The purpose of
having a logon process is to establish who you are. Once the operating system
knows who you are, it can grant or deny requests for system resources
appropriately. If a bad guy learns your password, he can log on as you. In
fact, as far as the operating system is concerned, he is you. Whatever you can
do on the system, he can do as will, because he’s you. Maybe he wants to read
sensitive information you’ve stored on your computer, like your e-mail. Maybe
you have more privileges on the network then he does, and being you will let
him do things he normally couldn’t. Or maybe he just wants to do something
malicious and blame it on you. In any case, it’s worth protecting your
credentials.
Always use a
password-it’s amazing how many accounts have blank passwords. And choose a
complex one. Don’t use your dog’s name, your anniversary date, or the name of
the local football team. And don’t use the word “password”! Pick a password
that has a mix of upper-and lower-case letters, number, punctuation marks, and
so forth. Make it as long as possible. And change it often. Once you’ve picked
a strong password, handle it appropriately. Don’t write it down. If you
absolutely must write it down, at the very least keep it in a safe or a locked
drawer-the first thing a bad guy who’s hunting for passwords will do is check
for a yellow sticky note on the side of your screen, or in the top desk drawer.
Don’t tell anyone of them is dead.
Finally,
consider using something stronger than passwords to identify yourself to the
system. Windows 2000, for instance, supports the use of smart cards, which
significantly strengthens the identity checking the system can perform. You may
also want to consider biometric products like fingerprint and retina scanners.
No comments:
Post a Comment