OpenSRS: Reseller Friendly since 1999
 

Changing your password is a great New Years' Resolution

By: James Koole on January 8th, 2009
Posted in: Reseller Resources
Tags:
Comments: 0

Passwords are in the news these days, and the news is not good. A great example was the result of some recent hacking that included the Twitter accounts of people like US President-elect Barack Obama, and Britney Spears. It turned out that the password protecting the administrative area for Twitter was ‘happiness’ – not very smart.

Another recent story making the rounds has to do with what’s been referred to as the “Worst 500 passwords of all time.” A hacker has a good chance of breaking into an account by simply running this list of common passwords against the login system.

The takeaway for Resellers? Change your password. Especially if you see yours on that list. But either way, it’s a good practice to change your passwords on a regular basis and also to make sure you choose strong passwords. Also, it wouldn’t hurt to educate your users about passwords.

Garrick Lau, who heads up our own security efforts here at Tucows, has some suggestions for choosing passwords. He suggests that any password you use should at the very least:

  • have at least 6 characters
  • should never contain the words that can be found in the dictionary
  • should contain characters from three of the following categories:
    • uppercase letters
    • lowercase letters
    • numbers
    • non-alphanumeric characters (eg. %, $, @)

Garrick also suggests changing passwords often, and not reusing passwords across different sites. For example, don’t use the same password for your OpenSRS account that you use for your email account. He also says not to use the same email account for registrations as it becomes the single point to access all the keys of your kingdom via the “forgot password” function if that email account is compromised.

While a super-strong password is ideal, it’s sometimes hard to remember. Printing out passwords is okay, as long as you keep that printout safe (keep it in your wallet, but don’t stick it to your monitor, for example). And don’t do something foolish link storing them in a simple text file on your computer desktop with usernames and passwords plus the URL for each site.

Whatever you do, changing passwords often is a great habit to have. Changing your Reseller Web Interface password is really easy. Here’s a very short screencast showing exactly how to do it in under 40 seconds:

While you’re changing that OpenSRS password, think about security on your other systems. How many of you use the same password for everything you do online? Hackers know this is common and once they get one of your passwords, they’ll try different services to see if you reuse passwords like many people do.

In short, start with passwords and resolve to make security front of mind this year and in the future.

Comments are closed.

Become a Reseller

Sign Up Now
 
 
Categories
Subscription Options
Archive