Question: Our district has recently adopted what seems to be ridiculously strict guidelines for user passwords. Is this really justified?
The IT Guy says:
Password security is more important than ever, and will continue to grow in importance in the future. If someone obtains or guesses your password, either through using a sophisticated computer program or knowing the name of your pet or favorite sport, he/she can virtually do business as you online.
All organizations, educational or not, should adopt and enforce strict password security requirements. What is a secure password? For openers, a secure password should include both numbers and letters. Some letters should be capitalized, and the password should be case-sensitive. The password should NOT include any words that can be found in the dictionary, even as part of the password. It is best if the password does NOT end with a number.
Why all the fuss? As computing power has increased and the cost of computers has gone down, it has become easier and less expensive for dishonest people to use computer programs to hack passwords. By following the above guidelines, and forcing users to change their passwords periodically, organizations can decrease the likelihood of user passwords becoming compromised and used for illicit purposes.
The recent behavior of your IT department may seem paranoid and over-the-top, but they are likely acting prudently and in the best interests both of you as an individual and of the organization as a whole.
Next Tip: Skpe and IP –based Telephony
