passwords, passwords and more passwords
TRANSCRIPT
Tips and Tricks September 2017
David Shinkfield
Computer Learning Center at Ewing
September 2017
ProgramWhy we need better passwords
Ways to create better passwords
Using a Password Manager
The Threats to Internet Security Every second, 8 new users are joining the internet
Every year, 2 billion records lost or stolen
Every day,
250,000 new pieces of malware
30,000 new infected web sites. 80% for small businesses
Where is all this coming from
80% from organized and ultra sophisticated international gangs
One of the largest illegal economies in the World - $445 billion – larger than the GDP of 160 nations
James Lyne and Caleb Barlow
What Protection do we have?
Passwords•We need strong passwords•We need different
passwords for each site we visit
A Great TED Talk
James Lyne: Everyday cybercrime --and what you can do about it
https://youtu.be/fSErHToV8IU
The 25 most common passwords in 2016 123456
123456789
qwerty
12345678
111111
1234567890
1234567
password
123123
987654321
qwertyuiop
mynoob
123321
666666
18atcskd2w
7777777
1q2w3e4r
654321
555555
3rjs1la7q
1q2w3e4r5t
123qwe
zxcvbnm
1q2w3e
ProgramWhy we need better passwords
Ways to create better passwords
Using a Password Manager
NIST Recommendations The National Institute of Standards and Technology is
about to make all of our lives much easier. The organization recently revised its guidelines for creating passwords, and the new advice sharply diverges from previous rules.
NIST suggests keeping passwords simple, long and memorable. Phrases, lowercase letters and typical English words work well. If you can picture it in your head, and no one else could, that's a good password.
Changing passwords every 90 days unnecessary
NIST Recommendations
correcthorsebatterystaple
An Alternative ApproachCreate a phrase in your head, that no one else can, that's a good password.
Eg.
I am an Eagles fan, and I go to all the games
IaaEf,aIgtatg
Creating a (Bad)Password
Creating a (Bad) Password
Creating a (Good) Password
Creating a (Good) Password
How to Pick a Password Don't re-use passwords. One ultra-secure one won't be
any good if someone finds it
While combining upper and lower case passwords with numbers to alter a memorable word is often advised, these are more easily cracked than you might think
Good advice is to make a long but memorable "passphrase". String a few words together that you can remember with a visual. "puffineatingbanana" is easy to remember but would take millions of years for a computer to crack
How to Pick a Password Alternatively, you can use a password manager such as
LastPass or KeePass, which can generate secure passwords and store them online
The best way to protect yourself is to use two-factor authentication, which will send a text with a code or use an app to verify your log-in
ProgramWhy we need better passwords
Ways to create better passwords
Using a Password Manager
What is Last Pass and KeePassThe password manager lives in your browser and acts a digital gatekeeper, filling in your login info when you need to get on a certain site. You just have to remember one (very secure!) master password for the manager itself, and everything else is taken care of for you.
KeePass
KeePass
Installing LastPass - Chrome
Installing LastPass - Chrome
Installing LastPass - Chrome
Installing LastPass - Chrome
LastPass
LastPass
LastPass-Where are my passwords now?Your Passwords are in your browser
Your Passwords are stored in a file on your computer or in the Cloud
You’ve written down your passwords in a notebook
LastPass – How to get Passwords into LastPass Import /Export. This is the easiest way by far to get
started
As you Browse. Just go about your business normally, and when you get the chance to enter a password online, your manager will pop up and ask if you want to save it. However: if you’re perma-logged in to lots of accounts, you’ll need to log out and log back in to upload your passwords this way.
Enter Manually. Each password manager has a clear way to enter new credentials. Get copying.
clcewing.org
clcewing.org