Twitter
Aug
2
In 2004 Government launched the Electronic Identity (e-ID) as part of its programme to create a strong eGovernment infrastructure based on sound identity management. Government drives the initiative in collaboration with the private sector by championing a strong and secure authentication mechanism that can evolve from the key to eGovernment to the trust behind eCommerce. (1)
Malta's eGovernment services portal relies on the e-ID (the single most trusted authentication mechanism) to provide a one-stop-shop for all eGovernment services. The portal allows the management of the user’s e-ID profile which contains personal details as well as functions for assignment and delegation. Citizens may “delegate” their eServices to other citizens (who have an e-ID) or to registered organisations. Through www.mygov.mt, the e-ID may also be used by organisations (e.g. businesses and administrations) which may “assign” the management of the eServices to an “Organisation Manager” who has an e-ID.(2)
Over the coming 6 months, the governments e-ID system will be implementing a new password policy which will help increase the security of the system for the benefit of its users.
The effect of this new policy is that you will have to reset your password every 90 days.
The e-ID system requires you to provide a strong password that meets the following criteria.
The password must not contain your full e-ID number, first or last name
The password must be at least 8 characters in length
The password must contain English uppercase characters (A through Z)
The password must contain English lowercase characters (a through z)
The password must contain base 10 digits (0 through 9)
The password must not be the same as any of your previous passwords
Here at maltainfosec.org we thought of providing four easy steps to achieve the above:
1. Read-up on how to choose a secure password
2. Avoid common password pitfalls
3. Access a random password generator and pick a password that's secure and easy to remember
4. Finally, cross-check how secure the password you chose actually is
Read on for some more suggestions on how to choose a secure password..
Malta's eGovernment services portal relies on the e-ID (the single most trusted authentication mechanism) to provide a one-stop-shop for all eGovernment services. The portal allows the management of the user’s e-ID profile which contains personal details as well as functions for assignment and delegation. Citizens may “delegate” their eServices to other citizens (who have an e-ID) or to registered organisations. Through www.mygov.mt, the e-ID may also be used by organisations (e.g. businesses and administrations) which may “assign” the management of the eServices to an “Organisation Manager” who has an e-ID.(2)
Over the coming 6 months, the governments e-ID system will be implementing a new password policy which will help increase the security of the system for the benefit of its users.
The effect of this new policy is that you will have to reset your password every 90 days.
The e-ID system requires you to provide a strong password that meets the following criteria.
The password must not contain your full e-ID number, first or last name
The password must be at least 8 characters in length
The password must contain English uppercase characters (A through Z)
The password must contain English lowercase characters (a through z)
The password must contain base 10 digits (0 through 9)
The password must not be the same as any of your previous passwords
Here at maltainfosec.org we thought of providing four easy steps to achieve the above:
1. Read-up on how to choose a secure password
2. Avoid common password pitfalls
3. Access a random password generator and pick a password that's secure and easy to remember
4. Finally, cross-check how secure the password you chose actually is
Read on for some more suggestions on how to choose a secure password..
1. More detailed information on how to choose a secure password can be grabbed from here
2. As per Microsoft, cyber criminals use sophisticated tools that can rapidly decipher passwords.
Avoid creating passwords using:
- Dictionary words in any language.
- Words in all languages are vulnerable.
- Words spelled backwards, common misspellings, and abbreviations.
- Words in all languages are vulnerable.
- Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty).
- Personal information.
- Your name, birthday, driver's license, passport number, or similar information.
3. A random password generator is also available here or here
4. Once you've chosen a password, check to see how secure the password you chose is - here.
Other references in this article:
(1) http://www.mca.org.mt/infocentre/openarticle.asp?id=907&pref=15
(2) http://www.epractice.eu/node/277428
2. As per Microsoft, cyber criminals use sophisticated tools that can rapidly decipher passwords.
Avoid creating passwords using:
- Dictionary words in any language.
- Words in all languages are vulnerable.
- Words spelled backwards, common misspellings, and abbreviations.
- Words in all languages are vulnerable.
- Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty).
- Personal information.
- Your name, birthday, driver's license, passport number, or similar information.
3. A random password generator is also available here or here
4. Once you've chosen a password, check to see how secure the password you chose is - here.
Other references in this article:
(1) http://www.mca.org.mt/infocentre/openarticle.asp?id=907&pref=15
(2) http://www.epractice.eu/node/277428
0 Trackbacks