• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
NCompass Live: Password Management & Security
 

NCompass Live: Password Management & Security

on

  • 242 views

NCompass Live - March 12, 2014 ...

NCompass Live - March 12, 2014
http://nlc.nebraska.gov/ncompasslive/

How many passwords do you have to remember for your library? How many are for your own library accounts? How many are for the library’s databases or materials accounts? For social networking? Are these passwords secure? Safe? How many of those passwords must be shared with your coworkers? Libraries everywhere struggle with passwords every day, and security is always a concern. Attend this session to learn how to ensure your passwords are safe, secure, and easily managed.

Presenter: Jezmynne Dene, Director, Portneuf District Library, Chubbuck, Idaho.

Statistics

Views

Total Views
242
Views on SlideShare
242
Embed Views
0

Actions

Likes
0
Downloads
2
Comments
1

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-NonCommercial LicenseCC Attribution-NonCommercial License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • http://gg.gg/19qo2
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    NCompass Live: Password Management & Security NCompass Live: Password Management & Security Presentation Transcript

    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Security & Management Jezmynne Dene, MLIS Portneuf District Library Chubbuck, Idaho jezmynne.dene@portneuflibrary.org
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Why Be Worried? • Hacks happen. To everyone.
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Who Hacks? • Overseas syndicates • Bored kids
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org General Security Tips • It’s gonna happen – not a matter of “if” but “when” • Bad guys chase the path of least resistance –Make it just difficult enough to make it not worth their time
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org General Security Tips • Update and patch everything –Especially Flash and Java • Remove what you don’t use • Change your passwords frequently
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org General Security Tips • Redundant backups –Local hard drives –Remote service, like Carbonite or similar • Be careful with remote wipe options –Hackers can wipe out all your stuff if they access your devices remotely
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Social Engineering • By far the easiest way to hack • Using your info against you • A good guess will get a hacker into your stuff
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Social Engineering • Use false personal data for security questions • Guard your data on websites and social networking
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Social Engineering • Daisy chaining accounts –Avoid having everything point to one email account for resets • Usernames across services –Vary usernames for important accounts, like banking or credit cards
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org 2 Factor ID • Uses your login and something you have on you, like your phone, a biometric, a smart card, or a USB device
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • “Sorry, but your password must contain an uppercase letter, a number, a punctuation mark, a gang sign, an extinct mammal and a hieroglyph” -- @StephBWright
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • At least eight characters long • Combination of numbers & letters
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • Contains special characters
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • No names
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • No words found in the dictionary
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • Avoid common styles –Replacing numbers for vowels –Capitalizing the first letter –Putting a special character at the end • If you’ve thought of a pattern, someone else has, too.
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • Long Passwords –A five letter password has 10 billion combinations and can be brute force cracked in five seconds • 9 letters can’t be brute forced, but they’re vulnerable to rainbow tables
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • Change them often. More often than you’d think. –Set a calendar reminder –Change one every day when it’s time to change
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • Combination of numbers & letters • Contains special characters • No names • No words found in the dictionary • Never reused by other sites
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • NEVER REUSED BY OTHER SITES. • NEVER REUSED BY OTHER SITES. !!!!!!!! • !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org That’s eleventy billion different passwords I have to remember!!!!
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Managers • Software that manages multiple passwords • Encrypted and secure • Passwords are always with you • Can auto log into websites • Many work with tablets and mobile devices • Keeps a record of accounts
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Managers • How do they work? –Secured data file, usually on your device or computer –Some are web based –Some require a token
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Managers • Pros –Creates & manages complex and unique passwords –Only one password to remember –Bypasses keylogging software –Helps against phishing, because it’ll spot fake URLs
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Managers • Cons –If someone gets your one password, all is lost. –If you don’t have your key or app, you’ll have to reset your password to get into your accounts.
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Managers • Good for you, and good for your library
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Management Security • Specify logins by country • Disallow Tor network logins • Track logins and shares • Drill down master password prompts –Every login? Every change? You decide
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Other Features • Support for multiple profiles • Supports multiple identities –Work, personal, school • Saves credit card information • Saves bank information • Last Pass offers credit monitoring
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Other Password Managers • RoboForm • Iron Key Personal • Splash ID • Dashline • Msecure (Security Everywhere) • KeePass • Direct Pass • Norton Identity Safe • MyLok+
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org KeePass Roboform 1 Password SplashID
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Business Solutions • Some offer business options perfect for libraries • Last Pass - $24 per employee per year
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • General Security –Make it hard enough to make it not worth their time –Remove apps/programs and kill accounts you don’t use –Change your passwords frequently
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • General Security –Run your updates and patches –Redundant back ups –Be cautious and don’t leave your stuff lying around, physical or digital
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • Social engineering –Use fake personal data –Vary usernames –Don’t link everything to one email address –Be very mindful of sharing your personal data
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • 2 factor ID –Turn it on if it’s an option, and it’s a high target site like Facebook , Twitter, or Gmail
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • Good passwords –Numbers, letters, and caps –Special characters –Make ‘em long –Change ‘em often –NEVER REUSE THEM. EVER.
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • Try password managing tools –Decide which meets your personal and library needs –Ask how they maintain security of your data –Use trials to get the best fit
    • Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Be Safe Out There! Thank you! Jezmynne Dene, MLIS Portneuf District Library Chubbuck, Idaho Jezmynne.dene@portneuflibrary.org