|
|
|
Improving SQL Performance
How do you know how much hardware is really needed by your applications? And what do you do when your applications are overloading your system? The answer lies with improving your SQL performance. You have to tune your hardware SQL server and...
Intranet
Introduction to Intranets
What exactly is an intranet? It's one of those terms that's more thrown around than understood, and has become more of a buzzword than a commonly understood idea. Simply put, an intranet is a private network with...
Microsoft SQL 2000 Disaster Recovery with SANRAD V-Switch - Planning Guide
Designing a disaster recovery system requires planning and
consideration of the available options that will best fit your
company's needs, SLA and budget. With SANRAD DR Solution there
is no need to use Log shipping (which requires extra...
MS SQL / MySQL - A Case Study
Contact: John Malco
Tel: 1-888-898-9699
Cell:
206-799-9696
MS SQL SERVER 2005 POWERS DATA DRIVEN
SITES
Case Study of Two Web Hosting Companies
The release of Microsoft SQL Server 2005 on November 7th 2005
created a buzz...
What to look for in an assembled PC
Not too well versed with the hardware jargon but need a computer? For starters, read Ask these 3 questions before you buy a computer. Once you are sure what you need one for, get cracking. Here is a basic guide to get you started. Do note: while...
|
|
| |
|
|
|
|
Passwords or Pass Phrase? Protecting your Intellectual Property
Passwords or Pass Phrase? Protecting your Intellectual Property
Much has been said on the theory of password protection for files, computer login, and other network access. In the past we used a combination of letters, special characters, and other techniques to try and prevent unwanted or unauthorized access to our computers, resources, and networks. A new theory on passwords is emerging that may help us remember our access codes, be more secure, and generally keep hackers and thieves out of our networks.
A password is a combination of words, letters, and special characters that only the user knows, allowing access to a computer or other information resources. As humans we have a large number of codes and numbers we need to remember every day – such as the key lock on our apartment entries, national identification numbers, automobile license or tag numbers, telephone numbers – it is a large and confusing suite of items we need to memorize.
When selecting a new password or pass code for access to a computer system, most of us understand how difficult it is to remember complex codes, and thus we select something already know n to us, such as names, birthdays, national identifiers, or other known items, and then place a number or character in front of the name or number thinking it is secure. This is easy to understand, as most of us simply do not have an ability to instantly recall large numbers of complex codes.
In a worst case we simply write down the complex code on a piece of paper, and leave it in a desk, our pocketbook, or in many cases taped to the front of our computer monitor.
However, to a hacker this makes access to your network or computer much easier, at they generally only have to learn a couple things about you, and add a few numbers to the front or ending of your personal data – you would be surprised how often this grants access to computers and networks. Ad some good “cracking utilities” to the
hacker’s suite of tools, and you can understand the threat.
PassPhrases are a concept that will help us create more secure, easy to remember safeguards for our computer and network resource protection. A passphrase is a selection of words and/or numbers that are 15 characters or more in length, and are easy for us to remember. A couple examples of a good pass phrases are:
•igotodalaieejdaily
•shehasbeautifulhair
•surfinginhawaiiisgreat
According to Mark Minasi, a noted security consultant, a 15 character pass phrase will require a cracking program the following number of computations to try and break a 15 character pass phrase:
•15 lowercase letters = 1,677,259,342,285,725,925,376 possibilities
•Try a million a second, it’ll take 531,855 centuries/years to break the code
As you can see, this is a pretty good level of security for your resource.
Another concern with passwords is if you forget or lose the password, and are using a utility like Microsoft’s Encrypting File System (EFS), you run the risk of losing all access to your important files if you require a hardware reset of your password. All EFS encrypted files are linked to your login profile, meaning if you encrypt a directory or file with EFS, and you do a hardware reset on your computer, those files and directories are lost FOREVER.
For Microsoft Windows users you can now also use spaces within your pass phrase, however we would not recommend embedding spaces in your pass phrase, as that actually does allow a cracker better access to getting your code – it may help them crack it in 100,000 years rather than 250,000!
About the Author
(About the Author – John Savageau is a managing director at CRG-West, responsible for managing operations and architecture for several of the largest telecommunications interconnect facilities in the US, including One Wilshire in Los Angeles savageau@pacific-tier.com/www.pacific-tier.com)
|
|
|
|
|
|