|
 |
Password Security
|
|
|
|
 |
I had a listener ask about securing his Wi-fi router and how easily his passwords could be cracked.
|
|
|
|
|
I didn't really know about how easily a password could be cracked, so I looked into it.
|
|
|
|
|
Basic router security
|
|
|
|
|
Enable encryption. WPA2 is best, but anything is better than nothing, even if barely.
|
|
|
|
|
Turn off SSID broadcasting
|
|
|
|
|
Consider MAC address filtering
|
|
|
|
|
Use a secure password
|
|
|
|
|
Building a better password
|
|
|
|
|
Microsoft have a great site on Online Safety and Privacy education
|
|
|
|
|
An ideal password is long and has letters, punctuation, symbols, and numbers.
|
|
|
|
|
Use at least 14 characters or more.
|
|
|
|
|
Avoid using dictionary words in any language.
|
|
|
|
|
Avoid Words spelled backwards, common misspellings, and abbreviations.
|
|
|
|
|
Don't use sequences or repeated characters or patterns. Also avoid adjacent letters on your keyboard.
|
|
|
|
|
Don't use personal information as a basis for your password. Things like your name, birthday, or driver's license number.
|
|
|
|
|
How to build a secure password
|
|
|
|
|
Start with a phrase that's at least 10 words
|
|
|
|
|
Something meaningful and memorable to you
|
|
|
|
|
If it is relevant to the site that can help
|
|
|
|
|
"Google is great for looking stuff up on the web. I love it."
|
|
|
|
|
Turn the sentence into letters
|
|
|
|
|
GIGFLSUOTWILI
|
|
|
|
|
Capitalize letters that are in the 1st half of the alphabet. (up to letter M)
|
|
|
|
|
GIGFLsuotwILI
|
|
|
|
|
Add 2 numbers that mean something to you
|
|
|
|
|
GIGFLsuotw47ILI
|
|
|
|
|
Add symbols and punctuation to beginning and end
|
|
|
|
|
$GIGFLsuotw47ILI?
|
|
|
|
|
Keep passwords safe
|
|
|
|
|
You can write down passwords but you need to keep them locked away and safe
|
|
|
|
|
Never allow passwords to go over the internet in clear text
|
|
|
|
|
Don't log-in when on an open wi-fi hotspot
|
|
|
|
|
Includes using apps, opening and downloading email that's not using SSL, etc.
|
|
|
|
|
Make sure connects are using SSL. "the lock" and verify the certificate (click the lock)
|
|
|
|
|
Never send passwords through email and don't store in email accounts.
|
|
|
|
|
Use SFTP if possible.
|
|
|
|
|
Don't log-in on OPC's (Other people's computers). They could be compromised. Have key loggers, etc.
|
|
|
|
|
Keep passwords to yourself. If you need to give someone you trust access temporarily change your password and then give them that one. Then change it back.
|
|
|
|
|
Use different passwords. The more the better. Ideally a different password for everything.
|
|
|
|
|
Password management
|
|
|
|
|
1Password is da bomb. Just USD $39.95
|
|
|
|
|
Store passwords, software licenses, secure notes, etc.
|
|
|
|
|
All data encrypted on a file using AES 128-bit encryption. Syncs to everything.
|
|
|
|
|
When you sign up for a site
|
|
|
|
|
Control + Click in the password field and choose to have 1 password generate and fill in a strong password
|
|
|
|
|
After you submit it slides down a tool bar at the top of the window to save the data to 1Password.
|
|
|
|
|
Next time you visit the site click the 1Password icon in the toolbar, it recognizes that site and gives you a link to log-in.
|
|
|
|
|
Just enter your 1 master password once and then you are logged in.
|
|
|
|
|
Closing
|
|
|
|
|
Priority to your emails.
|
|
|
|
|
Hotline: 281-622-4269
|
|
|
|
|
ideas for topics, subjects you'd like covered, etc.
|
|
|
|