Security Techniques for Computer network passwords

1, the use of complex computer password

Password-lifting is very effective for simple passwords with fewer lengths. However, if the network user to set a longer password and no obvious characteristics (such as the use of some special characters and the combination of digital letters), then the crack tool to break down the process becomes very difficult, cracked people tend to be poor for a long time to lose patience. Generally believed that the length of the password should be at least 6 digits, preferably greater than 8 digits, the password is best to include alphanumeric and symbols, do not use a pure digital password, do not use the combination of common English words, do not use their own name to do the password, do not use the birthday password.

　2. Use soft keyboard

One of the more common ways to deal with keystroke logging is through a soft keyboard input. The soft keyboard is also called the virtual keyboard, users enter the password, first open the soft keyboard, and then use the mouse to select the corresponding letter input, so you can avoid the Trojan record keystroke, in addition, in order to further protect the password, users can also disrupt the order of the input password, which further increases the hacker to crack the password difficulty.

3. Use dynamic password (one-time password)

Dynamic Password is also called a one-time password, which means that the user's password is constantly changing according to time or usage, and each password is used only once. The dynamic password is very effective for screenshots, because even if the screen cracked the password, only a password was cracked and the next login would not use the password. However, given the cost, most dynamic cipher cards are the original card scraping paper, rather than the real sense of a one-time dynamic password, its security is still difficult to guarantee. The real dynamic password lock uses a special hardware called a dynamic token, built-in power supply, password generation chip and display. Where the numeric key is used to enter the user PIN code, the display is used to display a one-time password. Each time you enter the correct PIN code, you can get a one-time dynamic password that is currently available. Because each password used must be generated by a dynamic token and the user's password is different each time, it is difficult for a hacker to calculate the next dynamic password that appears. But the real dynamic password card cost is about 100 to 200 yuan, the higher cost limits its large-scale use.

　4, network fishing to prevent

The way to prevent phishing methods is that users should be vigilant, do not login unfamiliar sites, do not open the e-mail of strangers, install anti-virus software and timely upgrade the virus Knowledge base and operating system patches. Using a secure messaging system, Gmail usually automatically converts phishing messages into spam, and IE7 and Firefox also have web phishing capabilities, and there are hints about visiting phishing sites.

　　5, the use of SSL to prevent sniffer

Traditional Network service programs, HTTP, FTP, SMTP, POP3, and telnet are inherently unsafe because they transmit passwords and data in clear text on the network, and it is easy for a sniffer to intercept these passwords and data. For sniffer (sniffer), we can use session encryption scheme, all the transmitted data encryption, so that sniffer even sniff the data, these encrypted data is difficult to decrypt the restoration. Currently widely used SSL (secure Socket Layer) can facilitate the security of the implementation of encrypted packet transmission, when the user input password should be used to support the SSL protocol to log in, such as HTTPS, SFTP, ssh instead of HTTP, FTP, POP, SMTP, Telnet, and other protocols. Most of Google's services, including Gmail, support SSL to prevent sniffer eavesdropping, and SSL security verification can securely communicate in unsecured networks.

　6, do not save the password in the local

Saving passwords locally is a bad habit, many applications (such as some FTP, etc.) saved passwords are not designed to be very safe, if the local does not have a good encryption strategy, it will allow hackers to crack the password open the door.

　　7, the use of USB Key

USB key is a hardware device of USB interface. It has built-in single-chip or smart card chip, there is a certain amount of storage space, you can store the user's private key and digital certificates, the use of USB key built-in public key algorithm to achieve user identity authentication. Because the user's private key is stored in the password lock, it can not be read theoretically in any way, so the security of user authentication is ensured. Because the security of the USB key is higher and the cost is only dozens of yuan, the USB key is widely used in the digital certificate encryption of the online bank. After using the USB key, even if the hacker completely remotely controls the user's computer, it will not be successful in the authentication transaction.

　　8. Personal password Management

To maintain a strict password management concept, the implementation of a regular replacement password, can be replaced monthly or quarterly. Never write your password on paper, don't use passwords that are easily guessed by others.

　　9, password grading

Use a different password for different network systems, and use a more secure password for important systems. Never use the same password for all systems. For those forums that occasionally log on, you can set a simple password, and you must set it to a complex password for important information, e-mail, online banking, and so on. Never set up the same password for a forum, email, or bank account.

　　10. Biometric feature recognition

Biometrics refers to the identification of individuals through the computer, using the inherent physiological characteristics or behavioral characteristics of the human body. Commonly used biological characteristics include: fingerprint, palm, iris, voice, handwriting, face image and so on. Biometric identification is a simple and reliable technique of biometric cryptography, biometric identification is the human self, because each person's biological characteristics with the uniqueness of other people, as well as in a certain period of constant stability, not easy to be forged and counterfeit, so you can maximize the security of personal data. At present, the most popular feature recognition technology in the market is fingerprint machine and hand-shaped machine, both of which are the most mature in the current technology development.

The above is currently very applicable to the ten commonly used network password security measures, through these measures, can improve the security concept of network users, protect personal confidential information, improve the online trading system security index.

　7, the use of USB Key

USB key is a hardware device of USB interface. It has built-in single-chip or smart card chip, there is a certain amount of storage space, you can store the user's private key and digital certificates, the use of USB key built-in public key algorithm to achieve user identity authentication. Because the user's private key is stored in the password lock, it can not be read theoretically in any way, so the security of user authentication is ensured. Because the security of the USB key is higher and the cost is only dozens of yuan, the USB key is widely used in the digital certificate encryption of the online bank. After using the USB key, even if the hacker completely remotely controls the user's computer, it will not be successful in the authentication transaction.

　　8. Personal password Management

To maintain a strict password management concept, the implementation of a regular replacement password, can be replaced monthly or quarterly. Never write your password on paper, don't use passwords that are easily guessed by others.

9, password grading

Use a different password for different network systems, and use a more secure password for important systems. Never use the same password for all systems. For those forums that occasionally log on, you can set a simple password, and you must set it to a complex password for important information, e-mail, online banking, and so on. Never set up the same password for a forum, email, or bank account.

　10. Biometric feature recognition

Biometrics refers to the identification of individuals through the computer, using the inherent physiological characteristics or behavioral characteristics of the human body. Commonly used biological characteristics include: fingerprint, palm, iris, voice, handwriting, face image and so on. Biometric identification is a simple and reliable technique of biometric cryptography, biometric identification is the human self, because each person's biological characteristics with the uniqueness of other people, as well as in a certain period of constant stability, not easy to be forged and counterfeit, so you can maximize the security of personal data. At present, the most popular feature recognition technology in the market is fingerprint machine and hand-shaped machine, both of which are the most mature in the current technology development.