Open Source - How to Create a Secure Password for use with Asterisk Extensions
A common attack vector, for phishing scripts, is looking for exposed VoIP accounts with insecure passwords and simple device names. A good defense is to adopt uncommon device names and complex passwords. Should your PBX ever be exposed to the outside world, such as enabling NAT for remote access, then using hard to guess passwords and unexpected device names dramatically helps to increase security.
For device name, consider using the phones MAC address.
For complex passwords, consider using one of several password generators available on the Internet.
, multiple selections available,