25/10/20151
Passwords are high value targets 2,000,000 passwords stolen from Facebook, Twitter and Google The Independent, 5 December 2013 Stolen Facebook and Yahoo passwords dumped online BBC News, 4 December 2013 Racing Post Breached: Users' Passwords Stolen Infosecurity Magazine, 25 November 2013 Did your Adobe password leak? Now you and 150m others can check The Guardian, 7 November 2013
How are passwords stolen? Password crackingPhishingMalware VIRUS
Password mistakes Pet’s name Significant dates Child’s name Favourite football team Partner’s name Place of birth Username Password password Qwerty Photoshop John Smith
Don’t make it easy! Names, dictionary words or acronyms in any language A word with a number after it (e.g. password1) Logical number replacements for letters in a word (e.g. pa55w0rd) Keyboard patterns (e.g. qwertyuiop or poiuytrewq) Sequential numbers (e.g or ) Your username Words that could be guessed easily by researching your life
Embed Animation
How to create a strong password 1 Use at least eight characters, preferably more 2 Use UPPER CASE and lower case letters 3 Use letters, numbers and special characters 4 Make it look like a random configuration 5 Use a passphrase
How to create a passphrase Take the initial letters 2 Substitute some of the letters for logical numbers 3 Add logical special characters I E C 4 L £ F 4 Vary the letter case I e c 4 L £ f 5 “I Eat Fish And Chips For Lunch Every Friday” 1 Think of a phrase IEFACFLEF I E F A C 4 L E F £ e c f
How to protect your passwords Never share your password Never reuse old passwords Never use the same password for different systems or devices Never allow websites to remember your password Change default passwords immediately Passwords can only be stored in an encrypted file Change your password every 90 days Passwords are classified Strictly Confidential
Mobile device passwords and PINs Make it appear random Never use sequences (e.g. 1234, 9876, etc.) Never use sequential numbers (e.g. 0000, 9999, etc.) Passwords and PINs must be at least four characters long
Compromised password? Contact the IT Helpdesk immediately Change your password immediately Use Password Manager to protect your passwords
To take away... Your passwords are extremely valuable Create strong passwords Never share your password Passwords can only be stored in an encrypted format Never use the same password for different systems or devices Report compromised passwords to the IT Helpdesk immediately
Thank you!