Letmein10tipstobetterpasswords 120824113907-phpapp02


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Letmein10tipstobetterpasswords 120824113907-phpapp02

  1. 1. Let Me In! 10 Tips to Better Passwords Marian Merritt Norton Internet Safety Advocate Let Me In! 10 Tips to Better Passwords 1
  2. 2. Why It Matters • Passwords protect your stuff • A good password stops a hacker in his/her tracks • A good password doesn’t make you crazy trying to remember it • A good password strategy = peace of mind Let Me In! 10 Tips to Better Passwords 2
  3. 3. Passwords in the News •Payment System – 130 million accounts •Gaming site 1 – 77 million accounts •Social site – 30 million accounts •Military site - 26 million accounts •Career site – 6.4 million accounts •Dating site – 1.5 million accounts Let Me In! 10 Tips to Better Passwords 3 HACKED!
  4. 4. How the Hacker Uses Your Hacked Password • Published databases of usernames and passwords from major data breaches • They might already have the combination of your email address and favorite password • Plus dictionaries, common phrases • Keep running the list against the target site Let Me In! 10 Tips to Better Passwords 4
  5. 5. What Are Some of The Most Popular Passwords? 12345 123456 1234567 12345678 123123 111111 Password Passw0rd Password1 Welcome Welcome1 Let Me In! 10 Tips to Better Passwords 5 Abc123 Monkey Trustn01 Dragon Baseball Iloveyou Master Sunshine Qazwsx Superman Michael Football Ashley Bailey Shadow Letmein Blink182 Admin1
  6. 6. 1. Think Unique Let Me In! 10 Tips to Better Passwords 6 •Not guessable word or phrase •Different for each site and account •Some use a few complex passwords and then one “master” passwords for accounts considered unimportant •All accounts are important •Not password that anyone else would use
  7. 7. 2. No Dictionary Words • Avoid using full words you might find in a dictionary • Real words can be “edited” for password use –Dictionary becomes •D1(t10nAry (as an example) • But hackers are “on to” common letter replacement tricks like these Let Me In! 10 Tips to Better Passwords 7
  8. 8. 3. No Pet Names or School Mascots • Even if you went to “D1(t10nAry High School” – Avoid public information • Children often use their pet’s name –Friends and siblings hack accounts this way • Security Questions and Answers should be hard to guess –You can use “fake” answers to “mother’s maiden name” but you’ll need to remember what you used –Better are sites that let you create your own questions Let Me In! 10 Tips to Better Passwords 8
  9. 9. 4. Pay Particular Attention to Most Important Accounts • Email is most important –“Forgot your password” link on sites goes to email –Hacker with access to email can reset all other accounts • Nearly as important is social networking – Hacker can run scams against friends and colleagues • Financial sites and shopping sites with stored credit cards, too Let Me In! 10 Tips to Better Passwords 9
  10. 10. 5. Create a Pass Phrase and Turn It Into a Password Let Me In! 10 Tips to Better Passwords 10 •Select a multi word phrase that is meaningful to you (8 words or more) •Ex: “I want to go to Africa in 2013” – 8 words •Reduce to letters and numbers or characters •Ex: Iw2g2Ai2013 •Now you have complex password BUT (see next slide) Create a mental picture of your phrase! Suitcase Zebra 2013
  11. 11. 6. Make Unique for Each Account • Iw2g2Ai2013 – complex but not unique • At each site, create a variation that you can remember – For example, add first letter of the site’s name: • The “N” in Norton.com + Iw2g2Ai2013 = NIw2g2Ai2013 – Or, add letter adjacent to the first letter of site’s name: • N becomes M (or B) • M+ Iw2g2Ai2013 = MIw2g2Ai2013 Let Me In! 10 Tips to Better Passwords 11 Now you have created a system of UNIQUE and COMPLEX passwords that you might be able to remember!
  12. 12. 7. Use a Password Manager to Make This Easy • Even with complex, unique password system, it’s work to remember them all • Password manager programs can secure all in encrypted file, protected by one master password • Makes life easier while managing complex and unique passwords • Allows sync to the cloud, making passwords portable • Example: Norton’s Identity Safe (included in Norton 360, Norton Internet Security or as free download) –https://identitysafe.norton.com Let Me In! 10 Tips to Better Passwords 12
  13. 13. 8. Never Share or Show Passwords • Don’t write them down • Never email or text them to someone • If you tell it to someone, change the password as soon as possible • Legitimate companies NEVER ask for your account password Let Me In! 10 Tips to Better Passwords 13
  14. 14. 9. If Notified About Data Breach, Take Action! • Access your online account and change the password • If a financial account, monitor transactions for unusual activity • If your social network, make sure the email addresses and contact information are yours and: – Review your privacy and security settings – Monitor your “news feed” for unusual activity – Monitor your friends list for people you don’t recognize – Review apps that you’ve signed up for and the data they can access Let Me In! 10 Tips to Better Passwords 14
  15. 15. 9. Install Security Software • Get a security product for all devices: –Computers –Mobile phones –Tablets • Prevent password-stealing malware from infecting your device • Alert you to dangerous websites or links Let Me In! 10 Tips to Better Passwords 15
  16. 16. 10. Secure Mobile Devices with a Password • Mobile apps may auto log you in to accounts • Protect access with a password on phone or tablet • Remove apps you don’t use anymore that may have credit cards or financial info store: – Shopping sites – Banking and Investment companies – Travel sites Let Me In! 10 Tips to Better Passwords 16
  17. 17. Summary • Create unique passphrase (no dictionary words) • Nothing others will guess • Customize for each site • Focus on email, social, financial sites first • Use password managers • Never share or show passwords • Take action if breached • Use security software • Set passwords on mobiles Let Me In! 10 Tips to Better Passwords 17
  18. 18. Thank you! Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Marian Merritt Norton Internet Safety Advocate marian@norton.com @marianmerritt Let Me In! 10 Tips to Better Passwords 18 What did I miss? Please send your suggestions to Marian@Norton.com