Information Systems: Password Security
Student’s Name
Institutional Affiliation
Information Systems
How Strong Passwords Are Constructed
Information technology systems have security encryptions and measures that aim to make them secure. An information system should only be accessible to the intended users; therefore, to avoid unauthorized access, such systems are protected by passwords. For sufficient protection, the passwords should be strong enough to prevent any intruders from illegally accessing the network. In constructing strong passwords, the following types of character sets should be used (Mackie and Yildirim, 2019).
- A strong password should have a minimum of eight characters. The longer the password, the more secure it is. The eight characters should be a mixture of numbers, special characters, and letters.
- The password should consist of both lowercase and uppercase characters.
- The password should not consist of numbers only or letters only. It should utilize both.
- A secure password must incorporate at least one unique character. For example, @, #, &
To keep the system secure, the password should be changed regularly within a span of 3 to 6 months. Besides, it should be replaced anytime there is suspicion that the password might have been illegally accessed (Charoen, 2014). A user should not replicate his/her password in all systems. The advantage of using the same password and username on various systems is that it is easy to remember. However, using the same password for several systems is a security risk. If an intruder accesses a password for one system, he/she can use it to access your other systems (Mackie and Yildirim, 2019). That makes all your systems vulnerable and under risk of unauthorized access.
Penetration testing is a process that tries to evaluate the safety of an information system by safely exploiting its weaknesses. It is also called ethical hacking, and it entails trying to hack the system to establish how secure it is (Core Security, 2020). It uses unique technologies to try and compromise servers, web applications, wireless networks, endpoints, among other vulnerable points of access. Such an exercise helps the developer to fix weak points, meet regulatory standards, and identify potential risks.
References
Charoen, D. (2014). “Password security.” International Journal of Security. https://www.cscjournals.org/manuscript/Journals/IJS/Volume8/Issue1/IJS-131.pdf
Core Security. (2020). “What is penetration testing?” https://www.coresecurity.com/penetration-testing
Mackie, I. & Yildirim, M. (2019). “Encouraging users to improve password security and memorability.” International Journal of Information Security. https://www.researchgate.net/publication/332352346_Encouraging_users_to_improve_password_security_and_memorability