An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

Home : News : Features : Display
NEWS | Aug. 6, 2009

Carefully select, protect passwords to avoid cyber attacks

By Jennifer R. Lively Information Assurance Manager

LANGLEY AIR FORCE BASE, Va.  –   Passwords are the most common means of authentication, but if you don't choose good passwords or keep them confidential, they're almost as ineffective as not having any password at all.

There are several programs out there that attackers can use to help "crack" passwords, but by choosing good passwords and keeping them confidential, you can make it more difficult for an unauthorized person to access your information.

One of the best ways to protect your information or physical property is to ensure only authorized people have access to it. Verifying that someone is the person they claim to be is the next step and this authentication process is even more important, and more difficult, in the cyber world.

Choosing a password
-Choose a password that is at least six characters long. Currently, the maximum password length on many Unix systems is eight characters, anything after the eighth character will be ignored.
-Have a mix of lower- and upper-case characters, numbers and punctuation marks. Think of an uncommon phrase, and take the first, second or last letter of each word. For example, "You can't always get what you want'' would yield ``ycagwyw." Throw in a capital letter and a punctuation mark or a number or two, and you can end up with ``yCag5wyw."
-Deliberately misspell one or more words
-Avoid common phrases, famous quotations and song lyrics
-Avoid the use of personal information in a password

Protecting a password
-Do not leave it for people to find.
-Never give your password to anyone.
-Beware of attackers attempting to retrieve your password through phone or email scams
-Also, many programs offer the option of "remembering" your password, but these programs have varying degrees of security protecting that information. Some programs, such as email clients, store the information in clear text in a file on your computer. This means anyone with access to your computer can discover all of your passwords and can gain access to your information.
-Log out when you are using a public computer

There's no guarantee these techniques will prevent an attacker from learning your password, but they will make it more difficult.
Staying Connected
Hosted by Defense Media Activity - WEB.mil Veteran's Crisis Line