Password Security & Management
-
Upload
jezmynne-dene -
Category
Education
-
view
349 -
download
2
description
Transcript of Password Security & Management
![Page 1: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/1.jpg)
Jezmynne Dene Portneuf District Library
Password Security & Management
Jezmynne Dene, MLIS
Portneuf District Library
Chubbuck, Idaho
![Page 2: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/2.jpg)
Jezmynne Dene Portneuf District Library
Why Be Worried?
• Hacks happen. To everyone.
![Page 3: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/3.jpg)
Jezmynne Dene Portneuf District Library
Who Hacks?
• Overseas syndicates
• Bored kids
![Page 4: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/4.jpg)
Jezmynne Dene Portneuf District Library
General Security Tips
• It’s gonna happen – not a matter of “if” but “when”
• Bad guys chase the path of least resistance
–Make it just difficult enough to make it not worth their time
![Page 5: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/5.jpg)
Jezmynne Dene Portneuf District Library
General Security Tips
• Update and patch everything
– Especially Flash and Java
• Remove what you don’t use
• Change your passwords frequently
![Page 6: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/6.jpg)
Jezmynne Dene Portneuf District Library
General Security Tips
• Redundant backups
– Local hard drives
–Remote service, like Carbonite or similar
• Don’t use remote wipe options
–Hackers can wipe out all your stuff if they access your devices remotely
![Page 7: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/7.jpg)
Jezmynne Dene Portneuf District Library
Social Engineering
• By far the easiest way to hack
• Using your info against you
• A good guess will get a hacker into your stuff
![Page 8: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/8.jpg)
Jezmynne Dene Portneuf District Library
Social Engineering
• Use false personal data for security questions
• Guard your data on websites and social networking
![Page 9: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/9.jpg)
Jezmynne Dene Portneuf District Library
Social Engineering
• Daisy chaining accounts
–Avoid having everything point to one email account for resets
• Usernames across services
–Vary usernames for important accounts, like banking or credit cards
![Page 10: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/10.jpg)
Jezmynne Dene Portneuf District Library
2 Factor ID
• Uses your login and something you have on you, like your phone, a biometric, a smart card, or a USB device
![Page 11: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/11.jpg)
Jezmynne Dene Portneuf District Library
Good Passwords
• “Sorry, but your password must contain an uppercase letter, a number, a punctuation mark, a gang sign, an extinct mammal and a hieroglyph” -- @StephBWright
![Page 12: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/12.jpg)
Jezmynne Dene Portneuf District Library
Good Passwords
• At least eight characters long
• Combination of numbers & letters
![Page 13: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/13.jpg)
Jezmynne Dene Portneuf District Library
Good Passwords
• Contains special characters
![Page 15: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/15.jpg)
Jezmynne Dene Portneuf District Library
Good Passwords
• No words found in the dictionary
![Page 16: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/16.jpg)
Jezmynne Dene Portneuf District Library
Good Passwords
• Avoid common styles
–Replacing numbers for vowels
–Capitalizing the first letter
–Putting a special character at the end
• If you’ve thought of a pattern, someone else has, too.
![Page 17: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/17.jpg)
Jezmynne Dene Portneuf District Library
Good Passwords
• Long Passwords
–A five letter password has 10 billion combinations and can be brute force cracked in five seconds
• 9 letters can’t be brute forced, but they’re vulnerable to rainbow tables
![Page 18: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/18.jpg)
Jezmynne Dene Portneuf District Library
Good Passwords
• Change them often. More often than you’d think.
– Set a calendar reminder
–Change one every day when it’s time to change
![Page 19: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/19.jpg)
Jezmynne Dene Portneuf District Library
Good Passwords
• Combination of numbers & letters
• Contains special characters
• No names
• No words found in the dictionary
• Never reused by other sites
![Page 20: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/20.jpg)
Jezmynne Dene Portneuf District Library
Good Passwords
• NEVER REUSED BY OTHER SITES.
• NEVER REUSED BY OTHER SITES. !!!!!!!!
• !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
![Page 21: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/21.jpg)
Jezmynne Dene Portneuf District Library
That’s eleventy billion different passwords I have to remember!!!!
![Page 22: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/22.jpg)
Jezmynne Dene Portneuf District Library
Password Managers
• Software that manages multiple passwords
• Encrypted and secure
• Passwords are always with you
• Can auto log into websites
• Many work with tablets and mobile devices
• Keeps a record of accounts
![Page 23: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/23.jpg)
Jezmynne Dene Portneuf District Library
Password Managers
• How do they work?
– Secured data file, usually on your device or computer
– Some are web based
– Some require a token
![Page 24: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/24.jpg)
Jezmynne Dene Portneuf District Library
Password Managers
• Pros
–Creates & manages complex and unique passwords
–Only one password to remember
–Bypasses keylogging software
–Helps against phishing, because it’ll spot fake URLs
![Page 25: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/25.jpg)
Jezmynne Dene Portneuf District Library
Password Managers
• Cons
– If someone gets your one password, all is lost.
– If you don’t have your key or app, you’ll have to reset your password to get into your accounts.
![Page 26: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/26.jpg)
Jezmynne Dene Portneuf District Library
Password Managers
• Good for you, and good for your library
![Page 34: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/34.jpg)
Jezmynne Dene Portneuf District Library
Password Management Security
• Specify logins by country
• Disallow Tor network logins
• Track logins and shares
• Drill down master password prompts
– Every login? Every change? You decide
![Page 35: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/35.jpg)
Jezmynne Dene Portneuf District Library
Other Features
• Support for multiple profiles
• Supports multiple identities
–Work, personal, school
• Saves credit card information
• Saves bank information
• Last Pass offers credit monitoring
![Page 36: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/36.jpg)
Jezmynne Dene Portneuf District Library
Other Password Managers
• RoboForm
• Iron Key Personal
• Splash ID
• Dashline
• Msecure (Security Everywhere)
• KeePass
• Direct Pass
• Norton Identity Safe
• MyLok+
![Page 38: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/38.jpg)
Jezmynne Dene Portneuf District Library
Business Solutions
• Some offer business options perfect for libraries
• Last Pass - $24 per employee per year
![Page 39: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/39.jpg)
Jezmynne Dene Portneuf District Library
To Sum:
• General Security
–Make it hard enough to make it not worth their time
–Remove apps/programs and kill accounts you don’t use
–Change your passwords frequently
![Page 40: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/40.jpg)
Jezmynne Dene Portneuf District Library
To Sum:
• General Security
–Run your updates and patches
–Redundant back ups
–Be cautious and don’t leave your stuff lying around, physical or digital
![Page 41: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/41.jpg)
Jezmynne Dene Portneuf District Library
To Sum:
• Social engineering
–Use fake personal data
–Vary usernames
–Don’t link everything to one email address
–Be very mindful of sharing your personal data
![Page 42: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/42.jpg)
Jezmynne Dene Portneuf District Library
To Sum:
• 2 factor ID
– Turn it on if it’s an option, and it’s a high target site like Facebook , Twitter, or Gmail
![Page 43: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/43.jpg)
Jezmynne Dene Portneuf District Library
To Sum:
• Good passwords
–Numbers, letters, and caps
– Special characters
–Make ‘em long
–Change ‘em often
–NEVER REUSE THEM. EVER.
![Page 44: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/44.jpg)
Jezmynne Dene Portneuf District Library
To Sum:
• Try password managing tools
–Decide which meets your personal and library needs
–Ask how they maintain security of your data
–Use trials to get the best fit
![Page 45: Password Security & Management](https://reader034.fdocuments.net/reader034/viewer/2022051109/547a3d98b4af9fb9158b4a8c/html5/thumbnails/45.jpg)
Jezmynne Dene Portneuf District Library
Be Safe Out There!
Thank you!
Jezmynne Dene, MLIS
Portneuf District Library
Chubbuck, Idaho