1 / 25

Password Best Practices

Password Best Practices. Rumplestilskin. Open Sesame. abracadabra. “password”. Presented by John Welle. Password Best Practices. Your Money. Your Reputation. Password Best Practices. Top Secret.

manny
Download Presentation

Password Best Practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Password Best Practices Rumplestilskin Open Sesame abracadabra “password” Presented by John Welle

  2. Password Best Practices Your Money Your Reputation

  3. Password Best Practices Top Secret Source: http://gizmodo.com/5615939/thirty+year+old-encryption-formula-can-resist-quantum+computing-attacks-that-defeat-all-common-codes

  4. Password Best Practices

  5. Password Best Practices

  6. Password Best Practices

  7. Password Best Practices Do we see a pattern??? Username & Password

  8. Password Best Practices The big confusion… E-Mail as Username

  9. Password Best Practices So… let’s pick… a good… password

  10. Password Best Practices Best practice #1 password length How about a 1 letter password? 2 15 3

  11. Password Best Practices Best practice #2 password “complexity” Lowercase:abcdefghijklmnopqrstuvwxyz • Uppercase:ABCDEFGHIJKLMNOPQRSTUVWXYZ Numbers: 0123456789 • “Special Characters”: ~!@#$%^&*()_+`-=[]{}\|;:<>,./? 26 +26 +10 +33 =95

  12. Password Best Practices Best practice #3 password “weirdness” Brute Force attacks vs. Dictionary attacks

  13. Password Best Practices Best practice #3 password “weirdness” Brute Force Dictionary aaa aab aac … zzy zzz ant cat hat … zip zoo

  14. password1 Password Best Practices master 123456 000000 shadow 123456789 1234 1234567890 football monkey 123123 welcome letmein jesus 111111 sunshine 654321 1234567 qwerty aaaaaa trustno1 baseball iloveyou 12345678 dragon abc123 password

  15. Password Best Practices Best practice #4 password non-reuse What’s your Facebook password? What’s your Twitter password? What’s your Adobe.com password? …oh…no…

  16. Password Best Practices Examples:  password  uY8nn*[Qv9@ghr1  Mississippi  cat@Hat{993}  KEEP-SAFE=g00d

  17. Password Best Practices How do you remember fine passwords like: uY8nn*[Qv9@ghr1 and blueROOSTER=932 Write them down!

  18. Password Best Practices Old school: paper High-tech: password managers LastPass.com KeePass.info

  19. Password Best Practices Special topic: Look for https://

  20. Password Best Practices Special topic: E-Mail is not secure …it can be made secure with encryption, like Mailvelope. http://www.mailvelope.com/

  21. Password Best Practices Special Topic: Two-factor authentication “something you know” and “something you have” https://www.eff.org/deeplinks/2013/05/howto-two-factor-authentication-twitter-and-around-web

  22. Password Best Practices Special topic: Password Recovery Password Hints If you forget your password, you can recover it with a hint. But so can the bad guy…

  23. Password Best Practices Special topic: Social Engineering

  24. Password Best Practices Special topic: The NSA But it was all right, everything was all right, the struggle was finished. He had won the victory over himself. He loved the NSA.

  25. Password Best Practices Handout and Questions Your Money Your Reputation

More Related