Table of Contents
Advertisement
Tips on protecting digital IDs
Because of the security and legal implications associated with unauthorized use of private
keys for signing or decrypting documents containing confidential information, you should
take active steps to protect your digital IDs and have a procedure in place for dealing with
lost or stolen IDs.
How to protect your digital IDs
When private keys are stored on tokens, smart cards, and other hardware devices that are
password- or PIN-protected, be sure to use a strong password or PIN. Never divulge your
password to others. You should not write your password down, but if you must, store it in
a secure location. Keep your password strong by following these rules: use eight or more
characters; mix upper-case and lower-case letters with numbers and special characters;
choose a password that is difficult to guess or hack, but that you can remember without
having to write it down; do not use a correctly spelled word in any language, as these are
subject to "dictionary attacks" that can crack these passwords in minutes; change your
password on a regular basis. For more hints on choosing a strong password, search for
"strong password" on the internet.
To protect private keys stored in P12/PFX files, use a strong password and set your
password timeout options appropriately. If using P12 file to store private keys that you use
for signing, set your password timeout option so that your password is always required
(this is the default behavior). If using your P12 file to store private keys that are used to
decrypt document, ensure there is a backup copy of your private key or P12 file so that
you can continue to open encrypted documents should you lose your keys.
The mechanisms used to protect private keys stored in the Windows Certificate Store
varies depending on what company has provided the storage. You should contact the
provider in order to determine how best to protect these keys from unauthorized access
and for backup purposes. In general, you should use the strongest authentication
mechanism available and should seek to require a strong password or PIN when possible.
What to do if your digital ID is lost or stolen
If your digital ID was issued by a certificate authority, immediately notify the certificate
authority and request the revocation of your certificate. You should also stop using your
private key.
If your digital ID was self-issued, destroy the private key and notify anyone to whom you
sent the corresponding public key.
Advertisement
Table of Contents
Related Manuals for Adobe ACROBAT 3D
Related Products for Adobe ACROBAT 3D
- Adobe 38039481 - Flash CS3 Professional
- Adobe 38000827 - Macromedia ColdFusion MX Standard Edition
- Adobe 38039336 - Flash CS3 Professional
- Adobe 38043740 - ColdFusion Standard - Mac
- Adobe 38000382 - Macromedia JRun - Mac
- Adobe ACROBAT READER HELP
- ADOBE ACROBAT 7.0.5 SDK
- ADOBE ACROBAT FORMS JAVASCRIPT OBJECT