SlideShare una empresa de Scribd logo

Online Self Defense - Passwords

Descargar como PPTX, PDF
Barry Caplin
Barry Caplin

Passwords are the main authentication method used for internet sites and applications. But passwords get stolen and have many weaknesses Here are tips you can use at home and at work to protect your information.

Tecnología
1 de 14
Online Self-Defense: Passwords bcaplin1@fairview.org bc@bjb.org @bcaplin http://about.me/barrycaplin http://securityandcoffee.blogspot.com Barry Caplin Chief Information Security Official Fairview Health Services
Passwords Why Are They A Problem? • Hard to remember • Hard to enter • Need too many • Inconsistent Rules • Changes
How Passwords Work • Site saves encrypted pw • At login – enter pw – it’s encrypted and compared to stored value • Some sites: Don’t encrypt well Don’t encrypt at all!
And Passwords Get Stolen It was a busy year
And Bad Choices Are Made
How Passwords Get Stolen • Phishing or… • Site attacked – many methods • Encrypted pw file downloaded (should be more difficult!) • Over time, attackers crack the file • What does that get them?
• Avg. web user has: 25 separate accounts but 6.5 unique passwords  password reuse – not good • So… Passwords
Password Self-Defense Tips for Home: 1. Choose good (long) passwords 2. Don’t reuse passwords 3. Use a Password Vault 4. Only enter on secure sites
Password Self-Defense 5. Care with “secret” questions 6. Care with linking accounts 7. Login notifications 8. 2-step authentication 9. Use separate email addresses
Password Self-Defense Tips for the Office: 1. No one will ask for your password 2. Choose a good (long) password 3. Follow the policy 4. Don’t use a work password on a non-work system
Handouts • Password Self-Defense tips and resources Password Self-Defense
Tips 1. Don’t reuse passwords The average online user needs passwords for 25 different websites and services, but uses only 6.5 different passwords. If one site gets compromised it can expose your password for another (perhaps more important) site. 2. Only enter on secure sites Look for https:// in the address bar and a lock symbol to assure your passwords are kept confidential when traveling across the Internet. 3. Login notifications Some sites will let you know when you last logged in, or if it looks like your account was logged in to from another country. Some sites allow you to block this. 4. Choose good (long) passwords Length is more important than complexity! Choose 16-20 or longer length passwords if available. You can use all letters (upper and lower) if you are using 20 or more characters.
Tips 5. Vault it Password vaults are a great way to store all your passwords. Make sure you choose a good long master password and don’t forget it! Some great password vaults include: LastPass, 1Password, PasswordSafe and KeePass. 6. Care with “secret” questions Many sites use “secret” questions to help identify you if you forget your password. Choose questions and answers that people can’t just look up on Facebook! Your place of birth, high school mascot, and other common information are not good choices. Or… you could provide fake answers to common questions. Just be sure you know what answers you give! 7. Care with linking accounts Don’t just log into every site using your Facebook or Twitter logins (when available). If either of those accounts get compromised you could lose a lot more than just the one (or two) accounts).
Tips8. Write down your passwords What??? You were always told to not do that! Well, you’re best option is using a password vault, but you can write down your passwords. Here are the “rules”: don’t write down what they’re for; keep them with your money (you already know how to protect that!), and; for extra credit – insert “fake” characters into the password – these are extra characters you know aren’t really part of the password but someone else would not. 9. 2-step authentication Google (google authenticator), ebay, paypal, dropbox, facebook and other sites now allow 2-factor or 2-step authentication. It’s a bit more complicated to set up but definitely worth it. See the individual sites for info. 10. Use separate email addresses If you use the same email account to associate with all your online accounts, then a hacker can own you online by compromising that email account. For instance, most online sites will send a confirmation email to your associated address if a change is made or to process a password change. If you can use different email addresses, then having one compromised won’t affect all your other online accounts.

Recomendados

What Is A Web Browser
What Is A Web BrowserWhat Is A Web Browser
What Is A Web Browserkevpatel
 
Safety social media for positive social change
Safety social media for positive social changeSafety social media for positive social change
Safety social media for positive social changeMoses Ngeth
 
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...Start Pad
 
CC DMCA for IMT550
CC DMCA for IMT550CC DMCA for IMT550
CC DMCA for IMT550Brian Rowe
 
Cyber Security for Everybody
Cyber Security for EverybodyCyber Security for Everybody
Cyber Security for Everybodyavahe
 
Social engineering final
Social engineering finalSocial engineering final
Social engineering finalSheikhMohammadRafay
 
Btc autopilot | Bitcoin hack | Automatic BTC generator
Btc autopilot | Bitcoin hack | Automatic BTC generatorBtc autopilot | Bitcoin hack | Automatic BTC generator
Btc autopilot | Bitcoin hack | Automatic BTC generatorArhaam
 
Web security for app developers
Web security for app developersWeb security for app developers
Web security for app developersPablo Gazmuri
 

Recomendados

What Is A Web Browser
What Is A Web BrowserWhat Is A Web Browser
What Is A Web Browserkevpatel
 
Safety social media for positive social change
Safety social media for positive social changeSafety social media for positive social change
Safety social media for positive social changeMoses Ngeth
 
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...Start Pad
 
CC DMCA for IMT550
CC DMCA for IMT550CC DMCA for IMT550
CC DMCA for IMT550Brian Rowe
 
Cyber Security for Everybody
Cyber Security for EverybodyCyber Security for Everybody
Cyber Security for Everybodyavahe
 
Social engineering final
Social engineering finalSocial engineering final
Social engineering finalSheikhMohammadRafay
 
Btc autopilot | Bitcoin hack | Automatic BTC generator
Btc autopilot | Bitcoin hack | Automatic BTC generatorBtc autopilot | Bitcoin hack | Automatic BTC generator
Btc autopilot | Bitcoin hack | Automatic BTC generatorArhaam
 
Web security for app developers
Web security for app developersWeb security for app developers
Web security for app developersPablo Gazmuri
 
Password management
Password managementPassword management
Password managementWilmington University
 
How to Protect Yourself From Heartbleed Security Flaw
How to Protect Yourself From Heartbleed Security FlawHow to Protect Yourself From Heartbleed Security Flaw
How to Protect Yourself From Heartbleed Security FlawConnectSafely
 
How to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsHow to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsConnectSafely
 
Don't Forget Your (Virtual) Keys: Creating and Using Strong Passwords
Don't Forget Your (Virtual) Keys: Creating and Using Strong PasswordsDon't Forget Your (Virtual) Keys: Creating and Using Strong Passwords
Don't Forget Your (Virtual) Keys: Creating and Using Strong Passwordsrmortiz66
 
Getting authentication right
Getting authentication rightGetting authentication right
Getting authentication rightAndre N. Klingsheim
 
W make107
W make107W make107
W make107Greg in SD
 
Honeywords - BSides London 2014
Honeywords - BSides London 2014Honeywords - BSides London 2014
Honeywords - BSides London 2014Gavin Holt
 
Protect Your Business With Web Security
Protect Your Business With Web SecurityProtect Your Business With Web Security
Protect Your Business With Web SecurityHarrison Kenyon Marketing
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewSTO STRATEGY
 
Defensive programing 101
Defensive programing 101Defensive programing 101
Defensive programing 101Niall Merrigan
 
Password Management
Password ManagementPassword Management
Password ManagementDavon Smart
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self DefenseBarry Caplin
 
How to choose a password that’s hard to crack
How to choose a password that’s hard to crackHow to choose a password that’s hard to crack
How to choose a password that’s hard to crackKlaus Drosch
 
Be Cyber Smart! (DLH 10/25/2019)
Be Cyber Smart! (DLH 10/25/2019)Be Cyber Smart! (DLH 10/25/2019)
Be Cyber Smart! (DLH 10/25/2019)David Herrington
 
S01.L07 - Creating Strong Passwords
S01.L07 - Creating Strong PasswordsS01.L07 - Creating Strong Passwords
S01.L07 - Creating Strong Passwordsselcukca84
 
Cyber security
Cyber securityCyber security
Cyber securityJennie Sherkness
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Kimberley Dray
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewYury Chemerkin
 
Healing healthcare security
Healing healthcare securityHealing healthcare security
Healing healthcare securityBarry Caplin
 
It’s not If but When 20160503
It’s not If but When 20160503It’s not If but When 20160503
It’s not If but When 20160503Barry Caplin
 

Más contenido relacionado

Similar a Online Self Defense - Passwords

How to Protect Yourself From Heartbleed Security Flaw
How to Protect Yourself From Heartbleed Security FlawHow to Protect Yourself From Heartbleed Security Flaw
How to Protect Yourself From Heartbleed Security FlawConnectSafely
 
How to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsHow to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsConnectSafely
 
Don't Forget Your (Virtual) Keys: Creating and Using Strong Passwords
Don't Forget Your (Virtual) Keys: Creating and Using Strong PasswordsDon't Forget Your (Virtual) Keys: Creating and Using Strong Passwords
Don't Forget Your (Virtual) Keys: Creating and Using Strong Passwordsrmortiz66
 
Honeywords - BSides London 2014
Honeywords - BSides London 2014Honeywords - BSides London 2014
Honeywords - BSides London 2014Gavin Holt
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewSTO STRATEGY
 
Defensive programing 101
Defensive programing 101Defensive programing 101
Defensive programing 101Niall Merrigan
 
Password Management
Password ManagementPassword Management
Password ManagementDavon Smart
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self DefenseBarry Caplin
 
How to choose a password that’s hard to crack
How to choose a password that’s hard to crackHow to choose a password that’s hard to crack
How to choose a password that’s hard to crackKlaus Drosch
 
Be Cyber Smart! (DLH 10/25/2019)
Be Cyber Smart! (DLH 10/25/2019)Be Cyber Smart! (DLH 10/25/2019)
Be Cyber Smart! (DLH 10/25/2019)David Herrington
 
S01.L07 - Creating Strong Passwords
S01.L07 - Creating Strong PasswordsS01.L07 - Creating Strong Passwords
S01.L07 - Creating Strong Passwordsselcukca84
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Kimberley Dray
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewYury Chemerkin
 

Similar a Online Self Defense - Passwords (20)

Password management
Password managementPassword management
Password management
 
How to Protect Yourself From Heartbleed Security Flaw
How to Protect Yourself From Heartbleed Security FlawHow to Protect Yourself From Heartbleed Security Flaw
How to Protect Yourself From Heartbleed Security Flaw
 
How to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsHow to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique Passwords
 
Don't Forget Your (Virtual) Keys: Creating and Using Strong Passwords
Don't Forget Your (Virtual) Keys: Creating and Using Strong PasswordsDon't Forget Your (Virtual) Keys: Creating and Using Strong Passwords
Don't Forget Your (Virtual) Keys: Creating and Using Strong Passwords
 
Getting authentication right
Getting authentication rightGetting authentication right
Getting authentication right
 
W make107
W make107W make107
W make107
 
Honeywords - BSides London 2014
Honeywords - BSides London 2014Honeywords - BSides London 2014
Honeywords - BSides London 2014
 
Protect Your Business With Web Security
Protect Your Business With Web SecurityProtect Your Business With Web Security
Protect Your Business With Web Security
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of view
 
Defensive programing 101
Defensive programing 101Defensive programing 101
Defensive programing 101
 
Password Management
Password ManagementPassword Management
Password Management
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self Defense
 
How to choose a password that’s hard to crack
How to choose a password that’s hard to crackHow to choose a password that’s hard to crack
How to choose a password that’s hard to crack
 
Be Cyber Smart! (DLH 10/25/2019)
Be Cyber Smart! (DLH 10/25/2019)Be Cyber Smart! (DLH 10/25/2019)
Be Cyber Smart! (DLH 10/25/2019)
 
S01.L07 - Creating Strong Passwords
S01.L07 - Creating Strong PasswordsS01.L07 - Creating Strong Passwords
S01.L07 - Creating Strong Passwords
 
Cyber security
Cyber securityCyber security
Cyber security
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of view
 

Más de Barry Caplin

Healing healthcare security
Healing healthcare securityHealing healthcare security
Healing healthcare securityBarry Caplin
 
It’s not If but When 20160503
It’s not If but When 20160503It’s not If but When 20160503
It’s not If but When 20160503Barry Caplin
 
Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Barry Caplin
 
It’s not if but when 20160503
It’s not if but when 20160503It’s not if but when 20160503
It’s not if but when 20160503Barry Caplin
 
Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Barry Caplin
 
CISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusCISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusBarry Caplin
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?Barry Caplin
 
Bullying and Cyberbullying
Bullying and CyberbullyingBullying and Cyberbullying
Bullying and CyberbullyingBarry Caplin
 
3 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-133 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-13Barry Caplin
 
Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Barry Caplin
 
Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityBarry Caplin
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
Stuff my ciso says
Stuff my ciso saysStuff my ciso says
Stuff my ciso saysBarry Caplin
 
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?Barry Caplin
 
Toys in the office 11
Toys in the office 11Toys in the office 11
Toys in the office 11Barry Caplin
 
Accidental Insider
Accidental InsiderAccidental Insider
Accidental InsiderBarry Caplin
 
Teens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksTeens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksBarry Caplin
 
Laws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refsLaws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refsBarry Caplin
 
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refsLaws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refsBarry Caplin
 

Más de Barry Caplin (20)

Healing healthcare security
Healing healthcare securityHealing healthcare security
Healing healthcare security
 
It’s not If but When 20160503
It’s not If but When 20160503It’s not If but When 20160503
It’s not If but When 20160503
 
Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16
 
It’s not if but when 20160503
It’s not if but when 20160503It’s not if but when 20160503
It’s not if but when 20160503
 
Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!
 
CISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusCISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from Venus
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?
 
Bullying and Cyberbullying
Bullying and CyberbullyingBullying and Cyberbullying
Bullying and Cyberbullying
 
3 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-133 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-13
 
Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Tech smart preschool parent 2 13
Tech smart preschool parent 2 13
 
Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG Security
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization Imperitive
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization Imperitive
 
Stuff my ciso says
Stuff my ciso saysStuff my ciso says
Stuff my ciso says
 
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
 
Toys in the office 11
Toys in the office 11Toys in the office 11
Toys in the office 11
 
Accidental Insider
Accidental InsiderAccidental Insider
Accidental Insider
 
Teens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksTeens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social Networks
 
Laws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refsLaws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refs
 
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refsLaws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
 

Último

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 

Último (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 

Online Self Defense - Passwords

  • 2. Passwords Why Are They A Problem? • Hard to remember • Hard to enter • Need too many • Inconsistent Rules • Changes
  • 3. How Passwords Work • Site saves encrypted pw • At login – enter pw – it’s encrypted and compared to stored value • Some sites: Don’t encrypt well Don’t encrypt at all!
  • 4. And Passwords Get Stolen It was a busy year
  • 5. And Bad Choices Are Made
  • 6. How Passwords Get Stolen • Phishing or… • Site attacked – many methods • Encrypted pw file downloaded (should be more difficult!) • Over time, attackers crack the file • What does that get them?
  • 7. • Avg. web user has: 25 separate accounts but 6.5 unique passwords  password reuse – not good • So… Passwords
  • 8. Password Self-Defense Tips for Home: 1. Choose good (long) passwords 2. Don’t reuse passwords 3. Use a Password Vault 4. Only enter on secure sites
  • 9. Password Self-Defense 5. Care with “secret” questions 6. Care with linking accounts 7. Login notifications 8. 2-step authentication 9. Use separate email addresses
  • 10. Password Self-Defense Tips for the Office: 1. No one will ask for your password 2. Choose a good (long) password 3. Follow the policy 4. Don’t use a work password on a non-work system
  • 11. Handouts • Password Self-Defense tips and resources Password Self-Defense
  • 12. Tips 1. Don’t reuse passwords The average online user needs passwords for 25 different websites and services, but uses only 6.5 different passwords. If one site gets compromised it can expose your password for another (perhaps more important) site. 2. Only enter on secure sites Look for https:// in the address bar and a lock symbol to assure your passwords are kept confidential when traveling across the Internet. 3. Login notifications Some sites will let you know when you last logged in, or if it looks like your account was logged in to from another country. Some sites allow you to block this. 4. Choose good (long) passwords Length is more important than complexity! Choose 16-20 or longer length passwords if available. You can use all letters (upper and lower) if you are using 20 or more characters.
  • 13. Tips 5. Vault it Password vaults are a great way to store all your passwords. Make sure you choose a good long master password and don’t forget it! Some great password vaults include: LastPass, 1Password, PasswordSafe and KeePass. 6. Care with “secret” questions Many sites use “secret” questions to help identify you if you forget your password. Choose questions and answers that people can’t just look up on Facebook! Your place of birth, high school mascot, and other common information are not good choices. Or… you could provide fake answers to common questions. Just be sure you know what answers you give! 7. Care with linking accounts Don’t just log into every site using your Facebook or Twitter logins (when available). If either of those accounts get compromised you could lose a lot more than just the one (or two) accounts).
  • 14. Tips8. Write down your passwords What??? You were always told to not do that! Well, you’re best option is using a password vault, but you can write down your passwords. Here are the “rules”: don’t write down what they’re for; keep them with your money (you already know how to protect that!), and; for extra credit – insert “fake” characters into the password – these are extra characters you know aren’t really part of the password but someone else would not. 9. 2-step authentication Google (google authenticator), ebay, paypal, dropbox, facebook and other sites now allow 2-factor or 2-step authentication. It’s a bit more complicated to set up but definitely worth it. See the individual sites for info. 10. Use separate email addresses If you use the same email account to associate with all your online accounts, then a hacker can own you online by compromising that email account. For instance, most online sites will send a confirmation email to your associated address if a change is made or to process a password change. If you can use different email addresses, then having one compromised won’t affect all your other online accounts.