Presentation is loading. Please wait.

Presentation is loading. Please wait.

Becoming More Secure Online: Passwords & Social networking Walid Al-Saqaf For the Workshop: Secure Information Gathering, Storing, and Sharing Istanbul,

Published byCarmel Ellis Modified over 8 years ago

Similar presentations

Presentation on theme: "Becoming More Secure Online: Passwords & Social networking Walid Al-Saqaf For the Workshop: Secure Information Gathering, Storing, and Sharing Istanbul,"— Presentation transcript:

1 Becoming More Secure Online: Passwords & Social networking Walid Al-Saqaf For the Workshop: Secure Information Gathering, Storing, and Sharing Istanbul, Turkey 23-25 January, 2011

2 Passwords are your first line of defense - Every password is a vulnerability due to keyloggers, phishing, etc. - Exposure of passwords of email accounts could be devastating - Victims of password theft could be unaware for some time that their password is compromised (identity theft, spamming, hoaxes, etc.) - Brute-force password crackers available for free and can be planted by trojansBrute-force password crackers password 123456 12345678 qwerty abc123 monkey 1234567 letmein trustno1 dragon baseball 111111 iloveyou master sunshine ashley bailey passw0rd shadow 123123 654321 superman qazwsx michael football *(SplashData study Nov 2011) Another study by ZoneAlarm The top 25 stolen passwords*

3 Technology makes password hacking easier

4 No one is immune from password hacking!

5 Best practices and useful tips - should be changed regularly - should be long enough, yet easy to remember for the user - should include UPPER and lower cases plus non-alphanumeric characters - can be stored through Password managers if memorizing is not possible - should be long & tough to guess (for others) [no dictionary words] - should never be transmitted through unencrypted channels - should not be used in public cafes unless you verify security settings - should be different for different platforms/applications - should normally not be stored on servers (do not use ‘remember me’) - should not be allowed to be stored in your browser/client application - should never be shared

6 Securing passwords - Securing passwords is extremely important (can’t be emphasized enough) - Using password management is possible if you have too many to remember: - offline (e.g., KeePass, RoboForm, Sxipper [FF add-on]) - online (e.g., Passpack, Clipperz) - alternatives to multiple passwords (e.g., OpenID) - You need to weigh the risks to reward ratio before proceeding

7 Social networking: Risk vs. Reward - Despite many advantages, social networking is insecure because: - They require that you give up some information publicly - The only secure method of access is a username and password - They may be accessible through browsers that have vulnerabilities - Misunderstanding/misinterpreting privacy terms could be devastating - You cannot control what information about you posted by your friends - You need to read the EULA, Privacy Agreement and Terms of Use - You have to Understand the privacy settings carefully - You should be cautious when installing software recommended by them - Think before you post anything to the public (e.g., CNN’s Nasr) - Assess risk of using social networking websites at cafes & public places

8 The dark side of social networking - The longer you communicate, the more likely that you would reveal information about yourself - The more data/pictures you put online, the more you endanger your privacy - The more friends you have, the easier you could be tracked, exploited - Bullying, abuse, exploitation, threats, intimidation, etc. are on the rise “Facebook seems to be a place where people aren't being cautious enough” - DeDomenico-Payne (The dark side of social media)The dark side of social media

9 Social Network addiction is no joke

10 Social networking could cause liability

11 Social networks not suitable for sensitive data - Social networks are public and aim at exposing information - Sensitive data needs to be encrypted, protected with multiple methods, which are not available in networks - Website transmission encryption (HTTPS) needs to be used for social networking websites when possible - Proxy/tunneling encryption (e.g., Tor) could be useful

12 The dark side of social networking - The longer you communicate, the more likely that you would reveal information about yourself - The more data/pictures you put online, the more you endanger your privacy - The more friends you have, the easier you could be tracked, exploited - Bullying, abuse, exploitation, threats, intimidation, etc. are on the rise “Facebook seems to be a place where people aren't being cautious enough” - DeDomenico-Payne (The dark side of social media)The dark side of social media

13 Exercise 1- Review all your passwords and find which ones do not meet the security requirements based on good practice mentioned here 2- Change those passwords and ensure that the new ones meet those criteria 3- Read the privacy-related instructions of the two major social networking sites that you use (e.g., Facebook, Twitter) 4- Mark the points that you think could be of potential concern for activists in your country or region 5- Discuss how those points could prevent users in your country to register with fake/anonymous identities and what that would mean to activists in your country and the risk associated with revealing their identities and their private chatting messages.

Download ppt "Becoming More Secure Online: Passwords & Social networking Walid Al-Saqaf For the Workshop: Secure Information Gathering, Storing, and Sharing Istanbul,"

Similar presentations

Tiffany Phillips CIS 1055-004 What is a Social Networking Website? Social networking websites function like an online community of internet users. Depending.

Tiffany Phillips CIS What is a Social Networking Website? Social networking websites function like an online community of internet users. Depending.
1©2013 Check Point Software Technologies Ltd. [Protected] Non-confidential content Top 10 Security Best Practices for Small Business Small business need.

1©2013 Check Point Software Technologies Ltd. [Protected] Non-confidential content Top 10 Security Best Practices for Small Business Small business need.
1 5 steps to enjoying a safer internet experience SID 2013 presentation for adults who work/volunteer with children, young people and vulnerable adults.

1 5 steps to enjoying a safer internet experience SID 2013 presentation for adults who work/volunteer with children, young people and vulnerable adults.
Authentication and Constructing Strong Passwords.

Authentication and Constructing Strong Passwords.
Recommendations on the future of online GyroScope & Databse implementation.

Recommendations on the future of online GyroScope & Databse implementation.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.

IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.
Social Networking Systems: Education Awareness Briefing.

Social Networking Systems: Education Awareness Briefing.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Notes to Teachers At the time we embedded the links in these lessons, they all worked. If they don’t, you can google the website, find the link, open it.

Notes to Teachers At the time we embedded the links in these lessons, they all worked. If they don’t, you can google the website, find the link, open it.
Internet Security In the 21st Century Presented by Daniel Mills.

Internet Security In the 21st Century Presented by Daniel Mills.
E-Safety at MPL and beyond…... What are the risks our children face? Understanding the potential risks and encouraging safe and responsible use of the.

E-Safety at MPL and beyond…... What are the risks our children face? Understanding the potential risks and encouraging safe and responsible use of the.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Behind Closed Doors Digital Danger the dark side of the net with Sue Watling and Jim Rogers 1 st April 2014 No walls, no doors, no boundaries, nowhere.

Behind Closed Doors Digital Danger the dark side of the net with Sue Watling and Jim Rogers 1 st April 2014 No walls, no doors, no boundaries, nowhere.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.

Similar presentations

Ads by Google