Words found in the dictionary, even if they are slightly altered, for
example by replacing a letter with a number.
Personal information such as birth date, names of self, or family, or
pets, social security number, or anything else that could easily be
learned by others. Remember: If a piece of information is on a
social networking site, it should never be used in a password.
Be at least eight characters in length
Include a combination of upper case and lower case letters, one
number and at least one special character, such as a punctuation
Finally, systems should be configured so that passwords must be changed on a
regular basis. While this may be inconvenient for users, it also reduces some of
the risk that a system will be easily broken into with a stolen password.
Passwords and Strong Authentication
Strong, or multi-factor, authentication combines multiple different authentication
methods resulting in stronger security. In addition to a user name and password,
another authentication method is used. For example a smartcard or key -fob, or a
fingerprint iris scan.
Under Federal regulations permitting e-prescribing of controlled substances,
multi-factor authentication must be used.
2. Install and Maintain Anti-Virus Software
The primary way that attackers compromise computers in the small office is
through viruses and similar code that exploits vulnerabilities on the machine.
These vulnerabilities are ubiquitous due to the nature of the computing
environment. Even a computer that has all of the latest security updates to its
operating system and applications may still be at risk because of previously