1. presents:
Passwords
Information quoted directly and paraphrased from
“Security Awareness” from the University of Texas at
Austin’s Information Technology Services
http://www.utexas.edu/its/secure/articles/keep_safe_with_strong_passwords.php
2. To protect your computer, your data and
your online accounts, make a strong
password your first line of defense.
Flickr CC Photo by Bruno Santos: http://www.flickr.com/photos/bsantos/50283672
Info from University of Texas at Austin’s Information Technology Services
3. Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/1750378617
Most people
Info from University of Texas at Austin’s Information Technology Services
know that
strong
passwords
are a good
idea, but don’t
realize
hackers are
becoming
increasingly
sophisticated
at password
“cracking.”
4. Flickr CC Photo by Pieter Ouwerkerk: http://www.flickr.com/photos/pieterouwerkerk/699483014
Info from University of Texas at Austin’s Information Technology Services
You have to
change your
password
frequently, and
stay aware of
what techniques
hackers are
using to steal
passwords, if
you want to stay
ahead of the bad
guys.
5. Internet security is based on a “weakest link”
principle, and passwords are often the only
thing standing between a hacker and access to
your computer or a campus network.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/2379761338
Info from University of Texas at Austin’s Information Technology Services
6. If your password is weak, you make it easier for
someone to break in.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/2379761338
Info from University of Texas at Austin’s Information Technology Services
7. Hackers make their livelihood
by automating ways to
continually search out the
weakest link to gain access to a
network or computer.
Don’t let your password be the
weak link!
Flickr CC Photo by Treyvor Leyenhorst: http://www.flickr.com/photos/10213764@N02/1485773850Info from
University of Texas at Austin’s Information Technology Services
8. There are real consequences to not having a
strong password.
If someone steals your password, they may find
a way to access your e-mail or IM messages,
your bank accounts, your research, your contact
lists and whatever else you have on your
computer.
Flickr CC Photo by Angel Arcones: http://www.flickr.com/photos/freddy-click-boy/3303542092
Info from University of Texas at Austin’s Information Technology Services
9. Your files may be altered or destroyed.
Sometimes hackers even take over a
computer and turn it into a zombie,
using it to perform malicious tasks such
as sending out large amounts of spam.
Flickr CC Photo by Thomas Hawk: http://www.flickr.com/photos/thomashawk/362270357
Info from University of Texas at Austin’s Information Technology Services
10. How Passwords Are Stolen
When you are creating a strong
password, it can help to know the
tactics hackers use to steal them.
The following are some of the most
frequently used techniques:
11. Flickr CC Photo by Eric Schmuttenmaer: http://www.flickr.com/photos/akeg/2175038829
Info from University of Texas at Austin’s Information Technology Services
Guessing
Programs designed to guess a user’s password are
common. They often use personal information found
online—such as names, birth dates, names of friends or
significant others, pet names or license plate numbers—
as a starting point.
These programs can even search for a word spelled
backwards.
STOLEN
?
12. TIP: It’s best to
steer clear of any
personally
identifying
information when
creating a
password.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/397004234
Info from University of Texas at Austin’s Information Technology Services
13. Flickr CC Photo by David Glover: http://www.flickr.com/photos/davidglover/4269594949
Info from University of Texas at Austin’s Information Technology Services
Dictionary-based attacks
Programs and software also exist that
run every word in a dictionary or word
list against a user name in hopes of
finding a perfect match.
14. TIP: Staying away
from actual words,
even in a foreign
language, is
recommended.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/397004234
Info from University of Texas at Austin’s Information Technology Services
15. “Brute Force” attacks
By trying every
conceivable combination
of key strokes in tandem
with a user name, brute
force attacks often
discover the correct
password.
Programs can execute a
brute force attack very
quickly.
Flickr CC Photo by Alex Eylar: http://www.flickr.com/photos/hoyvinmayvin/4687336568
Info from University of Texas at Austin’s Information Technology Services
16. TIP: The best way
to beat such an
attack is with a
long, complex
password that
uses upper and
lower case letters,
numbers, special
characters and
punctuation
marks.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/397004234
Info from University of Texas at Austin’s Information Technology Services
17. Phishing
Phishing scams usually try to hook you with
an urgent IM or e-mail message designed to
alarm or excite you into responding.
These messages often appear to be from a
friend, bank or other legitimate source
directing you to phony Web sites designed to
trick you into providing personal information,
such as your user name and password.
Flickr CC Photo by Widjaya Ivan: http://www.flickr.com/photos/28288673@N07/6457165789
Info from University of Texas at Austin’s Information Technology Services
18. TIP: Don’t click a
link in any
suspicious e-
mails, and don’t
provide your
information
unless you trust
the source.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/397004234
Info from University of Texas at Austin’s Information Technology Services
19. “Shoulder surfing”
Passwords are not always
stolen online. A hacker
who is lurking around in a
computer lab, cybercafé
or library may be there for
the express purpose of
watching you enter your
user name and password
into a computer.
Flickr CC Photo by tanakawho: http://www.flickr.com/photos/28481088@N00/425099204
Info from University of Texas at Austin’s Information Technology Services
20. TIP: Try to enter
your passwords
quickly, without
looking at the
keyboard, as a
defense against
this type of theft.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/397004234
Info from University of Texas at Austin’s Information Technology Services
21. Tips for Creating and Using
Safe Passwords
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/688068169
Info from University of Texas at Austin’s Information Technology Services
22. Use BOTH
upper- and
lower-case
letters.
Flickr CC Photo by Nina Stössinger: http://www.flickr.com/photos/ninastoessinger/4179518104
Info from University of Texas at Austin’s Information Technology Services
23. Place numbers and punctuation marks
randomly in your password.
Flickr CC Photo by Lali Masriera: http://www.flickr.com/photos/visualpanic/856235055
Info from University of Texas at Austin’s Information Technology Services
24. Flickr CC Photo by Jason Pearce: http://www.flickr.com/photos/jasonpearce/4750110576
Info from University of Texas at Austin’s Information Technology Services
Make your password long and complex,
so it is hard to crack. Between 8 to 20
characters long is recommended.
25. Use one or more of these special
characters:
!@#$%*()-+=,<>::“‘
Info from University of Texas at Austin’s Information Technology Services
26. To help you easily remember your
password, consider using a phrase or a
song title as a password. For example,
“Somewhere Over the Rainbow”
becomes “Sw0tR8nBO” or “Smells Like
Teen Spirit” becomes “sMll10nspT.”
Flickr CC Photo by marc falardeau: http://www.flickr.com/photos/49889874@N05/6101434856
Info from University of Texas at Austin’s Information Technology Services
27. Make your password easy to type
quickly. This will make it harder for
someone looking over your shoulder to
steal it.
Flickr CC Photo by Chris Metcalf: http://www.flickr.com/photos/laffy4k/441037582
Info from University of Texas at Austin’s Information Technology Services
28. Using your password safely
Create different
passwords for
different
accounts and
applications.
That way, if one
account is
breached, your
other accounts
won’t be put at
risk too.
Flickr CC Photo by Darwin Bell: http://www.flickr.com/photos/darwinbell/1454251440
Info from University of Texas at Austin’s Information Technology Services
29. Change your
passwords
regularly, about
once every six
months.
(Daylight
Savings Time?)
Flickr CC Photo by Eliazar Parra Cardenas: http://www.flickr.com/photos/eliazar/407591133
Info from University of Texas at Austin’s Information Technology Services
30. Flickr CC Photo by Mike Fernwood: http://www.flickr.com/photos/ultimateslug/326930489
Info from University of Texas at Austin’s Information Technology Services
Don’t share your password with
anyone else. Once it’s out of your
control, so is your security.
31. Never enable the “Save Password”
option, even if prompted to do so.
Pre-saved passwords make it easy for
anyone else using your computer to
access your accounts.
http://www.rhsmith.umd.edu/portal/portal_help.html
Info from University of Texas at Austin’s Information Technology Services
32. Be especially
careful about
saving
passwords in
web browsers.
http://www.webdevelopersnotes.com/how-do-i/clear-
browsing-data-google-chrome.php
33. Never walk away from
a shared computer
without logging off.
This will ensure no
other users can
access your accounts.
Flickr CC Photo by Totumweb: http://www.flickr.com/photos/totumweb/5601416590
Info from University of Texas at Austin’s Information Technology Services
34. Don’t use sample passwords given on
different Web sites, including this one.
“Somewhere Over the Rainbow”
becomes “Sw0tR8nBO” or
“Smells Like Teen Spirit” becomes
“sMll10nspT.”
Info from University of Texas at Austin’s Information Technology Services