HIPS Series > Picking and Protecting Passwords > Quiz

The correct answers, and explanations for why we believe them to be correct, are provided here.

•  •  •  •  •

1. Which of these "high tech" methods presents a threat to your passwords?

A. "Dictionary attack" -- using a computer to try all the words commonly used as passwords.

B. "Brute Force attack" -- using a computer to try all possible combinations of letters, numbers and special characters that could be used for a password.

C. "Mind Probe attack" -- using a brain scanner to read your mind.

D. All of these are realistic risks.

•  •  •  •  •

2. Which of these "low tech" methods presents a threat to your passwords?

A. "Shoulder Surfing attack" -- an intruder sees you typing in your password.

B. "Post-It attack" -- an intruder finds the passwords you've written down and left in plain view.

C. "Simple Guess attack" -- an intruder guesses your password based on the things he/she knows about you.

D. "Elvis has Left the Building attack" -- you leave your logged-in computer unattended, and an intruder gets access to it while you're away.

•  •  •  •  •

3. Which of these is a characteristic of a good password?

A. Uses only a few characters.

B. Uses mixes of uppercase, lowercase and special characters.

C. Uses common words found in the dictionary

D. Uses words related to things commonly known about the user.

•  •  •  •  •

4. Which of these is a characteristic of a good password?

A. Not changed very often.

B. The same for every system the person uses.

C. Not changed from the manufacturer's default or starting password.

D. It's "strength" is appropriate to the importance of the system it protects.

•  •  •  •  •

5. When should you lend out your password to someone else?

A. Whenever someone asks you for it.

B. When someone you know asks for it.

C. When someone you know asks for it, but only for a true emergency situation.

D. Never.

•  •  •  •  •

6. When and where should you write down your passwords?

A. Whenever it is convenient. And you can keep this information anywhere that is convenient.

B. Whenever you really need it for your memory.

C. Whenever you really need it for your memory, but this information should only be kept in a secure location.

D. Never.

•  •  •  •  •

7. When is it OK to have your computer "remember" passwords?

A. Any time the computer software offers the option.

B. When you have "password management" software that stores the information in a secure database.

C. When you have "password management" hardware that stores the information in a secure database.

D. Never.

•  •  •  •  •

8. Must all passwords be chosen to offer the same security?

A. Yes, every password should be chosen using rules to make it very secure.

B. No. Passwords can be of different quality depending on what they protect.

•  •  •  •  •

The correct answers, and explanations for why we believe them to be correct, are provided here.