Online Identity Theft Protection



             


Friday, June 20, 2008

Selecting a Strong Password to prevent Identity Theft


Maintaining a secure computer is a good defense against becoming a victim of Identity Theft. Use a secure password. By secure, I mean a password that is not easily guessable, such as a word you may find in the dictionary. These types of passwords can ve found by someone using what is known as a "dictionary attack" This type of attack involves using the words that are found in the dictionary and comparing those to a hash that has been generated by the Operating System. If the attack matches the hashes, then the password has been compromised. Don't use birthdays or Social Security Numbers as well. It has been recommended that your password be at least 8 characters long, including small and capital letters, numbers, and special characters.

A password like "alphabet" can easily be compromised. If you were to change it up a little by making every other letter a capital, "AlPhAbEt", this will improve the security. You can then take it a step further and replace the "E" with the number "3", so then your password looks like "AlPhAb3t". Then take the "l" and change it to the number "1" or even the "!". So now the password looks like "A!PhAb3t". It will take a super computer an extremely long time to break this password. At this point the attacker would have to use a method known as "brute force". That means the attacker is taking every possible combination of numbers and letters and special characters and creating a hash to try and match the hash stored by the computer.

To prevent yourself from being subjected to a "brute force" attack, you can set up a security policy that will disable the account after a certain number of unsuccessful attempts.

To further prevent yourself from being compromised since there are programs that can download the hashes stored in your computer, you may want to set some kind of time limit for your passwords. A good example would be that the password would have to be changed every 90 days, and the same password can't be used within a 180 period. This will help ensure that if someone did get the hash of your password, that by the time it is compromised, it would be an obsolete password.

Try to check your logs to see if there have been any attempts on the password. This will certainly let you know if someone is looking at your computer in order to compromise the data that is stored on it.

By maintaining a secure password, you are ensuring that your private information will remain private.

For further information and tips, visit our site at www.whoelseisme.com

Founder of www.whoelseisme.com, we established a site to help those recover from Identity Theft and also how to prevent it from happening.

Labels: , , ,