- How-To Booklet
- 1. How to protect your computer from malware and hackers
- 2. How to protect your information from physical threats
- 3. How to create and maintain secure passwords
- 4. How to protect the sensitive files on your computer
- 5. How to recover from information loss
- 6. How to destroy sensitive information
- 7. How to keep your Internet communication private
- 8. How to remain anonymous and bypass censorship on the Internet
- Glossary
- Hands-On Guides
- Avast - anti-virus
- Spybot - anti-spyware
- Comodo - firewall
- KeePass - secure password storage
- TrueCrypt - secure file storage
- Cobian - backup
- Undelete Plus - file recovery
- Eraser - secure file removal
- CCleaner - temporary file removal
- Riseup - secure email service
- Pidgin + OTR - secure instant messaging
- VaultletSuite - secure mail client
- Thunderbird + Enigmail - secure mail client
- Firefox - Web browser
- Tor - anonymity and circumvention
- portable security
3. How to create and maintain secure passwords
Submitted by amir on Thu, 11/20/2008 - 12:43.
Many of the secure services that allow us to feel comfortable using digital technology to conduct important business, from signing in to our computers and sending email to encrypting and hiding sensitive data, require that we remember a password. These secret words, phrases or strings of gibberish often provide the first, and sometimes the only, barrier between your information and anyone who might want to read, copy, modify or destroy it without your permission. There are many ways in which someone could learn your passwords, but you can defend against most of them by applying a few specific tactics and by using a secure password database tool, such as KeePass.
Background scenario
| Mansour and Magda are siblings, in an Arabic-speaking country, who maintain a blog on which they anonymously publicise human rights abuses and campaign for political change. Magda recently tried to log into her personal webmail account and found that her password had been changed. After resetting the password, she was able to log in, but when she opened her inbox she noticed that several new messages were marked as having been read. She suspects that a politically-motivated intruder may have learned or guessed her password, which she uses for several of her website accounts. She is meeting with Mansour, who has less computer experience, to explain the situation and to voice her concerns. |
What you can learn from this chapter
- The elements of a secure password
- A few tricks for remembering long, complicated passwords
- How to use the KeePass secure password database to store passwords instead of remembering them