1. password (Unchanged)13. 1234567 (Down 6) 2. 123456 (Unchanged)14. sunshine (Up 1) 3. 12345678 (Unchanged)15. master (Down 1) 4. abc123 (Up.

Slides:



Advertisements
Similar presentations
1©2013 Check Point Software Technologies Ltd. [Protected] Non-confidential content Top 10 Security Best Practices for Small Business Small business need.
Advertisements

Using Technology Responsibly Best Practices for Safe and Savvy Technology Use.
Authentication and Constructing Strong Passwords.
Data Security Concerns at Work and at Home STEVE MITZEL IT DIRECTOR ASHLAND SCHOOL DISTRICT #5 – ASHLAND OREGON
College of Information Technology & Design
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Matt Weir, Sudhir Aggarwal, Michael Collins, Henry Stern Presented by Erik Archambault.
Using a Password Manager Are your passwords safe? Ryan Leavitt DoIT Security.
Analysis of Passwords Renier van Heerden and Johannes Vorster CSIR, DPSS Research funded by DST, CSIR DPSS.
1 I ntegrated S ite S ecurity for G rids © Members of the ISSeG Collaboration, 2008 See: ISS e G Computer Security: Advice for computer.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Click here for getting your Student User Id & password.
Presenter Deddie Tjahjono.  Introduction  Website Application Layer  Why Web Application Security  Web Apps Security Scanner  About  Feature  How.
Security Super Searching Certifications Passwords Safety Questions Pop-Ups Options Security.
Passwords by The UTHSC Information Security Team.
Creating STRONGCreating STRONGPasswords. CREATING STRONG PASSWORDSCREATING STRONG PASSWORDS A strong password is an important part of keeping your information.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Password Management PA Turnpike Commission
IS 302: Information Security and Trust Week 7: User Authentication (part I) 2012.
Staying Safe Online Keep your Information Secure.
CIS 450 – Network Security Chapter 8 – Password Security.
Becoming More Secure Online: Passwords & Social networking Walid Al-Saqaf For the Workshop: Secure Information Gathering, Storing, and Sharing Istanbul,
(Down 6) 14. sunshine (Up 1) 15. master (Down 1) (Up 4) 17. welcome (New) 18. shadow (Up 1) 19. ashley (Down 3) 20. football.
1. password (Unchanged) (Down 6) (Unchanged)14. sunshine (Up 1) (Unchanged)15. master (Down 1) 4. abc123 (Up.
Brute Force Password Cracking and its Role in Penetration Testing Andrew Keener and Uche Iheadindu.
Authentication (ch 9~12) IT443 – Network Security Administration 1.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
Identification and Authentication CS432 - Security in Computing Copyright © 2005,2010 by Scott Orr and the Trustees of Indiana University.
Mitch Parks, GSEC/GCWN ITS Desktop Security Analyst
Copyright Pearson Prentice-Hall Password Length in Characters Low Complexity: Alphabetic, No Case (N=26) Alphabetic, Case-Sensitive (N=52) Alphanumeric:
User Friendly Passwords Nicole Longworth Michael Shoppell RJ Brown.
(Down 6) 14. sunshine (Up 1) 15. master (Down 1) (Up 4) 17. welcome (New) 18. shadow (Up 1) 19. ashley (Down 3) 20. football.
Birmingham News Sunday October 28, 2012  password1.
Student Experience It’s your education Type the web site address into the browser given to you by your junior high or high school Select “I am a student”
MVS Express Electronic Filing IFTA & IRP Instructions - Initial Login Before attempting to login, please ensure that all popup.
Authentication Lesson Introduction ●Understand the importance of authentication ●Learn how authentication can be implemented ●Understand threats to authentication.
NC Wise Security & Passwords Revised: July 29, 2008 Developed by: Jennifer Jenkins, Cabarrus County Schools.
1. password (Unchanged) (Down 6) (Unchanged)14. sunshine (Up 1) (Unchanged)15. master (Down 1) 4. abc123 (Up.
Building Structures. Building Relationships. Passwords February 2010 Marshall Tuck.
Password Security Module 8. Objectives Explain Authentication and Authorization Provide familiarity with how passwords are used Identify the importance.
DoS Attacks Phishing Keylogging Computer Laws/Acts.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
Page 1 Cash Application By MIS Department. Page 2 Enter your User ID and Password here Note: User ID and Password are initially assigned by MIS. You will.
By Matt Norris. Physical Security - Threats -User Authentication Techniques Information Security - Threats -User Authentication Techniques Good Authentication.
© 2015 Pearson Education Ltd. Chapter 7 Chapter 7.
Joe Knight’s Company VPN Policy. What is VPN? Virtual Private Network (VPN) will allow you all as users to remote into the network from home or anywhere.
Understanding Security Policies Lesson 3. Objectives.
David Wigley HCC Security Architect Security Trends for 2016.
1. password (Unchanged) (Down 6) (Unchanged)14. sunshine (Up 1) (Unchanged)15. master (Down 1) 4. abc123 (Up.
Strong Passwords Get back, you hacker!. Wimpy Passwords Pet names Nicknames Things people can guess Dictionary Personal info.
September 19, 2016 Steve Konecny CFE, CIRA, CEH, CRISC Hands on Hacking.
PASSWORD SECURITY A Melbourne Athenaeum Library
LastPass Password Management
IT Security Awareness Day October 19, 2016
Understanding Security Policies
Class Name: Online Safety & Privacy Basics
Taken from Hazim Almuhimedi presentation modified by Graciela Perera
Some Methods Phishing Database & Password Exploits Social Engineering & Networking Weak Controls Default Accounts & Passwords Dated Software & Patch.
Authentication CSE 465 – Information Assurance Fall 2017 Adam Doupé
Access Controls and Authentication
Registering on the SITE is a MULTI-STEP process:
Passwords.
Authentication CSE 365 – Information Assurance Fall 2018 Adam Doupé
最容易被破解的25個密碼.
Company Name | Phone Number | Website | Address
To Create ID on e-tendering Site Click “Register”
Authentication CSE 365 – Information Assurance Fall 2019 Adam Doupé
Presentation transcript:

1. password (Unchanged) (Down 6) (Unchanged)14. sunshine (Up 1) (Unchanged)15. master (Down 1) 4. abc123 (Up 1) (Up 4) 5. qwerty (Down 1)17. welcome (New) 6. monkey (Unchanged)18. shadow (Up 1) 7. letmein (Up 1)19. ashley (Down 3) 8. dragon (Up 2)20. football (Up 5) (Up 3)21. jesus (New) 10. baseball (Up 1)22. michael (Up 2) 11. iloveyou (Up 2)23. ninja (New) 12. trustno1 (Down 3)24. mustang (New) 25. password1 (New) compiled from files containing millions of stolen passwords posted online by hackers.

Copyright Pearson Prentice-Hall

Copyright Pearson Prentice-Hall Password Length in Characters Low Complexity: Alphabetic, No Case (N=26) Alphabetic, Case-Sensitive (N=52) Alphanumeric: Letters and Digits (N=62) High Complexity: All Keyboard Characters (N=80) ,7043,8446, ,9767,311,61614,776,33640,960, ,915,77619,770,609, ,800,235, E E E E E E E E E+19 Note: On average, an attacker will have to try half of all combinations.

Copyright Pearson Prentice-Hall

ItemMean Number of Sites105.7 Number of Unique IDs6.6 Number of Unique passwords4.7 Number of Unique log-in credentials11.8 ID re-use ratio19.1 Password re-use ratio29.2 Log-in credentials re-use10.5 % of used unique log-in credentials45.6%

ItemMean Inclusiveness0.94Use the same log-in credentials Largest component nd largest component (cumulative) 3 rd largest component (cumulative) Vulnerability Index most frequently used log-in combinations use in 81% of sites vs unique log-in credentials VI = expected proportion of sites subject to potential breaches if a breach at one site occurs Larger values of VI indicate higher levels of vulnerability

Fixes: Binding Mechanisms Allow a new site/app to remind in the future to update my credentials Secure Defaults I say use a password manger User Friendliness Make credentials easier for humans Face recognition vs character string memorization Incentives Discount for using strong passwords Costs for not – Why are CC companies responsible for your lack of a strong password?

Use Password Manager 1Password Roboform Password Based Key Derivation Function Version 2 (PBKDFV2) Systems using PBKDFV2 Copyright Pearson Prentice-Hall

Copyright Pearson Prentice-Hall

Copyright Pearson Prentice-Hall

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.