Securing Your Home Network with Strong Passwords

While good internal security starts with user accounts, more important still is the strength of the passwords assigned to those accounts. Far too many users take the easy way out on this one, assigning very common or “guessable” words as their password. In the same way that it’s a bad idea to set your PIN number on your bankcard to 1111 or the combination of your month/year of birth, the same holds true for the password assigned to user accounts. Quite simply, too many utilities exist that can easily guess passwords based on common words, using what it known as a dictionary attack. If you’re serious about security, then be serious about your password – your last name, dog’s name, or “password” just won’t cut it.

Good password security exhibits two main features. The first is that the password should be hard to guess, including a combination of upper- and lower-case characters, numbers, and special characters (such as %@$^~ as examples). The second critical consideration with passwords is how often they are changed. As a general rule, get users on your network in the habit of changing their passwords at least once every 30-60 days, and be sure to assign a password to all user accounts. On a Windows XP or Windows 2000 Professional system, password changes can be made mandatory by configuring Password Policy settings in the Local Security Policy Administrative Tool.

Author: Dan DiNicolo

Dan DiNicolo is a freelance author, consultant, trainer, and the managing editor of 2000Trainers.com. He is the author of the CCNA Study Guide found on this site, as well as many books including the PC Magazine titles Windows XP Security Solutions and Windows Vista Security Solutions. Click here to contact Dan.