1 00:00:00,150 --> 00:00:06,660 In the last couple of lectures, we saw the account management features of the user maintenance account 2 00:00:06,660 --> 00:00:09,810 and all those management things related to account. 3 00:00:09,820 --> 00:00:15,900 But in this lecture, we'll start with password management, why it is really important to manage the 4 00:00:15,900 --> 00:00:23,760 password only guidelines for different passwords, like any other aspect of network security passwords 5 00:00:23,940 --> 00:00:25,040 must be managed. 6 00:00:25,050 --> 00:00:34,590 And doing that involves ensuring that all the accounts follow security guidelines so that the bad guys 7 00:00:34,590 --> 00:00:36,540 cannot easily guess or grab them. 8 00:00:37,230 --> 00:00:42,840 You've also got to implement certain features of a network operating system to prevent unauthorized 9 00:00:42,840 --> 00:00:44,130 access to your system. 10 00:00:45,570 --> 00:00:52,860 The fundamental rule when it comes to password is a password is a combination of alphanumeric and special 11 00:00:52,860 --> 00:00:53,510 characters. 12 00:00:53,880 --> 00:00:58,290 That's easy for you to remember, but really hard for someone else to address. 13 00:00:59,160 --> 00:01:04,980 Now, like server account names, they should never be written down on anything that is then put into 14 00:01:04,980 --> 00:01:07,100 your desk or stuck on your computer. 15 00:01:07,470 --> 00:01:13,920 Do not write your password on a stick in order to post it and just pasted in front of your desktop just 16 00:01:13,920 --> 00:01:15,190 because you cannot remember. 17 00:01:15,450 --> 00:01:16,920 No, that is very wrong. 18 00:01:17,170 --> 00:01:23,010 You should remember your password and that is why you should keep your password such that you should 19 00:01:23,010 --> 00:01:24,360 be able to remember it. 20 00:01:26,060 --> 00:01:33,440 Now, unfortunately, this guideline is only followed in a perfect world, users invariably try to make 21 00:01:33,440 --> 00:01:38,900 things easy on themselves by choosing passwords that are so simple to guess that someone would have 22 00:01:38,900 --> 00:01:42,170 to be seriously mentally challenged not to be able to. 23 00:01:42,410 --> 00:01:47,690 I had a friend whose name was Mike and he was born in the nineteen seventy six. 24 00:01:47,690 --> 00:01:53,960 Now, what Mike did was basically I was able to hack into the system, not actually hack. 25 00:01:53,960 --> 00:01:58,330 I just tried to, you know, try to do three attempts and I was successful on the third attempt. 26 00:01:59,150 --> 00:02:06,530 Now what he did is he took his first name, Mike, and he added, add the symbol, the one that we use 27 00:02:06,530 --> 00:02:07,550 in the email address. 28 00:02:07,880 --> 00:02:13,150 And then he added the last two digits of his birth year, which means Mike Adulate. 29 00:02:13,850 --> 00:02:14,660 Seventy six. 30 00:02:15,380 --> 00:02:16,710 So that was very easy. 31 00:02:16,730 --> 00:02:23,120 Please do not tend to keep such passwords because you never know, because nowadays your information 32 00:02:23,120 --> 00:02:24,950 is available all over the Internet. 33 00:02:24,950 --> 00:02:30,200 Your birth date is available on Facebook, your username, your user IDs are available on LinkedIn, 34 00:02:30,200 --> 00:02:34,220 Instagram, so people can easily access your password. 35 00:02:34,670 --> 00:02:38,000 So make sure that you keep a password which is difficult to crack. 36 00:02:39,170 --> 00:02:43,310 Now, strong passwords should be at least eight characters. 37 00:02:43,490 --> 00:02:46,160 Now, the more the characters, the good it is for you. 38 00:02:46,610 --> 00:02:54,200 But this shouldn't exceed more than 15 characters so that if you exceed more than 15 characters, it 39 00:02:54,200 --> 00:02:56,610 will be very difficult for you to remember. 40 00:02:57,410 --> 00:03:03,800 You absolutely must specify a minimum level for passwords because a short password is easily correct. 41 00:03:04,140 --> 00:03:12,080 If a password is worth of four Ilford characters that are to this to four combinations of those characters 42 00:03:12,080 --> 00:03:15,940 are four to four at the max so that it can be easily cracked. 43 00:03:16,790 --> 00:03:23,600 Now, the upper limit depends on the capabilities of an of your operating system and the ability of 44 00:03:23,600 --> 00:03:26,260 your users to remember the complex password. 45 00:03:27,080 --> 00:03:30,310 So let's have a weak list for passwords. 46 00:03:30,320 --> 00:03:36,830 Never use them and then we'll include the proper names, never include pet names, your spouse's name, 47 00:03:36,830 --> 00:03:44,030 children's name, your mother's name, your father's name and important date and do not include the 48 00:03:44,030 --> 00:03:45,810 username and your password. 49 00:03:46,160 --> 00:03:54,200 Also try to avoid color, occupation, company name in your password and any of the above with a leading 50 00:03:54,200 --> 00:03:56,660 number, any of the above with a trailing number. 51 00:03:57,050 --> 00:03:58,400 And there are more. 52 00:03:58,400 --> 00:04:06,410 But you get the idea and these are really the most commonly used brainless passwords as I give the example 53 00:04:06,410 --> 00:04:12,850 of Mike, try to avoid using such passwords and it will be tried to keep a password, that data that 54 00:04:12,860 --> 00:04:19,160 is easier for you to remember, but it is difficult for, you know, hackers or bad guys to get into 55 00:04:19,610 --> 00:04:19,730 it. 56 00:04:20,060 --> 00:04:20,780 But that is it. 57 00:04:20,780 --> 00:04:26,060 In the next lecture will see the different password parameters and how to manage the passwords. 58 00:04:26,450 --> 00:04:29,690 And I will also talk about security audits. 59 00:04:29,690 --> 00:04:36,440 I will give you a short intro of security audits and why they are important when it comes to user account 60 00:04:36,440 --> 00:04:37,130 management.