Passwords are high value targets
description
Transcript of Passwords are high value targets
20/04/23 1
Passwords are high value targets
2,000,000passwords stolen from Facebook,
Twitter and Google
The Independent, 5 December 2013
Stolen Facebookand Yahoo passwords
dumped onlineBBC News,
4 December 2013
Racing Post Breached: Users'
Passwords Stolen
Infosecurity Magazine, 25 November 2013
Did your Adobe password leak? Now
you and 150m others
can checkThe Guardian,
7 November 2013
How are passwords stolen?
Password cracking Phishing Malware
VIRUS
Password mistakes Pet’s name
Significant dates
Child’s name
Favourite football team
Partner’s name
Place of birth
Username
Password1234567123456123456789password12345678Qwerty111111123123Photoshop
John Smith
Don’t make it easy!
• Names, dictionary words or acronyms in any language
• A word with a number after it (e.g. password1)
• Logical number replacements for letters in a word (e.g. pa55w0rd)
• Keyboard patterns (e.g. qwertyuiop or poiuytrewq)
• Sequential numbers (e.g. 12345678 or 987654321)
• Your username
• Words that could be guessed easily by researching your life
Embed Animation
How to create a strong password
1
Use at least eight characters, preferably more
2
Use UPPER CASE and lower case
letters
3
Use letters, numbers
and special characters
4
Make itlook like
a random configuration
5
Use a
passphrase
How to create a passphrase
Take the initial letters 2
Substitute some of the letters for logical numbers
3
Add logical special characters I E F @ C 4 L £ F4
Vary the letter case I e F @ c 4 L £ f5
“I Eat Fish And Chips For Lunch Every Friday” 1Think of a phrase I E F A C F L E F
I E F A C 4 L E F4
@ £
e c f
How to protect your passwords
Never share your password Never reuse old passwords
Never use the same password for different systems or devices
Never allow websites to remember your password
Change default passwords immediately Passwords can only be stored in an encrypted file
Change your password every 90 daysPasswords are classified Strictly Confidential
Mobile device passwords and PINs
Make it appear random
Never use sequences (e.g. 1234, 9876, etc.)
Never use sequential numbers (e.g. 0000, 9999, etc.)
Passwords and PINs must be at least four characters long
Compromised password?
Contact the IT Helpdesk immediately
Change your password immediately
Use Password Manager to protectyour passwords
To take away...
Your passwords are extremely valuable
Create strong passwords
Never share your password
Passwords can only be stored in an
encrypted format
Never use the same password for different
systems or devices
Report compromised passwords to the IT
Helpdesk immediately
Thank you!