In How to Secure Your Computer: Maxim #3, I stressed the importance of changing the default username and passwords of all configurable network devices. That’s good advice. But a weak password, one that is easily guessable, is almost as bad as no password at all.

For example, if you use a password that conforms to common patterns that most people tend to use, it can be easily guessed. According to Wikepedia,

Repeated research has demonstrated that around 40% of user-chosen passwords are readily guessable because of the use of these patterns:

• blank (none)
• the word “password”, “passcode”, “admin” and their derivates
• the user’s name or login name
• the name of their significant other or another relative
• their birthplace or date of birth
• a pet’s name
• automobile licence plate number
• a simple modification of one of the preceding, such as suffixing a digit or reversing the order of the letters.
• a row of letters from a standard keyboard layout (eg, the qwerty keyboard — qwerty itself, asdf, or qwertyuiop)

So, the lesson here is simple, and becomes Maxim #4:

Use an unguessable,  or difficult-to-guess password always.

What’s an unguessable password? I’ll cover that in a future post.

Cheers!
The Geek

Have a computer problem? A question about your latest gadget? Click here to Ask the Geek! Kenny “The Geek” Harthun has been playing with geeky stuff since 1965. He’s a Microsoft Certified Systems Engineer with Connective Computing, Inc. providing network, desktop and info security support services to a wide range of clients.