Het
Prikbord
WORLD
WIDE WEB NIEUWS
Het
Prikbord
Zoals
de meesten van jullie waarschijnlijk al weten staan er de laatste
weken interessante aanbieding op voor de leden.
Voor $5 per
maand kunt u uw verzoek kwijt bij ons.
De lokatie van het
prikbord is www.clubholandescr/com/prikbord.htm
WORLD WIDE WEB NIEUWS
http://www.cs.cmu.edu/~help/security/choosing_passwords.html
How to choose good passwords
On this page:
What not to do when choosing a password
The best method for choosing
passwords.
How long does my password have to
be?
What not to do when
choosing a password
Do not choose a password based upon personal data like
your name, your username, or other information that one could easily discover
about you from such sources as searching the internet.
Do not choose a password that is a word (English or
otherwise), proper name, name of a TV shows, or anything else that one would
expect
a clever person to put in a "dictionary" of passwords.
Do not choose a password that is a simple
transformations of a word, such as putting a punctuation mark at the beginning
or end of a word,
converting the letter "l" to the digit
"1", writing a word backwards, etc.
Do not choose passwords less than 8 characters long and
that that are made up solely of numbers or letters. Use letters of different
cases,
mixtures of digits and letters, and/or non-alphanumeric characters.
The best method for
choosing passwords
The single best
method for generating passwords is to do the following:
Make up a sentence you can easily remember. Some examples:
I have two kids: Jack and Jill.
I like to eat Dave & Andy's ice cream.
No, the capital of
Now take the first letter of every word in the sentence, and include the
punctuation. You can throw in extra punctuation, or turn
numbers into digits
for variety. The above
sentences would become:
Ih2k:JaJ.
IlteD&A'ic.
N,tcoWi'C!
As you can see,
the passwords generated by this method can be fairly secure, but are easy to
remember if the sentence you pick is
one that is easy for you to remember.
Please don't use
one of the sentences above to generate your password.
Another password
selection method
If you don't wish
to use the above method, the following method also generates "reasonably
secure" passwords (though not quite as
good as the method above) that may
be easier to remember:
Choose two unrelated words such as:
unix & fun
book & goat
august & brick
Join the words with a non-alphabetic character or two.
Make at least one change (for example, uppercase a letter or add another
character) to one of the words (preferably not just at
the very beginning or
end of the password).
Some example
passwords generated using this method:
unix+fUn
bo!ok29goat
august,=bRICK
Please don't use
one of the passwords above.
How long does my
password have to be?
In general, the
longer a password is, the harder it is for somebody to guess or brute-force it.
Password selection trades off security with
convenience and the ability to
remember it. Eight characters should be the absolute minimum length.
SCS Kerberos passwords may
of practically unlimited length (the limit is at
least several hundred characters). Windows 2000 and Windows XP support a
maxiumum
password length of 127 characters. There are a few cases where you
might run into password length limitations:
Some older Unix systems may only support passwords up to 8 characters,
or ignore any letters after the first 8. This should not be a
limitation if you
login with your Kerberos password to Facilitized SCS hosts.
Some applications for reading e-mail via POP may have trouble with long
(greater than 8 character) passwords. This should only
affect your choice of a
.mail Kerberos instance password, not your main Kerberos password.
Windows 98 and 95 only support passwords up to 14 characters long.
In a Windows
environment, there are certain security advantages to be gained if your
password is 15 characters or longer.
You should avoid
writing down your password or giving it to others. You should especially avoid
writing it down and leaving it in a non-secured
place such as on a post-it on
your monitor or a piece of paper in your desk. If you absolutely must write
something down, we suggest doing the following:
Don't write down the entire password, but rather a hint that would allow
you (but nobody else) to reconstruct it.
Keep whatever is written down in your wallet or other place that only
you have access to and where you would immediately notice if it was
missing or
someone else gained access to it.
It is very common
for intruders to attempt to break-in to systems (both Unix and Windows) at SCS
by trying to guess people's passwords.
Sometimes they succeed, and when they do
it is often because people chose very poor passwords (like "password"
or "administrator").
These break-ins can result in a significant
amount of downtime, lost work, and loss of privacy (for example, if there is
credit card and
other financial data on your machine). Intruders often also
install keyboard sniffers that let them gather additional passwords and put
more machines at risk. They can also conduct dictionary attacks against a
host's password database, and literally try out tens of
thousands of potential
passwords per second, which is why words and simple variants of words are not
good passwords
Additional
information
The following
off-site links will open in a new browser window:
Discusses some misconceptions about choosing passwords under Windows
(and with some application to Unix) and provides
some helpful additional
information about ways to choose good passwords.
Interessante
websites
http://www.pcworld.com/article/id,138310/article.html?tk=nl_spxsld How to spot an email scam
http://www.visuwords.com/
a
visual dictionary
http://www.drawingsofleonardo.org/
de tekeningen van Leonardo da Vinci
http://wikimedia.org/
the Wikimedia Organisation
http://www.compfused.com/directlink/4678/
grappige foto´s
http://www.thinktechnologies.com/portfolio/demos/Blackhole.html
The anatomy of a black hole
http://www.lucellan.com/test/s3.swf
How the planets move around the sun
http://beachestatelagunareal.com/Perfectly_Timed_Photos.html
Kijk
ook even op de Costa
Rica pagina naar
de vele nieuwe interessante links die erbij gekomen zijn
en de links
pagina http://www.clubholandescr.com/links.html
Reisverslagen
Op
de Costa Rica pagina van onze website (
http://www.clubholandescr.com/cr.htm
)
kunt u nu een aantal reisverslagen over Costa Rica vinden , die de
afgelopen jaren in de Hollandse Nieuwe
gepubliceerd zijn:, inclusief
de reisverhalen van Trees van Herpen en Anja Geesink.
Ga eens
kijken en ... als u of uw bezoekers een leuk reis (of verblijf)
verhaal hebben
stuur het op naar de redacteur en ondergetekende.
De literaire pagina
Via
de welkom pagina van onze site kunt u op de literaire pagina komen,
waar u o.a. een lijst met schrijvers onder onze leden
kunt vinden en
meer
dan 40 boekbesprekingen van onze redacteur Trees van Herpen.
Ook
vindt u daar de linksmet de Nederlandse liederen en rijmen, die in de
krantjes hebben gestaan
Vaderlandse
Geschiedenis
De serie verhalen over
onze
Vaderlandse
geschiedenis, die in 8 afleveringen verschenen in de Hollandse
Nieuwe,
staan nu gepubliceerd in één artikel op de
inhoud pagina van onze
website.
http://www.clubholandescr.com/inhoud.htm
Klik op de vlag van Nederland.
Veel Internet plezier gewenst door
Cor
Teunissen