Passphrases presentation rev1
•Descargar como PPTX, PDF•
1 recomendación•346 vistas
This document discusses replacing passwords with passphrases and how passphrases provide stronger security than typical passwords. It notes that a passphrase like "Cafeteria fish sticks are awesome!" containing 5 words and 34 characters would take over 35.64 billion trillion centuries to crack, whereas a typical 8 character password can now be cracked in under 90 seconds using cloud computing resources. The document recommends using passphrases that are at least 15 characters long, include a variety of words, uppercase and lowercase letters, and are easy for the user to remember to provide strong security for accounts.
Recomendados
Más contenido relacionado
Similar a Passphrases presentation rev1
Similar a Passphrases presentation rev1 (16)
Último
Último (20)
Passphrases presentation rev1
- 1. Passphrases Replacing your passwords with passphrases
- 2. Rank these passwords by secureness • parkway • t3ach3r • h1ghSch@@l • Cafeteria fish sticks are awesome!
- 3. Ranked by security • Cafeteria fish sticks are awesome! • h1ghSch@@l • t3ach3r • parkway
- 4. How fast can they be cracked • parkway (regular word) ▫ Under one second P@rkw@y – 28 seconds • t3ach3r (some substitution) ▫ Under one minute T3ach3r12 – 3 minutes • h1ghSch@@l (capital, substitution, number, symbols) ▫ 1 week h1ghSch@@l!! – to over a year • Cafeteria fish sticks are awesome! (passphrase) ▫ 35.64 billion trillion centuries!
- 5. Great password was… • 8 characters long • 3 of 4 requirements ▫ Has uppercase letters ▫ Has lowercase letters ▫ Has a number in it ▫ Has punctuation or a symbol in it
- 6. Password cracking has advanced • Better cracking programs • Tons of dictionary files ▫ Available on internet for anyone to download • Brute force password cracking ▫ Try every character, number, and symbol combination until password is cracked
- 7. Amazon power… • The power of the cloud! • For $1.60 an hour I can have 8 3.0 GHZ servers at my disposal • Can process a billion password attempts per a second • At that speed a 8 character password can be brute forced in under 90 seconds
- 8. How do we fix it? • Replace passwords with passphrases ▫ Short sentences ▫ Using multiple non-connected words KittenFootballSnow Spaces or no spaces Some sites or systems may not support passwords with spaces or all the special characters available
- 9. What makes a good passphrase • At least 15 characters long ▫ The longer the better • Use what ever words you like • Make it easy to remember • Our example ▫ Cafeteria fish sticks are awesome! 5 words 34 characters with spaces Uppercase, lowercase letters, special character Easy to remember
- 10. What's next? • Technology evolves • Computers become faster • Better cracking methods • When passphrases are as bad passwords
- 11. Two factor authentication • Something you know, and something you have ▫ Have a pin texted to your phone that must be submitted to complete the login process Gmail Facebook Banks and finance sites
- 12. Questions?
- 13. Thank You!
Notas del editor
- Don’t use common dictionary words, names, phone numbers, etc…
- Estimated by website https://www.grc.com/haystack.htm
- Password security used to be!!!If it wasn’t in the dictionary you were golden!
- Better and more cracking programs, multi platform, Linux, PC, MAC
- Yay cloud!Sony play station breach traced to hackers using Amazon cloud services
- Can add complexityKittenFootballSnow22$
- Easy to remember is keyIf its hard to remember we will see sticky notes under keyboards and on monitors
- Keep adding to character length of password will not work
- Two factor or multi-factor could involve several different options