Recent
attacks on individuals and rooms in chat have brought about the need to
discuss security and provide information as to how we can secure names and
rooms from attack. The most common suggestions are listed below.
Do not use dictionary words in your password for
your nickname or room password.
Do not use the same password for your nickname
as for your room password.
Do not share your password with anyone. There is
never a good reason for someone else to know your password to your room or
to your nickname. You can use chanserv to allow controlled access to your
room.
Bots should be set at Host access level, never
as an owner. There are too many ways to exploit bots for them to be
considered secure.
Use secure access to bot commands by
implementing a password to major command scripts.
Use a strong password. You can get one by going
to: http://www.pctools.com/guides/password/ and using the secure password
generator there. A strong password is at least 8 characters, includes
UPPER case and lower case letters, numbers and punctuation. An example
would be: We$aje-u.
Make sure anyone in the access list of your room
or your bot uses a Registered nickname. It is a good idea to use a script
that de-ops anyone who becomes a guest.
Do not store passwords in a list that is easily
accessible. Keep any list you have out of My Documents, Shared Documents,
Public folders or other generally shared folders.
If you have any questions or concerns about
compromised room or nickname passwords, immediately come to the room #IRCOps
for help.
