Monday, December 12, 2011

5 Password Tools for Servers

     Ideally, your server should be an impenetrable fortress, but recent DDoS attacks highlight the security problems even companies that pay thousands or millions to protect their websites face. Nevertheless, nothing is worse than having your server crippled by someone who simply guessed your password. In no particular order, here are five tools to help you have better, stronger passwords:
       1. Bad password List – This is a simple list of the 500 worst passwords that you should most certainly avoid. Unfortunately, people in offices use these all the time, so if you have employees, you need to enforce good passwords.
       2. Online Password Generator – Keep in mind that an online password generator is only as good and secure as the website hosting it, but if you trust PCtools, then this is an excellent way to create passwords, complete with customization and pronunciation guides to help you remember them.      

       3. APG Automated Password Generator For those of you who prefer to roll your own passwords, APG is a Linux/Unix tool that makes it pretty easy to do. It is command-line based, so it works well on a server.
       4. Password Strength Tester – As with the online generator, keep in mind that you are typing a password into a web form, but this is a good tool to help train yourself or your coworkers/employees to make good passwords. It tests for many aspects of strong passwords and gives you detailed results.
       5. Crack your own password – If you are really concerned that someone might be trying to hijack your server, you can use John The Ripper, password cracker, to find out just how easy or difficult that might be. This is a password cracking tool, so please use it only for good.

       Recommended to create strong passwords: A strong password is an important protection to help you have safer online transactions. Here are steps you can take to create a strong password. Some or all might help protect your online transactions:
  • Length. Make your passwords long with eight or more characters.
  • Complexity. Include letters, punctuation, symbols, and numbers. Use the entire keyboard, not just the letters and characters you use or see most often. The greater the variety of characters in your password, the better. However, password hacking software automatically checks for common letter-to-symbol conversions, such as changing "and" to "&" or "to" to "2."
  • Variation. To keep strong passwords effective, change them often. Set an automatic reminder for yourself to change your passwords on your email, banking, and credit card websites about every three months.
  • Variety. Don't use the same password for everything. Cybercriminals steal passwords on websites that have very little security, and then they use that same password and user name in more secure environments, such as banking websites.

0 comments:

Post a Comment