passwords and digital safety
Post on 18-Oct-2014
839 views
DESCRIPTION
Password Safety Tips from the University of TexasTRANSCRIPT
Passwords
Information quoted directly and paraphrased from “Security Awareness” from the University of Texas at
Austin’s Information Technology Serviceshttp://www.utexas.edu/its/secure/articles/keep_safe_with_strong_passwords.php
presents:
To protect your computer, your data and your online accounts, make a strong password your first line of defense.
Flickr CC Photo by Bruno Santos: http://www.flickr.com/photos/bsantos/50283672Flickr CC Photo by Bruno Santos: http://www.flickr.com/photos/bsantos/50283672
Info from University of Texas at Austin’s Information Technology ServicesInfo from University of Texas at Austin’s Information Technology Services
Most people know that strong passwords are a good idea, but don’t realize hackers are becoming increasingly sophisticated at password “cracking.”
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/1750378617
Info from University of Texas at Austin’s Information Technology Services
You have to change your password frequently, and stay aware of what techniques hackers are using to steal passwords, if you want to stay ahead of the bad guys.
Flickr CC Photo by Pieter Ouwerkerk: http://www.flickr.com/photos/pieterouwerkerk/699483014
Info from University of Texas at Austin’s Information Technology Services
Internet security is based on a “weakest link” principle, and passwords are often the only thing standing between a hacker and access to your computer or a campus network.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/2379761338
Info from University of Texas at Austin’s Information Technology Services
If your password is weak, you make it easier for
someone to break in.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/2379761338
Info from University of Texas at Austin’s Information Technology Services
Hackers make their livelihood by automating Hackers make their livelihood by automating ways to continually search out the weakest ways to continually search out the weakest link to gain access to a network or computer. link to gain access to a network or computer.
Don’t let your password be the weak link!Don’t let your password be the weak link!
Flickr CC Photo by Treyvor Leyenhorst: http://www.flickr.com/photos/10213764@N02/1485773850Info from University of Texas at Austin’s Information Technology Services
There are real consequences to not having a strong password.
If someone steals your password, they may find a way to access your e-mail or IM messages, your bank accounts, your research, your contact lists and whatever else you have on your computer.
Flickr CC Photo by Angel Arcones: http://www.flickr.com/photos/freddy-click-boy/3303542092
Info from University of Texas at Austin’s Information Technology Services
Your files may be altered or destroyed. Sometimes hackers even take over a computer and turn it into a zombie, using it to perform malicious tasks such as sending out large amounts of spam.
Flickr CC Photo by Thomas Hawk: http://www.flickr.com/photos/thomashawk/362270357
Info from University of Texas at Austin’s Information Technology Services
How Passwords Are Stolen
When you are creating a strong password, it can help to know the tactics hackers use to steal them.
The following are some of the most frequently used techniques:
Guessing Programs designed to guess a user’s password are
common. They often use personal information found online—such as names, birth dates, names of friends or significant others, pet names or license plate numbers—as a starting point.
These programs can even search for a word spelled backwards.
STOLEN
?
Flickr CC Photo by Eric Schmuttenmaer: http://www.flickr.com/photos/akeg/2175038829
Info from University of Texas at Austin’s Information Technology Services
TIP: It’s best to steer clear of any personally identifying information when creating a password.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/397004234
Info from University of Texas at Austin’s Information Technology Services
Dictionary-based attacks
Programs and software also exist that run every word in a dictionary or word list against a user name in hopes of finding a perfect match.
Flickr CC Photo by David Glover: http://www.flickr.com/photos/davidglover/4269594949
Info from University of Texas at Austin’s Information Technology Services
TIP: Staying away from actual words, even in a foreign language, is recommended.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/397004234
Info from University of Texas at Austin’s Information Technology Services
By trying every conceivable combination of key strokes in tandem with a user name, brute force attacks often discover the correct password.
Programs can execute a brute force attack very quickly.
“Brute Force” attacks
Flickr CC Photo by Alex Eylar: http://www.flickr.com/photos/hoyvinmayvin/4687336568
Info from University of Texas at Austin’s Information Technology Services
TIP: The best way to beat such an attack is with a long, complex password that uses upper and lower case letters, numbers, special characters and punctuation marks.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/397004234
Info from University of Texas at Austin’s Information Technology Services
Phishing
Phishing scams usually try to hook you with an urgent IM or e-mail message designed to alarm or excite you into responding.
These messages often appear to be from a friend, bank or other legitimate source directing you to phony Web sites designed to trick you into providing personal information, such as your user name and password.
Flickr CC Photo by Widjaya Ivan: http://www.flickr.com/photos/28288673@N07/6457165789 Info from University of Texas at Austin’s Information Technology Services
TIP: Don’t click a link in any suspicious e-mails, and don’t provide your information unless you trust the source.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/397004234
Info from University of Texas at Austin’s Information Technology Services
“Shoulder surfing”
Passwords are not always stolen online. A hacker who is lurking around in a computer lab, cybercafé or library may be there for the express purpose of watching you enter your user name and password into a computer.
Flickr CC Photo by tanakawho: http://www.flickr.com/photos/28481088@N00/425099204
Info from University of Texas at Austin’s Information Technology Services
TIP: Try to enter your passwords quickly, without looking at the keyboard, as a defense against this type of theft.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/397004234
Info from University of Texas at Austin’s Information Technology Services
Tips for Creating and Using Safe Passwords
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/688068169
Info from University of Texas at Austin’s Information Technology Services
Use BOTH upper- and lower-case letters.
Flickr CC Photo by Nina Stössinger: http://www.flickr.com/photos/ninastoessinger/4179518104Flickr CC Photo by Nina Stössinger: http://www.flickr.com/photos/ninastoessinger/4179518104
Info from University of Texas at Austin’s Information Technology ServicesInfo from University of Texas at Austin’s Information Technology Services
Place numbers and punctuation marks randomly in your password.
Flickr CC Photo by Lali Masriera: http://www.flickr.com/photos/visualpanic/856235055
Info from University of Texas at Austin’s Information Technology Services
Make your password long and complex, so it is hard to crack. Between 8 to 20 characters long is recommended.
Flickr CC Photo by Jason Pearce: http://www.flickr.com/photos/jasonpearce/4750110576
Info from University of Texas at Austin’s Information Technology Services
Use one or more of these special characters:
! @ # $ % * ( ) - + = , < > : : “ ‘
Info from University of Texas at Austin’s Information Technology Services
To help you easily remember your password, consider using a phrase or a song title as a password. For example, “Somewhere Over the Rainbow” becomes “Sw0tR8nBO” or “Smells Like Teen Spirit” becomes “sMll10nspT.”
Flickr CC Photo by marc falardeau: http://www.flickr.com/photos/49889874@N05/6101434856Flickr CC Photo by marc falardeau: http://www.flickr.com/photos/49889874@N05/6101434856Info from University of Texas at Austin’s Information Technology ServicesInfo from University of Texas at Austin’s Information Technology Services
Make your password easy to type quickly. This will make it harder for someone looking over your shoulder to steal it.
Flickr CC Photo by Chris Metcalf: http://www.flickr.com/photos/laffy4k/441037582
Info from University of Texas at Austin’s Information Technology Services
Create different passwords for different accounts and applications.
That way, if one account is breached, your other accounts won’t be put at risk too.
Using your password safely
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/1454251440
Info from University of Texas at Austin’s Information Technology Services
Change your passwords regularly, about once every six months.
(Daylight Savings Time?)
Flickr CC Photo by Eliazar Parra Cardenas: http://www.flickr.com/photos/eliazar/407591133
Info from University of Texas at Austin’s Information Technology Services
Don’t share your password with anyone else. Once it’s out of your control, so is your security.
Flickr CC Photo by Mike Fernwood: http://www.flickr.com/photos/ultimateslug/326930489
Info from University of Texas at Austin’s Information Technology Services
Never enable the “Save Password” option, even if prompted to do so.
Pre-saved passwords make it easy for anyone else using your computer to access your accounts.
http://www.rhsmith.umd.edu/portal/portal_help.html
Info from University of Texas at Austin’s Information Technology Services
Be especially careful about saving passwords in web browsers.
http://www.webdevelopersnotes.com/how-do-i/clear-browsing-data-google-chrome.php
Never walk away from a shared computer without logging off. This will ensure no other users can access your accounts.
Flickr CC Photo by Totumweb: http://www.flickr.com/photos/totumweb/5601416590
Info from University of Texas at Austin’s Information Technology Services
Don’t use sample passwords given on different Web sites, including this one.
“Somewhere Over the Rainbow” becomes “Sw0tR8nBO” or “Smells Like Teen Spirit” becomes “sMll10nspT.”
Info from University of Texas at Austin’s Information Technology Services