IT Savvy

Passwords are always hard to remember, particularly the higher security versions with numbers, letters, and in some cases even symbols are accepted and recommended.  This is exasperated when common words are not allowed (because “dictionary searches” can be applied to try to crack a basic password).  There is a legitimate way around this, without making it too hard to remember the password as well.

Now “password” is not a good one to use, and is probably the one that is most used, but we can add some extra features to it to make even the worst password a little more secure.

Instead of “password”, consider “pazz1110d”, “P455w0RD”, “pr0Wzz4dpassW0rd” as a few examples.  Not that I am recommending any of these be used, but they are already significantly more secure than the original.

You can use some thing like a Password Strength checker (such as this one from Microsoft)

The above passwords came out with the following results:

password: weak

pazz1110d: medium

P455w0RD: strong

pr0Wzz4dpassW0rd: best

The last one looks hard to remember, true – it is pretty secure, but it is password written in a mirror, with letter substitution.

P455w0RD is still a pretty good result.

If you have received any emails like the following, do yourself a massive favour, and delete them immediately.  There is nothing legitimate about the news item, or especially the included links, and by clicking on any of the links (including the unsubscribe one), you are inviting all manner of evils into your computer.  Our security officer will expand on this in the near future, but in the meantime – be careful out there!

(I don’t remember ever signing up to msnbc.com – did you?  So why would an unsolicited email from them be legitimate?  Apply this same thought process to all emails because it is a minefield, and you only have to step in the wrong place once.)

Email content to follow:

msnbc.com: BREAKING NEWS: Early Morning Coffee Conversation Entices Normally Flavorless Office Staff

Find out more at http://breakingnews.msnbc.com
======================================================
See the top news of the day at MSNBC.com, and the latest from Today Show and NBC Nightly News.

=========================================
This e-mail is never sent unsolicited. You have received this MSNBC Breaking News Newsletter
newsletter because you subscribed to it or, someone forwarded it to you.

To remove yourself from the list (or to add yourself to the list if this
message was forwarded to you) simply go to

http://www.msnbc.msn.com/id/32951920, select unsubscribe, enter the
email address receiving this message, and click the Go button.

Microsoft Corporation – One Microsoft Way – Redmond, WA 98052
MSN PRIVACY STATEMENT
http://privacy.msn.com (http://privacy.msn.com/>)

Speaking of iPhone applications, the ANZ have already jumped on the bandwagon, releasing an ANZ Banking program for the iPhone.

iPhone & ANZ Banking

That’s pretty ‘hip’ of a bank.

Hopefully though (just playing devil’s advocate here), it will be a little more secure than one of the other iPhone applications (a game) that automatically uploaded all the contents of your contacts to their server unencrypted (and without even announcing that it was doing it).  One second you could be playing a silly Bejeweled-type game and the next all your business and personal contacts are getting hammered by phone and email spam.

The problem has since been corrected, but it just goes to show that anything you download onto your computer or mobile device, as innocent as it appears (or is intended), can still completely compromise your security and privacy.

Where it comes to computer security in the current era, the Howard Govenment’s “Be Alert but not Alarmed” message should simply be “Be Alarmed”.