Presentation is loading. Please wait.

Presentation is loading. Please wait.

MAKING GOOD PASSWORDS (AND HOW TO KEEP THEM SAFE).

Published byMerryl Boone Modified over 8 years ago

Similar presentations

Presentation on theme: "MAKING GOOD PASSWORDS (AND HOW TO KEEP THEM SAFE)."— Presentation transcript:

1 MAKING GOOD PASSWORDS (AND HOW TO KEEP THEM SAFE)

2

3 BUT PASSWORD MANAGEMENT IS HARD

4 WHY CAN’T WE USE EASY PASSWORDS?

5 THIS IS A GRAPHICS CARD It’s cheap and good at playing video games. About every teenager has access to one. It’s also very good at hacking your password.

6 “A $1000 computer can process 3.3 billion passwords per second… a professional can make thousands of dollars a day selling your information on the black market.” (PCPro.com)

7 Dictionary Attacks: “GoBuffs!” a couple minutes “P@$$w0rd1” a couple hours Brute Force: “fjR8n” in 24 seconds “%fjR8nQNUc5GPj9” would take over ten years *Extra credit: 15 characters or more forces windows to store passwords differently – which breaks certain attacks. IT’S JUST A MATTER OF TIME

8

9 HACKING IS BIG BUSINESS 2011 = 12.5 billion in reported losses Some estimates put that number closer to 10 times as much. www.hotforsecurity.com

10 HOW DO HACKERS GET YOUR PASSWORD? Physical access to your office or computer Social Engineering/Phishing (asking nicely) Hacking commonly used sites Malware Infections Network based attacks

11 LOSING YOUR PASSWORDS SINCE 1978

12

13

14

15

16 “SECURING YOUR PASSWORD DOESN’T MEAN USING TAPE”

17 Under Keyboard In a Rolodex Top desk drawer Under desk calendar In the planter Wallet/Purse/Gym Bag

18 NOW THAT YOU KNOW WHERE PEOPLE HIDE THEIR PASSWORDS

19 DON’T DO IT

20 SURE, LONG PASSWORDS ARE SECURE BUT I CAN’T REMEMBER THEM….

21 MAKING MEMORABLE PASSWORD REQUIRES THOUGHT

22 ABBREVIATE I like taking the bus, but I ended up 20 minutes late! Becomes: Ilttb,bIeu20ml! (15 characters)

23 LETTER SUBSTITUTION Create a long word or phrase: I Like To Eat Tacos Remove spaces: ILikeToEatTacos Replace letters with symbols: IL!k3T0e@tT@c0$

24 A FEW SUBSTITUTION SUGGESTIONS LetterBecomes A@ E3 S$ I! O0 K|< C(

25 Take two words: Bot & Kneecap Scramble a few letters: Bocat_&_Kneep Add Complexity: 54 Bocat_&_Kne54ep WORD JUMBLE

26 KEYBOARD PATTERNS Use the Shift Key to Add Complexity Becomes: 5^YghjkmnbVCX Use with caution, easy ones are in dictionary attacks!

27 OK, SO I’VE GOT A GREAT PASSWORD, I’LL JUST KEEP USING THAT ONE RIGHT?

28 REUSED PASSWORDS ARE DANGEROUS

29

30 LINKEDIN LOST 6.4 MILLION USERS PASSWORDS Hackers can use those passwords to commit identity fraud including: Hack into corporate accounts Break into bank accounts Spam email accounts Gather more info for offline use (Credit Cards) LinkedIn is now facing $5 million class action lawsuit due to the loss.

31 PRO TIP: MAKING PASSWORDS UNIQUE TO EACH SITE Have a secure base password: 5^YghjkbVCX Select two letters from the site or program: usbank.com (2nd & 4th in this case) Add those letters to your password: 5^YghjsakbVCX

32 WAIT A MINUTE… THIS SITE WANT’S ME TO CHANGE IT NOW… Todays Date: 1/11/13 Pick a couple characters of the date: 11 Shift the numbers (+3 in this case): 44 Add those numbers to your password 5^Yghjsak becomes 5^Yghjsak44 Write down when you last change the password

33 INSTANT, UNIQUE AND SECURE PASSWORDS FOR ALL USES

34 A FEW TOOLS TO HELP…

35 PASSWORD GENERATORS Many free ones, but be careful! We suggest changing the results before using them. http://www.pctools.com/guid es/password/

36 PASSWORD MANAGERS

37 TWO FACTOR AUTHENTICATION

38 QUESTIONS? Joe Kuster IT Projects Manager Joe.Kuster@colorado.edu

39 IDENTIKEY Your “username” is the Identikey assigned to you by the University. Keep private Commit to memory Do not use Username or Password for any other purpose!

40 HR IDENTIKEY REQUIREMENTS 15 characters or longer Avoid repeating characters No words that can be found in a dictionary (in any language) Not be easily guessable (e.g., your birthday, age, anniversary…) All four character sets: capital, lowercase, numerical and symbol (e.g., A,a,1,!)

Download ppt "MAKING GOOD PASSWORDS (AND HOW TO KEEP THEM SAFE)."

Similar presentations

Point3r$. Password Introduction Passwords are a key part of any security system : –Work or Personal Strong passwords make your personal and work.

Point3r$. Password Introduction Passwords are a key part of any security system : –Work or Personal Strong passwords make your personal and work.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
A note for you We have created this presentation for you, the outstanding employee who has IT security on the brain. We want to help you spread the word.

A note for you We have created this presentation for you, the outstanding employee who has IT security on the brain. We want to help you spread the word.
Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.

Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.
Helping our customers keep their computers safe.  Using your pet’s, business, family, friend’s names  Using number or letter sequences (0123, abcd)

Helping our customers keep their computers safe.  Using your pet’s, business, family, friend’s names  Using number or letter sequences (0123, abcd)
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
So much alike! What is Personal Branding? 1. Make a clear, specific, and consistent image of yourself on the internet that reflects who YOU are. 2. Make.

So much alike! What is Personal Branding? 1. Make a clear, specific, and consistent image of yourself on the internet that reflects who YOU are. 2. Make.
Computer Fraud, Identity Theft, and Computer Forensics How not to be a victim Presented by Scott R. Ellis Manager, Forensic and Litigation Technologies.

Computer Fraud, Identity Theft, and Computer Forensics How not to be a victim Presented by Scott R. Ellis Manager, Forensic and Litigation Technologies.
Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.

Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
Www.durham.ac.uk/cmp Centre for Materials Physics Presentation by Peter Byrne Creating and using Strong Passwords Superconductivity Group.

Centre for Materials Physics Presentation by Peter Byrne Creating and using Strong Passwords Superconductivity Group.
Time Management. Goal Get as much done, remember as much as possible in as LITTLE time as possible!!! WORK SMARTER, NOT HARDER Key word: EFFICIENCY.

Time Management. Goal Get as much done, remember as much as possible in as LITTLE time as possible!!! WORK SMARTER, NOT HARDER Key word: EFFICIENCY.
IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.

IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.
1 Authentication CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 11, 2004.

1 Authentication CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 11, 2004.
INFORMATION SECURITY AWARENESS PRESENTED BY KAMRON NELSON AND ROYCE WILKERSON.

INFORMATION SECURITY AWARENESS PRESENTED BY KAMRON NELSON AND ROYCE WILKERSON.
Creating STRONGCreating STRONGPasswords. CREATING STRONG PASSWORDSCREATING STRONG PASSWORDS A strong password is an important part of keeping your information.

Creating STRONGCreating STRONGPasswords. CREATING STRONG PASSWORDSCREATING STRONG PASSWORDS A strong password is an important part of keeping your information.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Password Management Programs By SIR Phil Goff, Branch 116 Area 2 Computers and Technology April 18, 2013 1.

Password Management Programs By SIR Phil Goff, Branch 116 Area 2 Computers and Technology April 18,
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.

Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.

Similar presentations

Ads by Google