STATE BANK OF |
Password creation and maintenance
·
Sharing
passwords is a security risk.
·
Do
not divulge your password to any one.
·
Enter
your user-id password only in the space provided for- that you are normally
used to.
·
Any
changes from normal make sure there is no attempt to steal your personal
information before providing it.
·
Do
not provide user id passwords on any page popping up by clicking on a hyperlink
received through email. Better practice would be to log into the service by
typing in the URL in the address bar after making sure the page opening up is
from the genuine service provider.
·
Do
not store passwords in a file on ANY computer system (including Palm Pilots or
similar devices) without encryption.
·
Change
passwords at least once every 90 (ninety) days.
·
Unique
Characters: An acceptable password must have at least five (5) different
characters. Repeated characters can make for palindromes and make it easier to
crack.
·
Character
Types: An acceptable password must have characters from at least three (3) different
character types -- upper case, lower case, digits, punctuation, etc. A password
that includes a sample from a rich character set is difficult to crack.
·
Long
Alpha Sequences: An acceptable password must not have an alphabetic sequence
any longer than three (3) characters.
·
Long
Digit Sequences: An acceptable password must not have a digit sequence any
longer than two (2) characters.
·
Forbidden
Characters: There are a few characters that will cause problems if used in a
password - the "delete" character is one of the obvious ones.
·
Writing
down your password: One should never write down a password. Someone may
discover the password. Make the password difficult for others to guess or crack
but easy for you to memorise and remember.
·
Passwords
should not be any of the following:
o
Dictionary
words (including foreign and technical dictionaries)
o
Name
of a person or a thing, a place, a proper noun, a phone number or a vehicle
number
o
Simple
pattern of letters on keyboards
o
Any
of the above reversed or concatenated
·
One
possible method for picking a good password is to make up your own acronym.
·
Do
not let your computer remember your password . Do not accept auto complete
option provided by your computer/ browser.
·
As
far as possible do not use un-trusted system to access sensitive service. If
you must, change the password on the first occasion immediately thereafter from
a trusted system