Changing Passwords is sheer wasting of time, claim some people, hitting at the conventional method of internet security. We have known that cryptic strong passwords provide personal internet security. But this conviction may be now outdated and even counter productive, exposing us to more and more risks than other users.
How Strong Should A Password Be, For Internet Security?
It is common to find that users are advised to change their passwords into strong ones, ensuring that they contain more than six characters and a mix of characters which never resemble simple words. This strength of password is based on the hunch that such passwords cannot be guessed by hackers. Times have changed and so have methods which criminals deploy.
Servers Should Have Lockout For Internet Security.
When it is clear that passwords do not offer you the best of defenses to you, the researchers have pointed out that internet security is dependent on a variety of policies which the servers should adopt to lockout instruction. While there are some websites who are already adopting such lockout methods, for example, when you fail to login after three attempts, your account is disabled albeit temporarily.
Unfortunately, this kind of lockout method punishes the user, who may have forgotten his/her passwords and logically trying to remember it. There is yet another lockout methods to keep the hackers at bay, in which a ratio is adopted, which is like if you fail to login after ten repeated attempts in a hour, your account may be withdrawn temporarily, which indeed is a better way to treat your user, at the same time locking out the attacks through dictionary method. Remember the attacker may have to try thousands of logins per hour to succeed in getting at the password
No comments:
Post a Comment