- We've updated CBSNews.com:
- Take the tour
- CBS News.com
- CBS Evening News
- The Early Show
- 48 Hours Mystery
- 60 Minutes
- Sunday Morning
- Face the Nation
- Up to the Minute
Five Rules for Developing a Safe and Sane Password Protocol for Your Small Business
Even with the very latest and greatest antivirus software and the most powerful hardware firewall, your company's passwords could be leaving you open to hackers and phishers. Today's sophisticated cybercriminals can exploit weak passwords in a matter of minutes.
However, you can't expect your employees to remember incredibly long strings of gibberish characters, either. The key to developing good password guidelines for your company is balancing your security needs with the usability concerns of your password protocol.
Here are five rules for developing password guidelines for your company.
1. If it's in the dictionary, it's out as a password. Hackers can easily write programs that will try tens of thousands of English words as possible passwords. These are known as "dictionary attacks," and they have been around almost as long as the Internet. Substituting special characters — @ for a, or the numeral 0 for the letter o are not effective either; dictionary attack programs routinely take these techniques into account as well.
