The magazine of the Melbourne PC User Group The Problem Of Passwords - for the bookshelf Major Keary |
Passwords: we must have them, but they can be a pain for both system administrators and end users. There is a delightful book from Syngress, Perfect Passwords: Selection, Protection, Authentication, that shows how to remove the pain (well, most of it). No technical knowledge is required, but that is not to suggest the content has been 'dumbed down'. This is a serious text about a technical subject that encompasses a number of concepts and principles, but it has been written in exceptionally clear language that should make it comprehensible to ordinary readers.
Passwords don't have to be like "@!%#''')—(+$ "", and they can be in a form that is easily remembered; they need to be long, changed at proper intervals, never recycled or used for multiple purposes, and conform with a set of principles. There are twenty pointers for a perfect password and readers will find them in Mark Burnett's book.
The author begins with a brief summary of password basics before discussing the enemy: password crackers. It is important to understand the threat and the techniques used to attack passwords, and this chapter is an interesting account of the topic. Readers are then taken through the things that make passwords strong: randomness; diversity of characters used; length (it does matter); and not allowing a password to age (the longer in use the less secure it becomes).
The practical side of passwords follows: how to make passwords convenient (tricks for memorising, ease of typing, storing passwords, and the problem of key loggers); how to build strong passwords; examples of bad passwords; authentication issues; and how administrators can defeat the smart alecs who devise ways to defeat the system.
This is an essential resource for anyone concerned with, or about, the security of passwords. It is relevant to
the needs of individual users through to system administrators in large organisations. Once you start reading this book it will be hard to put down.
|
Mark Burnett: Perfect Passwords: Selection, Protection, Authentication ISBN 1-59749-041-5 Published by Syngress, 181 pp., RRP $48.00 incl. GST |
 |
Reprinted from the June 2006 issue of PC Update, the magazine of Melbourne PC User Group, Australia
