InfoSec Password Management: What Are The Guidelines? This guide intends to inform everyone, on the characteristics of a Good Password.
Goal
This guide intends to inform students, faculty, and staff or everyone, on the characteristics of a Good Password, and to provide guidance on how to keep and handle passwords safely.
Requests to
This Guideline extends to all students, and everyone uses systems or application’s username or password, regardless of whether you are an end user or system administrator for that system or app.
Meanings
A good password characterizes the use of expert tools or a password that is relatively difficult to guess in a short time.
Guidelines
There are general instructions for building a good password:
A strong password must have:
Length of at least eight characters
Contain alphabetic characters in the upper and lower case (e.g. A-Z, a-z)
Get a number character at least one (e.g. 0-9)
Have a minimum of one unique (e.g. ~!@#$% ^&*()_-=) Character.
A strong password must NOT have:
Spell a word in a regular dictionary, or sequence of terms
Spell a term with a number to start and finish
It is based on some personal details including user identity, family name, pet, birthday, etc.
Keeping a good password are:
Do not share your password with anyone
Passwords, should not be shared with others. Where anyone wants access to the safe resources of another entity, alternatives for permission delegation should be investigated. For example, Microsoft Exchange would allow a user without password sharing to transfer the control of their calendar to another user. It supports this sort of approach. Except for the purpose of device maintenance, we cannot exchange passwords. An option is to build a new account for the repair individual with a reasonable degree of access.
Upon compromise, change your password
Adjust your password automatically if you believe that someone has hacked your account. Make sure you update your password from a device you normally don’t use.
Use a passphrase instead of a password
A passphrase is a password composed of a series of numerical and/or symbolic characters. A passphrase might be a musical lyric or a favorite quotation. Passphrases have other drawbacks, as they are longer and easy to recall. The passphrase, for example, “My $super str0ng password!” “There are 28 characters in length and the characters are alphabetical, number, and unique. You can also recall it relatively well. We should notice the placements of numerical and symbolic characters in this example as they prohibit the discovery of several terms in a regular dictionary. A login is often impossible to visualize when using blank spaces.
Do not use a password again.
You should stop reusing a previous password when changing a password for your account. When a user account has been hacked before, intentionally or inadvertently, it may again compromise the reuse of a password. Similarly, reusing the password will permit unauthorized access to your account if we share a password for any reason.
Avoid different accounts with the same password
With multiple accounts with the same name, it can also be easy to recall the keys, which helps an intruder to enter multiple devices unauthorized. In dealing with sensitive accounts such as your Andrew account or your online banking account, this is especially relevant. These passwords can be separate from the password used by immediate post, web mail, and other web-based computers.
