Powerful Passwords
Most PCs and lots of personal data, such as bank records and Web mail ac¬cess, are guarded only by a username and password. Usernames are fairly easy to guess and often pre-filled in, so you need to make sure your passwords are strong-not easily guessed or cracked by "dictionary" attacks that throw mil¬lions of letter combinations at the dia¬log. Many of the most widespread Inter¬net worms have built-in dictionaries of common passwords, and once they are running on your system, they can attack your computer and others on your net¬work.

* Don't use any part of your user name, full name, address, birth date, and so on. This data is readily available to intruders.
* Don't use English or even foreign words.
* Make sure your password is at least six to eight characters long. In fact, the longer the password, the better.
* Use different kinds of characters in your password. At the very least, your password should contain up¬percase letters, lowercase letters, and numbers. If you're comfortable with non-alphanumeric symbols (such as #@!&) or extended ASCII characters (which you can access by holding down Alt and typing on the number pad), use them.
* Change passwords every month to six weeks.
* Don't write your passwords on a sticky note and post it on your moni¬tor.
If you need to keep a repository of passwords, use a utility like RoboForm Pro that keeps an encrypted list of all your passwords under a single master pass¬word. These programs can also gener¬ate strong passwords to your specifi¬cations.
* Don't recycle old passwords or use the same One for several different ap-plications,
* Use a wO!'d you know, but substitute punctuation and numbers for letters. For example, coffee could become COFF33 and Indiana-lones could become.
* Use a passphrase-a group of words, as opposed to a single word. If you're a Beach Boys fan, "It's not a big mo-torcycle, just a groovy little motor¬bike" might be a good pass phrase.
Note that not every security system lets you use passwords this long, or even ones that have embedded spaces. Some e-commerce sites, for example, will al¬low you only 8- to 12-character alpha¬numeric passwords. But since Windows 2000, Windows has allowed passphrases with up to 127 characters.