cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Username and Password Security Guide

Username and Password Security Guide

Username and Password Security Guide

‎15-04-2009 10:20 PM

There are things you can do to make your username and passwords more secure. This guide gives you tips.
Username Security

  1. About username security
  2. Ways you can find out your password and broadband username

Password Security

  1. About password security
  2. Choosing a secure password
  3. Password security dos and don'ts

Changing Your Plusnet Passwords

  1. Where to change your passwords

Changing Your Password Settings

  1. Configuring password policies in Windows
  2. Enforce password history
  3. Minimum password age
  4. Minimum password length
  5. Password must meet complexity requirements
  6. Store password using reverse encryption

Username Security
1. About username security
A username is a way to instantly introduce yourself to a computer, program or service. Your password then backs up this information by confirming that you really are who you say you are.



Your Plusnet username may vary, depending on whether you are using broadband or dial-up to connect to the Internet.

E.g. A broadband username looks like:

  • username@plusdsl.net
  • username@f9.co.uk
  • username@freeonline.net


And a dial-up username looks like: username



(Note: This may be different - check your username settings). Username security is often wrongly overlooked when thinking about staying secure when you're online, with more importance given to passwords.



Your password must have a valid username linked to it, otherwise it won't allow access to your computer, application or service. Because of this you shouldn't let your computer automatically remember your username and password for you. Try and get into the habit of either entering your login details each time you connect, or at least just your password.

2. Ways you can find out your password and broadband username
Your password: If you've forgotten your password please contact our Support Team on 0845 140 0200.

Your broadband username: Don't worry if you've forgotten your broadband username.

You can either:

Check in the Member Centre

  1. Log into the Member Centre.
  2. Under My Account click on Connection Settings.
  3. Click on Connection Details.
  4. Find the Login name row in the table (3rd row down) – this is your broadband connection username, e.g. username@plusdsl.net

Please note: Your broadband username is different to your account username. It is not possible to change an account's username once the account has been created. In order to change your username you must cancel your account and create a new account with your preferred username.

Check your modem/router


Look in your modem/router's connection settings. When you set up your broadband connection these details will have been automatically stored, although for security reasons your password will be disguised (e.g. ********).
Password Security
1. About password security


Nowadays there is a real and growing threat of data thieves, hackers and other criminals taking advantage of people who aren't security conscious.



The passwords you already use, (not just those for your Plusnet services), offer a good first line of defense against intruders on your computer, for very little time and effort. However, your computer is only really as secure as your username and password. So, everyone can take steps to improve their password security, just by following a few common sense tips.



Simply by doing some or all of the things we suggest in this guide you'll instantly increase your computer's protection, as well as protecting your own personal information.



Note: For added security Plusnet use several methods of encryption on all customer passwords. This uses complex algorithims to scramble and de-scramble your passwords, making these extremely hard to be read by data thieves or hackers.

2.Choosing a secure password
The best kinds of passwords are those which can't be easily guessed by intruders. The trick is to try to create a password which you find easy enough to remember, but random enough to make a difficult barrier to get past.
Here's some help:

  1. Your password should be - between 8 and 16 characters in length and ideally include at least one number.
  2. Don't create an obvious password - but make it easy to pronounce (this way you'll remember it more easily). This will help reduce the threat of your password being found by 'dictionary' based tools which some attackers use.
  3. Characters which can be used

    1. Upper case and lower case letters (a-z and A-Z)
    2. Numbers (0-9)
    3. Special characters (!##%&()*+,-./:;<=>?@[]^{|}~. )

  4. Characters which can't be used

    1. Single quote - ‘
    2. Double quote - “
    3. Backslash - \
    4. Pound sign - £
    5. Space

  5. Passwords can begin and end with a letter, number or a special character
  6. Create a passphrase - why not take the first letter of each word from a line in your favourite song, or book and put them together to make a word?.
  7. Most importantly - always use different passwords for different programs and services. This reduces the threat of anyone using the same password to log into all of your services/accounts.

Important! If you change your Plusnet password you will need to update your hardware settings to use your new password. Check the instructions that came with your hardware for how to do this. If you got your hardware from Plusnet see our Broadband Hardware Guides.
3. Password security dos and don'ts

  • DO - Use a password if you share a computer with other users. If you don't you are risking other people having access to your personal information, deleting files or even using your account to pretend to be you online.


  • DO - Have different passwords for different things - don't use the same password for every application or service.


  • DON'T - Write your password down - if you can try and memorise it. If you can't remember your password and do have to write it down, try and disguise it, leaving it in a secure place.


  • DON'T - Choose an obvious password - e.g. your name, or a family member's or pet's name, your date of birth, telephone number, the current month or 'password'. It's very easy for someone to guess all of these.


  • DON'T - Keep the same passwords - change them every once in a while and don't re-use a password for at least a year. Change passwords at work - every 2 months and change passwords at home - every 6 months.


Changing Your Plusnet Passwords
1. Where to change your passwords
Service
When is the password set?
How do I change the password?
Broadband access
Dialup access
Broadband Phone
Usenet
Default mailbox
Portal login
Homepages login
Homepages Webstats
During signup. You enter a password of your choice

Change your account password using the Change Password tool


Additional mailboxes
When mailboxes are setup

At the Member Centre in the Email Settings section under Manage My Mail


CCGI
Uses your current password when CCGI is activated

To change your password, log into cshell.plus.net using either telnet or ssh and run the passwd command. Note: If you need to change your CCGI password, you will only be allowed to use a very strong password when running the passwd command. (e.g. At least 6 characters and the more characters, the stronger the password)


FrontPage
Uses your current password when FrontPage is activated

This can be changed using FrontPage itself by following these instructions:

  • On the Tools menu, point to Server, and then click Change Password
  • In the Old password box, type your old password
  • In the New password box, type your new password, and then type it again in the Confirm password box

My SQL
A random password is generated

Raise a Question through the Help Assistant requesting a MySQL password reset. This will generate you a new password which will be emailed to you


Webstats (CCGI, FrontPage)
Uses current password when component is activated

Raise a Question through the Help Assistant, we will reset your webstats password to match your main account password


Changing your computer's password
1. Configuring password policies in Windows
Changing your computer's password settings means that a particular password can't just be re-used over and over again.
Important: We suggest you only configure your Windows password policies if you are an experienced user, confident with changing system settings. If you are unsure, don't make any changes.
In Windows XP:

  1. Click Start.
  2. Click Control Panel.
  3. Click Performance and Maintenance.
  4. Click Administrative Tools.
  5. Click Local Security Policy.
  6. Click the plus-sign (+) in the left pane to open Account Policies.
  7. Click Password Policy.

2. Enforce password history
This lets you set the number of days that Windows will remember passwords before they expire.

  1. Double-click Enforce password history.
  2. On the screen that appears choose any number between 0 to 24 from the drop-down. This is the amount of passwords that Windows will remember. Setting this at 0 means that no passwords are saved.
  3. Double-click on Maximum password age.
  4. On the screen that appears choose any number between 0 to 42 days from the drop-down list. Setting this at 0 means that passwords will never expire. (We suggest that you set this to 30 days or less - so that passwords are changed on a monthly basis).

3. Minimum password age
This lets you set the number of days which must pass before a password can be changed again.

  1. Double-click Minimum password age.
  2. On the screen that appears choose any number between 0 to 998 days from the drop-down list. (We suggest that you set this to at least 3 days if you've set the Maximum Password Age (above). The Minimum Password Age can't be higher than the Maximum Password Age. If the Maximum Password Age is set to 0 the Minimum Password Age can be set from anything from 0 to 998 days.

4. Minimum password length
This lets you set the minimum number of characters that a password can contain.

  1. Double-click Minimum password length.
  2. On the screen that appears choose any number from 0 to 14 in the drop-down list.

5. Password must meet complexity requirements
This lets you set the password length and type of characters that a password can be made up of.

  1. Double-click on Password must meet complexity requirements.
  2. On the screen that appears choose Enable.
  3. You will then be given a number of password rules:

  • Password must not contain significant portions of the user's account name or full name.
  • Password must be at least 5 characters in length. (We suggest setting this to at least 8 characters to make passwords secure).

6. Store password using reverse encryption
This lets you keep a check on all the passwords used on a computer.

  1. Double-click on Store password using reverse encryption for all users in the domain policy.
  2. On the screen that appears choose Enabled.

Important: Password storing makes your password security less secure. Enabling this is basically like writing every password used on a computer in a text file, meaning these can be checked very easily.
You should ONLY turn this on unless you really need to log all the passwords used on a computer.

0 Thanks
0 Comments
6615 Views