Posts tagged as:

make

How to make Strong Passwords

by Admin on January 5, 2009

Welcome to MaheshKukreja.com. If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

Google Buzz

Following are the rules and guidelines that may help you in creating a strong password that is secure. These are the things that I’ve used over years based on my own interest in the area of keeping passwords safe and secure.

I. Two essential password rules:

Following two rules are bare minimal that you should follow while creating a password.

Rule 1 – Password Length: Stick with passwords that are at least 8 characters in length. The more character in the passwords is better, as the time taken to crack the password by an attacker will be longer. 10 characters or longer are better.

Rule 2 – Password Complexity: Should contain at least one character from each of the following group. At least 4 characters in your passwords should be each one of the following.

  1. Lower case alphabets
  2. Upper case alphabets
  3. Numbers
  4. Special Characters

I call the above two rules combined as “8 4 Rule” (Eight Four Rule):

  • 8 = 8 characters minimum length
  • 4 = 1 lower case + 1 upper case + 1 number + 1 special character.

Just following the “8 4 Rule” will be a huge improvement and instantly make your password much stronger than before for most of you who don’t follow any guidelines or rules while creating a passwords. If your banking and any financially sensitive website passwords doesn’t follow the “8 4 Rule”, I strongly suggest that you stop everything now and change those passwords immediately to follow the “8 4 Rule”.

II. Guidelines for creating strong passwords:

  1. Follow “8 4 Rule”. Like I mentioned above this is the foundation of creating a strong password.
  2. Unique Characters. Should contain at least 5 unique characters. You already have 4 different character if you’ve followed “8 4 Rule”.
  3. Use Password Manager. Strong passwords are hard to remember. So, as part of creating a strong password you need a reliable and trustworthy way of remembering the strong password. Using password management tool to store passwords should really become a habit. Anytime you create a password, note it down on a password manager tool, that will encrypt the password and store it safe for you. I recommend Password Dragon, a free, easy and secure password manager that works on Windows, Linux and Mac. This can also be launched from the USB drive. There are lot of free password manager tools available, choose the one that best suites your taste and use it.
  4. Use Passphrase. If you don’t want to use password management tool, Use Passphrase to easily remember the passwords. You can use initials of a song or a phrase that are very familiar to you. for e.g. “Passwords are like underwears, change yours often!” phrase can be converted to a strong password “Prlu,Curs0!”

III. Guidelines for avoiding weak passwords.

Avoid the following in your passwords. Even part of your passwords should not be anything in the following items.

  1. Password same as username or part of the username
  2. Name of family members, friends or pets.
  3. Personal information about yourself or family members. This includes the generic information that can be obtained about you very easily, such as birth date, phone number, vehicle license plate number, street name, apartment/house number etc.
  4. Sequences. i.e consecutive alphabets, numbers or keys on the keyboard. for e.g. abcde, 12345, qwert.
  5. Dictionary words. Dictionary words with number or character in front or back
  6. Real word from any language
  7. Word found in dictionary with number substitution for word look alike. for e.g. Replacing the letter O with number 0. i.e passw0rd.
  8. Any of the above in reverse sequence
  9. Any of the above with a number in front or back.
  10. Empty password

IV. Common sense about passwords:

All the following points are nothing new and very much common sense. But most of the time, we tend to ignore these items.

  1. Create unique password every time. When you are changing a password for an existing account, it should not be the same as the previous password. Also, do not use incremental passwords while changing it. i.e password1, password2 etc.
  2. Change your passwords for all your accounts once every 6 months. Since passwords have a fixed length, a brute-force attack to guess the password will always succeed if enough time and processing power was available to the attacker. So, it is always recommended to change the passwords often. Schedule an recurring appointment on your calendar to change your passwords once every 6 months.
  3. Never write down your passwords. Creating a very strong password and writing it down on a paper is as bad as creating an easy to remember weak password and not writing it down anywhere. There are several interesting surrey’s done on this subject, where it was found that several people write down the password and keep it somewhere next to the computer. Some of them think keeping the post-it note below the mouse pad is secure enough. You should never write down the password on a paper. If you want to carry your password along with you all the times, use a password manager tool that runs from USB stick and take that with you all the times.
  4. Don’t share with anyone. Anyone includes your friends and family. Probably you might have heard the phrase “Passwords are like underwear, don’t share with anybody”. We teach our kids several things in life. Teaching them about online safety and not sharing the password with anybody should be one of them.
  5. Never keep the same password for two different sites. It is very tempting to create one set of passwords for all your emails, another password for all the banking sites, another password for all the social networking sites etc. Avoid this temptation and keep unique passwords for all your accounts.
  6. Don’t type your password when someone is looking over your shoulder. This is especially very important if you type slowly and search for the letters in the keyboard and type with one finger, as it is very easy for someone looking over your shoulder to figure out the password.
  7. Never send your password to anybody in an email. If you follow #3 mentioned above, this should not be an option. But the reason I’m specifically saying about this is because several hackers send emails as a support person and asking for your user name and password through email. Legitimate website or organization will never ask you for your user name and password either via email or over telephone.
  8. Change password immediately when they are compromised. Even if you have the slightest doubt that someone might have stolen your password, change it immediately. Don’t even waste a minute.
  9. Don’t use the “Remember password” option on the browser without setting the Master Password. Don’t use this feature of the browser to store your username and passwords without enabling the “Master Password” option. If you don’t set master password on the firefox browser, anybody who uses your firefox browser can see all the passwords that are stored in the firefox browser in plain text. Also, be very careful with this option and say ‘Not Now’ in the remember password pop-up, when you are using a system that doesn’t belong to you.
  10. Don’t type your password on a computer that does not belong to you. If possible, don’t use someone else computer that you don’t trust to login to any website, especially to very sensitive website such as banking. It is a very common practice for hackers to use key loggers that will log all the key strokes on a system, which will capture everything you type including the passwords

Related Posts
Related Websites

{ 2 comments }

Expired Domain Traffic – Make Money with It

by Admin on December 20, 2008

Google Buzz

Expired Domain traffic plays an important role in expired domain business. It is a critical element that can create immense value to your domains. All famous expired domains invariably had tons of incoming traffic attached to it. People who are looking for an expired domain are very eager to buy it if it has traffic and links attached to it.

Buying and selling expired domain traffic is a profitable idea that can result in an ongoing online income to your business. Before you wish to sell it to other people, you may need to acquire domain traffic on a consistent basis. There are actually two different modes of acquiring it to your expired domain. One method is to purchase the traffic from a reseller by paying a price while the other is to accumulate it by redirecting the traffic to your domain. Purchasing and using expired traffic involves lots of effort, investing time and money.

This method is also a mode of flipping your domains by adding commercial value to the web pages. While flipping your domain, you may need to collect organic type of traffic that is real and well recognized by major search engines. Once you purchase your expired domains, you will need to create a redirection mechanism on them so that anyone who makes a visit to your defunct sites will be redirected to your main site.

Selling expired traffic through your expired domains require lot of patience and effort as building quality links will always take lot of time. Domain flipping to add traffic is a value based activity that will eventually end up in selling an expired domain for a very high price. Some of the well-known methods that can bring in lots of traffic are:

a) Affiliate a program that not only provides you an ongoing type of income, but also brings a considerable amount of traffic.

b) Flipped domains with a catchy web site and keyword enriched content will provide you an opportunity to sell them at premium prices. Such domains are very good candidates for PPC campaigns and Google AdSense programs. When you use these innovative methods to promote your expired domains, you are adding quality traffic and inbound links.

c) Placing individual web pages based on defunct and non-functional expired domains over the internet and insert outgoing links to your main websites. This simple action may result in redirecting traffic to your other web sites. In the meantime, all defunct expired domains will add invisible value to themselves resulting in increased domain gains.

In essence, expired domain traffic helps you in two distinctive ways:

a) Inflating the inherent value of the domain. Traffic enriched domains can yield you better profits as well.

b)You can also act as an expired domain traffic reseller by selling traffic to other people. However, collecting such traffic is a dicey affair and a difficult task.

In the end, you may need to search for an effective domain flipping system to add commercial value to your domains. Traffic enriched expired web domains can help you set up a strong and highly profitable domain trading business.


Related Posts
Related Websites

{ 0 comments }

</