As per recent analysis 73
percent people use same password for accessing multiple sites, average
number of characters used in a password is 6 and it takes around 3 minutes to crack an average password.
Remembering passwords is becoming increasingly difficult
with ever increasing online functions and tasks. The increased consumer
inclination/confidence towards online shopping/banking/travel etc has lead to
generation of a heap of passwords. On the professional front as most offices
are already computerized you have another set of passwords to remember, such as
the Windows network logon, official e-mail account, your website's FTP
password, online passwords (like website member account), etc. etc. etc. The
list is endless. From office to home to travel you need them all the time. Not
only you need to remember passwords but you are need to keep them strong and
change from time to time.
Some use a common password for access to different systems but
it has the risk that if the common password is hacked then all the resources
can be hacked from e-mail to bank account. So while it is a recommendable
practice to keep unique password for accessing each system, it again leaves us
with the difficult task of managing plethora of passwords.
Using Password
Managers
One of the solutions to this problem is the use of password
manager applications such as KeePass, and LastPass. KeePass is a free open
source password manager, which helps you to manage your passwords in a secure
way. You can put all your passwords in one database, which is locked with one
master key or a key file. So you only have to remember one single master password
or select the key file to unlock the whole database. The databases are
encrypted using the best and most secure encryption algorithms currently known
(AES and Twofish). LastPass is another password manager which offers free as
well as paid services for individual and enterprise password management
solutions.
Using a Private
Pattern
The method of relying on another application/password
manager is good but what about the cases when the system is down/unavailable?
Or what about cases when the password to the password manager is compromised? Any data that is stored no matter how
strong is the encryption or how safe is the place is vulnerable. Till date human brain is the safest place to store
data if we can pull it out accurately when needed.
A solution to this problem is creating a pattern for
generating unique passwords for each site. All
we need to remember is the pattern for generating unique passwords. An
example of a pattern used/suggested by a leading security expert is to split
the pattern into two parts. First component would be the fixed and the second
component is dependent of the domain name of the site you are accessing.
It is important to have the first/fixed part of 7 to 8 characters
as complex as you can remember for example 1BeEradE
Now once you have decided on the fixed part, all you need to
do is create a pattern based on the domain name of the site to be accessed.
Pattern can be of your choice for example to increment or decrement first three
or last three characters of the domain name of the site to be accessed. Let us
say we need to access Flipkart.com and our pattern is to pick the next letter
to the first three characters of the site name. So our password for
Flipkart.com will be 1BeEradEgmj. Our password for snapdeal.com will be 1BeEradEtob.
Using this technique we can remember the passwords to any
site that we access as all we need to remember is ONE fixed password and a
secret pattern. Wish you a Happy and a
safe Browsing!
No comments:
Post a Comment