AWS Community Day CPH - Three problems of Terraform
Passwords - Back to Basics!
1. Passwords – Back to Basics!
Michael McKinnon, AVG (AU/NZ) Security Advisor
mmckinnon@avg.com.au
An Avalanche Technology Group Company
2. What is a Password?
What should we aim for in a password?
• Should be easy to remember
• Should be hard to guess
2
3. World’s Top 10 Most Used Passwords
• 123456 • 12345
• 123456789 • Password123
• Password • 1234567
• 12345678 • abc123
• 654321 • Qwerty
3
4. Can someone guess your password?
• Favourite Football Team?
• Pet‟s Name?
• Family Members?
4
5. Rank these Password in order of Strength…
1. E56#av+Yb!
2. Password123
3. aaaaaAAAAA#####43 MOST SECURE
4. 123456
5. lucasjames
5
6. Why? Anatomy of a good Password
• The password: aaaaaAAAAA#####43
• It is 17 characters in length
• Contains upper and lowercase letters
• Contains numbers
• Contains the „#‟ symbol
• How many combinations?
• 72 combinations, 17 combinations long is 72^17
• That‟s 37 thousand billion billion billion combinations!!
6
7. The Golden Rules of Passwords
• Never, never, ever give your password to someone else!
• Absolute minimum of 10 characters
• Use a combination of different characters
• upper and lowercase (a – z, A – Z)
• at least one numeral ( 0 – 9 )
• at least one symbol ( !@#$%^&*()_+= )
• Password length is always better than randomness
• Must be easy to remember
7
8. Password Separation – Neat Tricks!
• Make new passwords for different accounts you access…
• Start with your “base” password (aaaaaAAAAA#####43)
• “Facebook” – you could take the letters “f” and “b” from Face
Book and create a new password:
• aaaaaAAAAA#####43fb
• “Twitter” – you could take the letters “t” and “r” from
Twitter and create another password:
• aaaaaAAAAA#####43tr
• Mix it up! Be Creative! Don‟t use these examples!
8
9. Thank You!
Summary:
1. Easy to remember
2. Size does matter
3. Separation is vital
Happy Strong Password Making
Michael McKinnon
AVG (AU/NZ) Security Advisor
mmckinnon@avg.com.au
9