Method for the Choice and Use of Highly Secured Password

ASTAP-23/INP-09(Rev.1)

/ ASIA-PACIFIC TELECOMMUNITY
The 23rd APT Standardization Program Forum
(ASTAP-23) / Document
ASTAP-23/INP-09 (Rev.1)
03 – 07March 2014, Pattaya, Thailand /

03March 2014

Republic of Korea

method for the choice and use of highly secured password

1. Introduction

It was agreed that EG IS would make the security handbook which provides useful information about information security and cybersecurity in the last 21st ASTAP and 20th ASTAP meeting.

Moreover, it was discussed for security handbook that the method for protecting smartphone from intrusion and malicious code and the matters that demand special attention for secure bank electronic transaction in the latest 22nd and 23rd ASTAP meeting.

Password is the combination of characters for identifying users when logging into personal devices like PC and internet sites. If these passwords were revealed, user’s personal e-mail information, bank information and other important information can be leaked out to other people. Therefore users choose and use secured password and manage them securely.

In this contribution we propose the method for choosing and using passwords for high security. Afterwards more discussion is needed and should be updated based on this document for the security handbook.

1. Proposal

-Method for choosing and using highly secured password

Secured password is the password that can’t be guessed easily by others, can’t be found by using user information which is stored in the system and by hacking the information through the internet, and needs much time to be known.

1)Set the password using combined characters such as uppercase and lowercase English characters, numbers and special characters. Use the password as 8 or more characters as possible.

2)Don’t use the following passwords.

- 7 or less characters

- Having regular or special patterns such as

. Repetition of same characters Eg) ‘aaabbb’, ‘123123’

. Characters which are placed adjacent on keyboard Eg) ‘qwerty’, ‘asdfgh’

. Password in which number is placed in the first or the last Eg) ‘security1’, ‘1security’

- Characters which is related to user’s personal information so that others can guess easily such as

. Family member’s name, birth date, home address, cell phone number etc.

- Password using user ID

- Password which is a word in the dictionary

- Password containing special person’s name or well-known words such as

. Computer terminologies, site name, companies name, famous person’s name etc.

- Password which is initially set in the system or suggested as an example

3)Method for using password securely

- Users set the password by referring above 1) and 2).

- If initial password is set by the system, user should change into new password as soon as possible.

- User should change password regularly.

- When user wants to change password, brand-new password should be used and new password should not be related to the previous password.

- User shouldn’t expose the password by others.

- If exposed, user should change the password immediately.

1. Conclusion

Using password is inevitable in computer era and password is the core of security. We propose the method for the choice and use of highly secured password.

We propose this contribution as a base document for the security handbook. We’ll develop the document in the next meeting by getting comments from member countries.

______

Page 1 of 2