t is not difficult to manage a password, but it is difficult to manage the passwords of dozens or even hundreds of network services. Now we are in the network age, and often need to log into various websites, BBS, mailbox, online banking, etc. These visits often require the authentication of account + password. Therefore, we constantly register users, and we have countless network accounts and passwords. Most people tend to use only a common network username, email address and password for easy memory, which is a very dangerous behavior, because as long as a website accident leaks out the password, almost all registered websites and services will be lost. So, how should we set up online passwords to be relatively secure?
In general, personal password security requires following simple requirements: different passwords for different network systems and more secure passwords for important systems. Never use the same password for all systems. For those who occasionally log in to BBS, you can set a simple password; For important information, emails, online banking, etc., you must set them to complex passwords. Never use the same password for BBS, email, and bank account. The specific setting strategy is as follows:
I. classify the commonly used websites: big websites, small websites, important websites and general websites
1. Big websites
Large websites are reliable and safe ones, such as several portal websites with hundreds of millions of users (tencent, Google, etc.). These websites are theoretically more secure.
2. Small websites
The website outside big website all calculate small website, it is untrustworthy website, the password that keeps on above may leak at any time, and can be password clear text leakage.
3. Important websites
The core websites involved in network use, such as major E-mail, e-bank, online payment, domain name management, etc., will cause personal assets loss or other related website services to be attacked, resulting in huge losses.
4. General websites
Sites other than important sites.
Personal password security policy
2. Classify common passwords: weak, medium and strong
1. Weak password
The easiest to remember, and by default, is the passcode that can be lost.
All kinds of medium and small websites, BBS, community, personal websites.
Why: the security of these sites may be poor, with some just storing the password MD5 and others storing the password in clear text. Hackers can easily steal users' passwords from these sites.
2. Chinese password
A moderately strong password, more than 8 characters, with some resistance to exhaustion.
Medium passwords are mainly used in domestic portals, large websites, portal weibo, social networking sites, etc., but not in major email. Web portals are best tied to cell phone Numbers.
Reason: large sites have better security and are generally less likely to be cracked. Passwords used on large sites can be slightly stronger.
It should be noted that some portal websites (such as sina, sohu, etc.) provide both microblog and mail system. If the system establishes these mailbox by default, it is recommended not to use these mailbox anywhere.
One of the exceptions is tencent mailbox. Tencent mailbox supports separate passwords of mailbox. After setting, users need to input two passwords of QQ password and mailbox password before they can use it.
All game accounts use separate passwords.
3. Strong password
Strong passwords require at least 8 characters, not including user name, real name or company name, not including complete words, including letters, Numbers, special symbols.
Strong passwords mainly used for mailbox, online banking, payment systems.
This kind of website is the most core most important website, the net silver involves the user property security, mailbox can reset the user all registered website password, because this kind of website must use strong password, assure its absolute security.
Password exhaustion for simple length less password is very effective, but if the network users to set the password is longer than some and have no obvious regularity characteristics (such as using some special characters and alphanumeric combination), then exhaustive crackers break process becomes very difficult, crackers tend to long time of exhaustive lose patience. It is generally believed that the length of the password should be more than 8 bits, and it is better to include letters, Numbers and symbols in the password. Do not use pure Numbers, do not use combinations of common English words, do not use your name for the password, do not use birthday for the password.
Iii. Specifications of email use
1. Mailbox type
It doesn't have to be more than one personal mailbox, just two personal mailboxes (except work mailboxes), close those that don't work, or get rid of everything in them, and don't use this mailbox anywhere.
Mailbox is divided into two types: primary mailbox and secondary mailbox, major mailbox is used for major service applications, and general service is used secondary mailbox applications.
Main mailbox preferred Google Gmail, followed by Microsoft Outlook, binding the user's mobile phone, and set up the second step to verify mobile dynamic password, Gmail E-mail and Outlook email support mobile dynamic password, increase mobile dynamic password, the hacker even reset the user's account password, still unable to login to this account, unless the user mobile phone was stolen at the same time. With dynamic passwords, users have plenty of time to fix their passwords through their phones once their mailbox is hacked.
The auxiliary mailbox of Gmail can not be used, or use a can, the security of the auxiliary mailbox must be high, not easy to be breached.
One more thing about access to Gmail is don't use Hosts to access Gmail, and don't put accounts.google.com in the Hosts file, or it could pose a significant threat to Gmail security.
2. Dynamic password setting
For regular users of Gmail, the two-step verification feature is highly recommended. The method is to log into Gmail first, then access the address, and then install an iPhone or Android app according to the prompt, which can realize dynamic password, greatly enhancing the security of Gmail.
Gmail's two-step authentication, which supports iphones and Android phones, is actually a type of dynamic password. Dynamic Password, also known as a one-time Password, refers to a user's Password that changes dynamically according to time or number of times used, with each Password used only once. Since the password used each time must be generated by a dynamic token, and the user USES a different password each time, it is difficult for hackers to calculate the dynamic password that will appear next time. Dynamic passwords, however, are more demanding on phones and require a smartphone like the iPhone or Android.
Google validation: Google Authenticator
In addition to Gmail, tencent QQ inbox is more widely used, need to pay attention to when using tencent QQ email, be sure to set up double password (email password alone), if necessary, open the tencent QQ phone token, QQ phone token is security software is a product of tencent QQ, through the dynamic password authentication for 30 seconds to protect QQ accounts, QQ COINS point Q and game equipment, etc., but the QQ email does not support mobile phone login token way.
Mobile token: tencent dynamic password protection
Many people find dynamic passwords inconvenient and unwilling to use them, which is not true. Convenience is good, security is more important, and the emphasis on managing user passwords adds a bit of inconvenience, but you may be able to avoid huge losses.
3. Email password
The password of mailbox must not be the same as the password of any other website, should use the strong password of 8 bits above.
Mailbox is the core and key in the password management, through the mail to reset the password function, can get the most users password, so once your password is black, can lead to all user password system out of control, dynamic password Gmail trouble some though it may seem, it is not input, every time 30 days on a single computer can enter it again. QQ's mobile phone token can also be set up in various ways to reduce the number of times you enter a dynamic password.
In the process of mailbox use, it should be noted that the main mailbox and the secondary mailbox are used to register different websites, the important service is used to apply by the primary mailbox, and the general service is used to apply by the secondary mailbox. Large sites use complex passwords, small sites and BBS use simple passwords. If the registered website is stolen, the password needs to be reset via email as soon as possible.
For those small websites, the password can only be set as no, because we do not know how these websites save the password, its website may be hacked at any time, so can only guarantee that the registered mail is not hacked, can use its reset password.
4. "recover password" setting
"Password recovery" is a key security setting of mailbox. Many hackers crack mailbox through "password recovery", so how to set the security of "password recovery" is a very important link.
What are the insecure questions in "recover passwords," with "your birthday?" (you enter your birthday on other social networking sites.) "Your name? People who know you well know your name. "Your birthplace? (you can tell where you were born through your id number.) "Your cell phone number? There are too many places to give away your phone number. And so on.
This way, someone else is more likely to reset your email password through some unsophisticated operation.
"Retrieve password", therefore, should be set to a question that only you know the answer, he would not easily tell others, others by normal method is hard to know, for example, "when are you high school like of the person", "what's your high school deskmate's", "what is the name of your best friends since primary school", "what's your first first lover's" and so on, these problems are usually hard to guess others.
Inductive: 1, core mailbox can choose Gmail, enable its two step authentication, because this password is stolen, hacker also cannot enter go, unless the mobile phone also is stolen at the same time. 2. Use this mailbox to register other websites with different passwords. For large websites, use complex passwords, for small websites and BBS, use simple passwords. Use a separate, complex password for your mailbox, not the same password for other sites.
Iv. Specifications of online banking
As little as possible to open online banking, if necessary, the opening of those good reputation, less security incidents, such as China merchants bank's online banking. It is better to apply for a USB Key after the use of digital certificate after online banking. The USB Key USES double-key encryption, and the private Key is safely kept in the Key. In the environment of network application, it can be more secure, which makes up for some defects of dynamic cryptographic lock single Key encryption. Since the user's private Key is stored in the USB Key password lock, it can not be read in any way in theory, thus ensuring the security of user authentication. Unless a hacker has access to a user's USB Key's physical hardware, it's hard to break into the user's online bank.
The bank withdrawal password should not be the same as any other password. The online bank password should not be the same as the withdrawal password, nor the password of other websites.
To pay treasure for, must install digital certificate, pay password and logon password do not want same, affirm pay treasure account to be real name, open mobile phone, mailbox to bind at the same time, if still want to be more secure a bit apply for again pay shield.
Induction: less open online banking, online banking application USB Key with use. The payment password is different from the login password. The password security of bank, Internet bank and main E-mail is the most important and needs to be protected. E-bank USES a separate complex password, not the same as email and other websites.
Five, the summary
Password is the key of personal network information security. In today's network is very developed, online Trojan virus, we should make good design on password security, to ensure the security of online banking, online, online transaction security, information security follow described above personal password security policy, can more effectively improve the safety of users' personal password, to prevent your personal information under threat and attack.
