia: Policy management
Terminating a system administrator

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

> Security Wire Weekly
> Information Security Decisions Fall 2005
> Battling spyware
> Worms prey on Plug and Play
> Web Security School
View full list of Featured Topics

This week's poll:
What security issue is the most pressing to your company?
Read a related SearchSecurity.com news exclusive



 Security infrastructure 
 Security policies/user compliance 
 Disaster recovery 
 Intrusion-detection systems 
 Operating system security  
 Virus management  
 Employee education 
 Remote security  
 Authentication/Access control 
 Encryption 
Poll participation is restricted to registered members. Not a member? Register. Otherwise, log in:
username:
password:
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts