Presentation is loading. Please wait.

Presentation is loading. Please wait.

User Management: Passwords cs3353. Passwords Policy: “Choose a password you can’t remember and don’t write it down”

Published byLester O’Brien’ Modified over 9 years ago

Similar presentations

Presentation on theme: "User Management: Passwords cs3353. Passwords Policy: “Choose a password you can’t remember and don’t write it down”"— Presentation transcript:

1 User Management: Passwords cs3353

2 Passwords Policy: “Choose a password you can’t remember and don’t write it down”

3 Passwords Of the 200 most common passwords, at least one was used at every site tested [Grampp & Morris].

4 Passwords Users will spare no creativity when it comes to working against the password policy

5 Making a Secure Password User practice (in general): – Users don’t like long passwords – Users don’t like to type complex character strings – Users don’t like to change their passwords often

6 Making Secure Passwords User behavior requires the SA to create a set of enforceable guidelines for password creation.

7 Making a Secure Password Use a combination of characters that includes: – Digits – Punctuation marks – Alphabet letters – Possibly other special characters?

8 Making a Secure Password Passwords to exclude: – Proper nouns – Dictionary words from any language – Consecutive letters or digits

9 Making a Secure Password Require passwords to be changed occasionally: – Example: Once per year Set the rules on minimum and maximum password lengths: – minimum is 6-10 characters (is 6 is too short?) – maximum is 16-32 characters – Some password applications have limits on password length

10 Making a Secure Password The longer and more complex the password, the harder it is to crack. – Long complex passwords are difficult to remember and difficult to type.

11 Password Experiment A: Control group – choose any password you like. B: Passphrase group – use a passphrase C: Random P-word group – random characters are used.

12 Password Experiment The successful cracking rate was: – A = 30% – B = 10% – C = 10%

13 Password Experiment Forgetting your password – Groups A and B had the same rate – Group C had a significantly higher rate, and were more likely to record their password somewhere.

14 Making a Secure Password There are websites that rate password strength, but be careful how you use such a site.

15 Making a Secure Password Methods – Formula: Prefix Infix Postfix – Catch-phrase Use the first letter of each word in an easy to remember catch-phrase.

16 Making a Secure Password Formula Example – Prefix: – Infix: – Postfix: Bank password example: per$wgh29_BoO per=personal $ and_ are the field separators wgh = Warren G. Harding, 29 th president of US BoO = Bank of Oklahoma

17 Making a Secure Password Catch phrase: – Admiral Nelson defeats French at Trafalgar. Becomes the password: Ad.NlsnD3fF@T

Download ppt "User Management: Passwords cs3353. Passwords Policy: “Choose a password you can’t remember and don’t write it down”"

Similar presentations

Point3r$. Password Introduction Passwords are a key part of any security system : –Work or Personal Strong passwords make your personal and work.

Point3r$. Password Introduction Passwords are a key part of any security system : –Work or Personal Strong passwords make your personal and work.
Password Cracking Lesson 10. Why crack passwords?

Password Cracking Lesson 10. Why crack passwords?
Password Policy: Update Recommendations Identity & Access Management Committee September, 2012.

Password Policy: Update Recommendations Identity & Access Management Committee September, 2012.
Team: SuperBad Cats MSIT 458 – Dr. Chen Authentication through Password Protection.

Team: SuperBad Cats MSIT 458 – Dr. Chen Authentication through Password Protection.
Password Security An overview. We need your help The IT department uses the latest technology and techniques to maintain the highest level of security.

Password Security An overview. We need your help The IT department uses the latest technology and techniques to maintain the highest level of security.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
College of Information Technology & Design

College of Information Technology & Design
Matt Weir, Sudhir Aggarwal, Michael Collins, Henry Stern Presented by Erik Archambault.

Matt Weir, Sudhir Aggarwal, Michael Collins, Henry Stern Presented by Erik Archambault.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
1. 2 Overview of AT&T EPIC Ordering Process for SUS (Supply Order) Suppliers 1.AT&T User creates shopping cart on internal web-based portal 2.Shopping.

1. 2 Overview of AT&T EPIC Ordering Process for SUS (Supply Order) Suppliers 1.AT&T User creates shopping cart on internal web-based portal 2.Shopping.
ASCII and Unicode. ASCII Inside a computer, EVERYTHING is a number – that includes music, sound, and text. In the early days of computers, every manufacturer.

ASCII and Unicode. ASCII Inside a computer, EVERYTHING is a number – that includes music, sound, and text. In the early days of computers, every manufacturer.
Strong Passwords How to make your passwords work for you…. Linda A. LeBlanc IT Security Support IS&T.

Strong Passwords How to make your passwords work for you…. Linda A. LeBlanc IT Security Support IS&T.
Text passwords Hazim Almuhimedi. Agenda How good are the passwords people are choosing? Human issues The Memorability and Security of Passwords Human.

Text passwords Hazim Almuhimedi. Agenda How good are the passwords people are choosing? Human issues The Memorability and Security of Passwords Human.
Creating STRONGCreating STRONGPasswords. CREATING STRONG PASSWORDSCREATING STRONG PASSWORDS A strong password is an important part of keeping your information.

Creating STRONGCreating STRONGPasswords. CREATING STRONG PASSWORDSCREATING STRONG PASSWORDS A strong password is an important part of keeping your information.
To navigate through this slideshow, use the arrow keys on your keyboard to go forward or backward.  or  Use your mouse to click to the next step within.

To navigate through this slideshow, use the arrow keys on your keyboard to go forward or backward.  or  Use your mouse to click to the next step within.
Password Management PA Turnpike Commission

Password Management PA Turnpike Commission
Chapter The Basics of Counting 5.2 The Pigeonhole Principle

Chapter The Basics of Counting 5.2 The Pigeonhole Principle
CIS 450 – Network Security Chapter 8 – Password Security.

CIS 450 – Network Security Chapter 8 – Password Security.
Database Security John Ortiz. Lecture 23Database Security2 Secure Passwords  Two main requirements for choosing a secure password:  1) MUST be easy.

Database Security John Ortiz. Lecture 23Database Security2 Secure Passwords  Two main requirements for choosing a secure password:  1) MUST be easy.
Adrian Ellison Assistant Director, IT Services Wednesday 23 November 2011.

Adrian Ellison Assistant Director, IT Services Wednesday 23 November 2011.

Similar presentations

Ads by Google