Password security
1 / 21

Password Security - PowerPoint PPT Presentation

  • Uploaded on

Password Security. Everything (well… a lot, anyway) you didn’t know, or want to, but really actually need to. Quote of the Day:. Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.”

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Password Security' - avent

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Password security

Password Security

Everything (well… a lot, anyway) you didn’t know, or want to, but really actually need to.

Quote of the day
Quote of the Day:

  • Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.”

    • Clifford Stoll- astronomer, author, and the first to utilize “digital forensics” successfully

In a world

  • Where you don’t have any access to your online life, how would you cope? What would you miss the most?

Recent major security breaches
Recent Major Security Breaches

  • Lulz Security hacks Sony Pictures website

    • Releases 50,00 users’ information

  • Rouge members of hacker-collective Anonymous hack Playstation Network and Quiriocity

    • All user information made available

  • LulzSec strikes Sony again with and exploit of the PSN password reset solution URL

    • Prevents owner of account from fixing prior hack

LulzSec logo

So what can i do to make sure my information is safe
So… What can I do to make sure my information is safe?

  • In the case of the URL exploit and hacks, very little

    • These were simple errors made by Sony techs; a (technologically speaking) basic error was made in each case.

Password security

  • Anything involving the internet is inherently more risky then anything not leaving your computer.

  • Passwords are the front line of defense.

  • Most people’s are not strong enough to withstand a brute-force database attack; today we are going to look at how best to strengthen our passwords

Concern it s too easy to hack a password
CONCERN: It’s too easy to hack a password then anything not leaving your computer.

This is true… but only IF the password is weak.

Password security

FOR EXAMPLE: then anything not leaving your computer.

  • CHS defaults to using “panthers” as the password for any accounts made by the school.

  • If this is left unchanged for too long the security of the account would be compromised.

  • This password only contains lowercase letters; introducing a variety of characters, such as “Panthers,” or, even better, “PaNtHeRs,” increases the password strength considerably.

Question does it matter if 2 people use the same password
QUESTION: Does it matter if 2+ people use the same password then anything not leaving your computer.

  • Only if that same password is overly simple or obvious.

  • For the Pokemon Tower Defense game, 2000 accounts share the password of “pokemon.” Though trivial in this case, matching application and password is an awful habit to develop.

  • If 2+ people shared the password “ILikeCheezBurgurz” as their password for their bank account, the odds of this being an issue are significantly lower (though this is still not the best password one could use… more on that shortly).

Question how secure are passwords really
QUESTION: How secure are passwords, really? then anything not leaving your computer.

  • In terms of their strength; as secure as you make them.

  • In terms of their safety; as secure as the site’s database security, and as secure as you physically make them.

Question are there ways to get into my accounts without my password
QUESTION: are there ways to get into my accounts without my password?

  • If the database storing your information is compromised then yes, it is possible.

  • These attacks are less frequent then brute-force attempts for a single users password, and more far reaching- many people will be affected at the same time as you are.

Password security
Is it possible for passwords to be stolen if your computer is infected with a virus or does not have a firewall?


  • Viruses can check your browsers saved passwords, log keystrokes, or send your data to places other then where you think you are sending them.

  • Firewalls prevent people from accessing your computer remotely, and using encrypted internet access prevents data sniffing to discover your information.

To protect your information
To protect your information: is infected with a virus or does not have a firewall?

  • Use a STRONG password

  • Keep your password safe

  • Be smart when using the internet

The accounts i have behind passwords are unimportant why should i care
The accounts I have behind passwords are unimportant; why should I care?

  • These accounts are tied to your email- which you probably use for a very long time to come.

  • Many people reuse passwords across sites; a breach in one site could then lead to total loss of security across all sites.

Password importance ctnd
Password importance ctnd should I care?

  • Those passwords could be, or could at least lead, a hacker to your password for your bank account later in life.

  • Preparing now with good habits and solid defenses that will be effective in the future when your life and livelihood are shielded by a password will help prevent crippling identity theft and related troubles later in life.

What constitutes a strong password
What constitutes a strong password? should I care?

  • Paradoxically, the strongest password you can have is the one you cannot remember.

  • Software solutions exist to this end- anything else is probably not feasible as it would be inherently less secure (i.e. writing your password down on a piece of paper and putting it next to your computer.

Software solution
Software solution? should I care?

  • lets you register an account and, behind a super-strong password you create, hides your other passwords for access to any sites you use.

  • Includes a password generator, produces passwords you do not have to remember that are very strong

  • One password to remember, accessible from anywhere.

How do i create a strong password
How do I create a strong password? should I care?

  • Utilize different characters

    • i.e. symbols, numbers and upper/lower case numbers

  • Avoid standard patterns

    • Most passwords using capital letters have them as the first character and last; mix this up and capitalize other letters instead

Strong password creation ctnd
Strong Password Creation ctnd. should I care?

  • Use multiple “phrases” instead of a single idea password

    • Instead of “iLoveMyDog2002” (perhaps 2002 is the year you got your dog?) use “1994ILoveMyDog2002” (possibly the year of your birth)

    • This maintains the “memorality” of the password for yourself while making it more difficult to brute-force guess the code as it does not follow a single logical progression

How long should my password be
How long should my password be? should I care?

  • According to recent studies performed at the Georgia Tech Research Institute, due to modern hardware power- specifically within the GPU- any password with less then 12 characters is far too weak, and should be changed as soon as possible.

Exit activity
Exit Activity should I care?

  • Using what has been discussed in this power point, on your own (for security’s sake!) come up with a memorable but strong password. If possible, avoid writing it down.