Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Security &
Management
Jezmynne Dene, ML...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Why Be Worried?
• Hacks happen. To everyone.
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Who Hacks?
• Overseas syndicates
• Bored kids
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
General Security Tips
• It’s gonna happen – not ...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
General Security Tips
• Update and patch everyth...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
General Security Tips
• Redundant backups
–Local...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Social Engineering
• By far the easiest way to h...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Social Engineering
• Use false personal data for...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Social Engineering
• Daisy chaining accounts
–Av...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
2 Factor ID
• Uses your login and something you
...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• “Sorry, but your password must
...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• At least eight characters long
...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• Contains special characters
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• No names
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• No words found in the dictionary
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• Avoid common styles
–Replacing ...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• Long Passwords
–A five letter p...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• Change them often. More often t...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• Combination of numbers & letter...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• NEVER REUSED BY OTHER SITES.
• ...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
That’s eleventy
billion different
passwords I ha...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Managers
• Software that manages multip...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Managers
• How do they work?
–Secured d...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Managers
• Pros
–Creates & manages comp...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Managers
• Cons
–If someone gets your o...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Managers
• Good for you, and good for y...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Management Security
• Specify logins by...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Other Features
• Support for multiple profiles
•...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Other Password Managers
• RoboForm
• Iron Key Pe...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
KeePass Roboform
1 Password SplashID
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Business Solutions
• Some offer business options...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• General Security
–Make it hard enough ...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• General Security
–Run your updates and...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• Social engineering
–Use fake personal ...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• 2 factor ID
–Turn it on if it’s an opt...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• Good passwords
–Numbers, letters, and ...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• Try password managing tools
–Decide wh...
Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Be Safe Out There!
Thank you!
Jezmynne Dene, MLI...
Upcoming SlideShare
Loading in...5
×

NCompass Live: Password Management & Security

327

Published on

NCompass Live - March 12, 2014
http://nlc.nebraska.gov/ncompasslive/

How many passwords do you have to remember for your library? How many are for your own library accounts? How many are for the library’s databases or materials accounts? For social networking? Are these passwords secure? Safe? How many of those passwords must be shared with your coworkers? Libraries everywhere struggle with passwords every day, and security is always a concern. Attend this session to learn how to ensure your passwords are safe, secure, and easily managed.

Presenter: Jezmynne Dene, Director, Portneuf District Library, Chubbuck, Idaho.

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
327
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "NCompass Live: Password Management & Security"

  1. 1. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Security & Management Jezmynne Dene, MLIS Portneuf District Library Chubbuck, Idaho jezmynne.dene@portneuflibrary.org
  2. 2. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Why Be Worried? • Hacks happen. To everyone.
  3. 3. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Who Hacks? • Overseas syndicates • Bored kids
  4. 4. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org General Security Tips • It’s gonna happen – not a matter of “if” but “when” • Bad guys chase the path of least resistance –Make it just difficult enough to make it not worth their time
  5. 5. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org General Security Tips • Update and patch everything –Especially Flash and Java • Remove what you don’t use • Change your passwords frequently
  6. 6. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org General Security Tips • Redundant backups –Local hard drives –Remote service, like Carbonite or similar • Be careful with remote wipe options –Hackers can wipe out all your stuff if they access your devices remotely
  7. 7. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Social Engineering • By far the easiest way to hack • Using your info against you • A good guess will get a hacker into your stuff
  8. 8. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Social Engineering • Use false personal data for security questions • Guard your data on websites and social networking
  9. 9. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Social Engineering • Daisy chaining accounts –Avoid having everything point to one email account for resets • Usernames across services –Vary usernames for important accounts, like banking or credit cards
  10. 10. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org 2 Factor ID • Uses your login and something you have on you, like your phone, a biometric, a smart card, or a USB device
  11. 11. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • “Sorry, but your password must contain an uppercase letter, a number, a punctuation mark, a gang sign, an extinct mammal and a hieroglyph” -- @StephBWright
  12. 12. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • At least eight characters long • Combination of numbers & letters
  13. 13. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • Contains special characters
  14. 14. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • No names
  15. 15. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • No words found in the dictionary
  16. 16. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • Avoid common styles –Replacing numbers for vowels –Capitalizing the first letter –Putting a special character at the end • If you’ve thought of a pattern, someone else has, too.
  17. 17. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • Long Passwords –A five letter password has 10 billion combinations and can be brute force cracked in five seconds • 9 letters can’t be brute forced, but they’re vulnerable to rainbow tables
  18. 18. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • Change them often. More often than you’d think. –Set a calendar reminder –Change one every day when it’s time to change
  19. 19. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • Combination of numbers & letters • Contains special characters • No names • No words found in the dictionary • Never reused by other sites
  20. 20. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Good Passwords • NEVER REUSED BY OTHER SITES. • NEVER REUSED BY OTHER SITES. !!!!!!!! • !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!
  21. 21. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org That’s eleventy billion different passwords I have to remember!!!!
  22. 22. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Managers • Software that manages multiple passwords • Encrypted and secure • Passwords are always with you • Can auto log into websites • Many work with tablets and mobile devices • Keeps a record of accounts
  23. 23. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Managers • How do they work? –Secured data file, usually on your device or computer –Some are web based –Some require a token
  24. 24. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Managers • Pros –Creates & manages complex and unique passwords –Only one password to remember –Bypasses keylogging software –Helps against phishing, because it’ll spot fake URLs
  25. 25. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Managers • Cons –If someone gets your one password, all is lost. –If you don’t have your key or app, you’ll have to reset your password to get into your accounts.
  26. 26. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Managers • Good for you, and good for your library
  27. 27. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
  28. 28. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
  29. 29. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
  30. 30. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
  31. 31. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
  32. 32. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
  33. 33. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org
  34. 34. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Password Management Security • Specify logins by country • Disallow Tor network logins • Track logins and shares • Drill down master password prompts –Every login? Every change? You decide
  35. 35. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Other Features • Support for multiple profiles • Supports multiple identities –Work, personal, school • Saves credit card information • Saves bank information • Last Pass offers credit monitoring
  36. 36. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Other Password Managers • RoboForm • Iron Key Personal • Splash ID • Dashline • Msecure (Security Everywhere) • KeePass • Direct Pass • Norton Identity Safe • MyLok+
  37. 37. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org KeePass Roboform 1 Password SplashID
  38. 38. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Business Solutions • Some offer business options perfect for libraries • Last Pass - $24 per employee per year
  39. 39. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • General Security –Make it hard enough to make it not worth their time –Remove apps/programs and kill accounts you don’t use –Change your passwords frequently
  40. 40. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • General Security –Run your updates and patches –Redundant back ups –Be cautious and don’t leave your stuff lying around, physical or digital
  41. 41. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • Social engineering –Use fake personal data –Vary usernames –Don’t link everything to one email address –Be very mindful of sharing your personal data
  42. 42. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • 2 factor ID –Turn it on if it’s an option, and it’s a high target site like Facebook , Twitter, or Gmail
  43. 43. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • Good passwords –Numbers, letters, and caps –Special characters –Make ‘em long –Change ‘em often –NEVER REUSE THEM. EVER.
  44. 44. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org To Sum: • Try password managing tools –Decide which meets your personal and library needs –Ask how they maintain security of your data –Use trials to get the best fit
  45. 45. Jezmynne Dene Portneuf District Library jezmynne.dene@portneuflibrary.org Be Safe Out There! Thank you! Jezmynne Dene, MLIS Portneuf District Library Chubbuck, Idaho Jezmynne.dene@portneuflibrary.org
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×