Presentation is loading. Please wait.

Presentation is loading. Please wait.

Strong : Do You Really Need Them? October 30, 2013.

Published byDamian Charles Modified over 9 years ago

Similar presentations

Presentation on theme: "Strong : Do You Really Need Them? October 30, 2013."— Presentation transcript:

1 Strong P@$$w0rd$ : Do You Really Need Them? October 30, 2013

2 History of computer passwords – who dunnit first? Do you really need them? A user’s perspective A hacker’s perspective – the world of hackers, password crackers. It’s just ‘business’, ‘ hacktivism’ or ‘for fun’ Who’s winning? – Users or the hackers? Strong passwords are long passwords (phrases) Use two-factor authentication when available – example Google offers it as an option Make it ‘not worth the effort’ for the hacker When things go wrong Presentation Overview

3 Fernando Corbató at MIT in the 1960s. Was MIT's CTSS computer the first one to use passwords? Photo Courtesy : MIT Museum Who dunnit first?

4 Strong passwords – do you really need them ? You need passwords – That serve the purpose to keep your information safe – Keeps you at the end of the hackers’ list – Help keep your data secure – Help keep you safe – Phrases – Randomness – Nonsensical – Use words from a language other than English – Use unique passwords for different sites

5 What data should you be worried about protecting? Examples: Medical – diagnosis, prescriptions, insurance Financial – credit report, credit card, bank account information, payroll Personal – wills, inheritance, family heirloom data (historical letters) Informational – location, vacation itineraries Identity – SSN, Name Intellectual – innovations, research, creativity

6 You are the target ScamMitigate the Risk Brute forcing the passwordStrong password – keeps you at the end of the hack-able list Guessing attackStrong password – you are not the low hanging fruit Social engineeringThe ‘attacker’ can’t read your mind PhishingDo not give out your username and password to Anyone, no matter what the circumstances be Coding practicesOWASP, training Patch and updatePatches and updates fix bugs and remediate known vulnerabilities EncryptionUse password vaults – such as KeePass

7 Too many passwords Strong passwords are hard to remember I should not need to change my passwords Inconvenience Is there an easier way to handle this? It ( compromise) won’t happen to me A user’s perspective

8 Simple passwords are easy to crack Motivation - Am I doing this for money, ideology or just fun? Is this victim a one-time opportunity, persistent ‘home’ or resale-able goods? A hacker’s perspective

9 Mitigate risk with minimum inconvenience to the user What is at stake? – personal safety, reputation, revenue, fines Technology helps, but nothing beats user awareness A security professional’s perspective

10 How can you protect your data? People Process Technology

11 Be aware that data.. –Is interconnected –Identifies you –Impacts you and others –A strong password and being vigilant is your strongest line of defense

12 Who is winning? http://www.privacyrights.org/data-breach

13 Strong Passwords are Long Passwords Use passphrases and not simple, predictable passwords Use nonsensical combination of words, numbers and special characters NEVER share your username and password with anyone Learn to recognize phishing –Who sent it –What is being asked, –Hover the Links to verify legitimacy before clicking – Report to abuse@gwu.eduabuse@gwu.edu http://phishesdotnet.blogspot.com/ Use a password vault like KeePass, SplashID etc. – ( Mac OSX : http://www.keepassx.org/downloads, Windows : http://keepass.info/ ) http://www.keepassx.org/downloadshttp://keepass.info/ Change your passwords – reasonable duration for the type of data that password protects Personal Safety First, Information Security a close second Use two-factor, two-step authentication when available Make it ‘not worth the effort for the hacker’ When things go wrong, report it to the IT Support Center or email abuse@gwu.eduabuse@gwu.edu

14 Presented by: Noor Aarohi Senior Analyst - Risk and Compliance GWIT Information Security and Compliance Services infosec@gwu.edu 703-726-3664

Download ppt "Strong : Do You Really Need Them? October 30, 2013."

Similar presentations

Point3r$. Password Introduction Passwords are a key part of any security system : –Work or Personal Strong passwords make your personal and work.

Point3r$. Password Introduction Passwords are a key part of any security system : –Work or Personal Strong passwords make your personal and work.
Surfing the net: Ways to protect yourself. Internet Safety Look into safeguarding programs or options your online service provider might offer. Look into.

Surfing the net: Ways to protect yourself. Internet Safety Look into safeguarding programs or options your online service provider might offer. Look into.
ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.

Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.
Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.

Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.
Authentication and Constructing Strong Passwords.

Authentication and Constructing Strong Passwords.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
Computer Viruses.

Computer Viruses.
IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.

IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.
October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.

October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
How to Login into SSA ?. Home Page https://ssa.mahindrasatyam.com Click on My Profile.

How to Login into SSA ?. Home Page Click on My Profile.
INTERNET SAFETY FOR STUDENTS

INTERNET SAFETY FOR STUDENTS
Information Assurance Outreach. Overview Survey Results Password Security E-mail Safety Internet Privacy Social Media Privacy and Safety Technology Demonstration.

Information Assurance Outreach. Overview Survey Results Password Security Safety Internet Privacy Social Media Privacy and Safety Technology Demonstration.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
How to Create (and use) Strong & Unique Passwords Larry Magid Co-director ConnectSafely.org.

How to Create (and use) Strong & Unique Passwords Larry Magid Co-director ConnectSafely.org.
Password Management Programs By SIR Phil Goff, Branch 116 Area 2 Computers and Technology April 18, 2013 1.

Password Management Programs By SIR Phil Goff, Branch 116 Area 2 Computers and Technology April 18,
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
KEEPING YOUR FAMILY SAFE ONLINE Tips from a Parent Who is Paid to be Paranoid Aaron Ades AVP Cybersecurity at MetLife and Parent of Two Children of the.

KEEPING YOUR FAMILY SAFE ONLINE Tips from a Parent Who is Paid to be Paranoid Aaron Ades AVP Cybersecurity at MetLife and Parent of Two Children of the.

Similar presentations

Ads by Google