Presentation is loading. Please wait.

Presentation is loading. Please wait.

1. password (Unchanged)13. 1234567 (Down 6) 2. 123456 (Unchanged)14. sunshine (Up 1) 3. 12345678 (Unchanged)15. master (Down 1) 4. abc123 (Up.

Published byEsther Mavis Young Modified over 9 years ago

Similar presentations

Presentation on theme: "1. password (Unchanged)13. 1234567 (Down 6) 2. 123456 (Unchanged)14. sunshine (Up 1) 3. 12345678 (Unchanged)15. master (Down 1) 4. abc123 (Up."— Presentation transcript:

1

2

3

4

5

6 1. password (Unchanged)13. 1234567 (Down 6) 2. 123456 (Unchanged)14. sunshine (Up 1) 3. 12345678 (Unchanged)15. master (Down 1) 4. abc123 (Up 1)16. 123123 (Up 4) 5. qwerty (Down 1)17. welcome (New) 6. monkey (Unchanged)18. shadow (Up 1) 7. letmein (Up 1)19. ashley (Down 3) 8. dragon (Up 2)20. football (Up 5) 9. 111111 (Up 3)21. jesus (New) 10. baseball (Up 1)22. michael (Up 2) 11. iloveyou (Up 2)23. ninja (New) 12. trustno1 (Down 3)24. mustang (New) 25. password1 (New) compiled from files containing millions of stolen passwords posted online by hackers.

7

8 *eight hundred thirty nine quadrillion, two hundred ninety nine trillion, three hundred sixty five billion, eight hundred sixty eight million, three hundred forty thousand, two hundred twenty four

9 Copyright Pearson Prentice-Hall 2010 9

10

11

12

13

14

15 15

16

17

18

19

20

21

22 ItemMean Number of Sites105.7 Number of Unique IDs6.6 Number of Unique passwords4.7 Number of Unique log-in credentials11.8 ID re-use ratio19.1 Password re-use ratio29.2 Log-in credentials re-use10.5 % of used unique log-in credentials45.6%

23

24

25 ItemMean Inclusiveness0.94Use the same log-in credentials Largest component0.54 2 nd largest component0.180.72 (cumulative) 3 rd largest component0.090.81 (cumulative) Vulnerability Index0.38 3 most frequently used log-in combinations use in 81% of sites vs. 11.8 unique log-in credentials VI = expected proportion of sites subject to potential breaches if a breach at one site occurs Larger values of VI indicate higher levels of vulnerability

26

27

28

29

30 Basic8Survey Password must have a minimum of 8 characters 18 bits of entropy To link your survey response Basic8 Password must have a minimum of 8 characters To update from e-mail breach Basic16 Password must have a minimum of 16 characters 30 bits of entropy To update from e-mail breach Dictionary8 Password must have a minimum of 8 characters Password can NOT be a dictionary word 24 bits of entropy To update from e-mail breach Comprehensive8 Password must have a minimum of 8 characters Password can NOT be a dictionary word Must have 1 upper, 1 lower, 1 numerical, 1 special character Must not contain a dictionary word 30 bits of entropy To Update from e-mail breach

31

32 Fixes: Binding Mechanisms Allow a new site/app to remind in the future to update my credentials Secure Defaults I say use a password manger User Friendliness Make credentials easier for humans Face recognition vs character string memorization Incentives Discount for using strong passwords Costs for not – Why are CC companies responsible for your lack of a strong password?

33 Use Password Manager 1Password Roboform Password Based Key Derivation Function Version 2 (PBKDFV2) Systems using PBKDFV2 Copyright Pearson Prentice-Hall 2010 33

34 Copyright Pearson Prentice-Hall 2009 34

35 Copyright Pearson Prentice-Hall 2010 35

36

37

38

39 39

40

41

42

43

44

45

46 "There [were] a lot of variations of the word pass and root and also hax was used many times, but if I omit one common 4- letter word, the most frequently used word in this dictionary is hack," Hýža wrote. "It is worth mentioning that many PHP shells I analysed had only default passwords like r57, c99, password or yourpass." http://arstechnica.com/security/2014/06/its-official-malicious-hackers-have-crappy-password-hygiene-too/

47

Download ppt "1. password (Unchanged)13. 1234567 (Down 6) 2. 123456 (Unchanged)14. sunshine (Up 1) 3. 12345678 (Unchanged)15. master (Down 1) 4. abc123 (Up."

Similar presentations

MATH DRILLS. 376 three hundred seventy-six 508 five hundred eight.

MATH DRILLS. 376 three hundred seventy-six 508 five hundred eight.
Written Numbers Write the numeral for each written number.

Written Numbers Write the numeral for each written number.
Authentication and Constructing Strong Passwords.

Authentication and Constructing Strong Passwords.
Understanding Place Value.

Understanding Place Value.
Welcome to the Wonderful World of ….

Welcome to the Wonderful World of ….
Understanding Numbers.

Understanding Numbers.
Becoming More Secure Online: Passwords & Social networking Walid Al-Saqaf For the Workshop: Secure Information Gathering, Storing, and Sharing Istanbul,

Becoming More Secure Online: Passwords & Social networking Walid Al-Saqaf For the Workshop: Secure Information Gathering, Storing, and Sharing Istanbul,
13. 1234567 (Down 6) 14. sunshine (Up 1) 15. master (Down 1) 16. 123123 (Up 4) 17. welcome (New) 18. shadow (Up 1) 19. ashley (Down 3) 20. football.

(Down 6) 14. sunshine (Up 1) 15. master (Down 1) (Up 4) 17. welcome (New) 18. shadow (Up 1) 19. ashley (Down 3) 20. football.
Copyright Pearson Prentice-Hall 2010 2 3 Password Length in Characters Low Complexity: Alphabetic, No Case (N=26) Alphabetic, Case-Sensitive (N=52) Alphanumeric:

Copyright Pearson Prentice-Hall Password Length in Characters Low Complexity: Alphabetic, No Case (N=26) Alphabetic, Case-Sensitive (N=52) Alphanumeric:
13. 1234567 (Down 6) 14. sunshine (Up 1) 15. master (Down 1) 16. 123123 (Up 4) 17. welcome (New) 18. shadow (Up 1) 19. ashley (Down 3) 20. football.

(Down 6) 14. sunshine (Up 1) 15. master (Down 1) (Up 4) 17. welcome (New) 18. shadow (Up 1) 19. ashley (Down 3) 20. football.
Birmingham News Sunday October 28, 2012  password1.

Birmingham News Sunday October 28, 2012  password1.
Numbers ZERO 0 ONE 1 TWO 2 THREE 3 FOUR 4 FIVE 5.

Numbers ZERO 0 ONE 1 TWO 2 THREE 3 FOUR 4 FIVE 5.
Powerpoint Jeopardy Whole NumbersForms Whole Numbers Ordering Whole Numbers DecimalsOrdering Decimals Numbers 10 20 30 40 50.

Powerpoint Jeopardy Whole NumbersForms Whole Numbers Ordering Whole Numbers DecimalsOrdering Decimals Numbers
1. password (Unchanged)13. 1234567 (Down 6) 2. 123456 (Unchanged)14. sunshine (Up 1) 3. 12345678 (Unchanged)15. master (Down 1) 4. abc123 (Up.

1. password (Unchanged) (Down 6) (Unchanged)14. sunshine (Up 1) (Unchanged)15. master (Down 1) 4. abc123 (Up.
UNDERSTANDING NUMERALS TO HUNDRED MILLION. The third period in our number system is MILLIONS ONES __ __ __, THOUSANDS ___ ___ ___, MILLIONS ___ ___ __,,

UNDERSTANDING NUMERALS TO HUNDRED MILLION. The third period in our number system is MILLIONS ONES __ __ __, THOUSANDS ___ ___ ___, MILLIONS ___ ___ __,,
Place value Reading and writing numbers to 9,999 Exit.

Place value Reading and writing numbers to 9,999 Exit.
David Wigley HCC Security Architect Security Trends for 2016.

David Wigley HCC Security Architect Security Trends for 2016.
1. password (Unchanged)13. 1234567 (Down 6) 2. 123456 (Unchanged)14. sunshine (Up 1) 3. 12345678 (Unchanged)15. master (Down 1) 4. abc123 (Up.

1. password (Unchanged) (Down 6) (Unchanged)14. sunshine (Up 1) (Unchanged)15. master (Down 1) 4. abc123 (Up.
1. password (Unchanged)13. 1234567 (Down 6) 2. 123456 (Unchanged)14. sunshine (Up 1) 3. 12345678 (Unchanged)15. master (Down 1) 4. abc123 (Up.

1. password (Unchanged) (Down 6) (Unchanged)14. sunshine (Up 1) (Unchanged)15. master (Down 1) 4. abc123 (Up.
Strong Passwords Get back, you hacker!. Wimpy Passwords Pet names Nicknames Things people can guess Dictionary Personal info.

Strong Passwords Get back, you hacker!. Wimpy Passwords Pet names Nicknames Things people can guess Dictionary Personal info.

Similar presentations

Ads by Google