3. Password Management Practices
Password Management Best Practices
Do’s
• Select passwords that include a combination of upper and lowercase
alphabetic characters, symbols, and numbers.
• Rotate your passwords regularly. We recommend changing passwords
every sixty days, but rotating them every six months will put you way
ahead of most others.
• Develop a difficult-to-guess but easy-to-remember password that
incorporates memory devices.
Do Not’s
• Use all or part of your name in your password.
• Use a password of all numbers or a single, repeated letter.
• Use a word contained in any dictionary.
• Use a password with a length under six characters.
• Reuse or recycle passwords.
• Use same password for multiple accounts.
5. Two-Factor Authentication
2FA, or Two-factor authentication, adds extra steps to your
normal logon procedure.
Adds a second level of authentication to your account login.
Different Types of 2FA
o Security questions
Name of first pet?
City in which you were born?
Favorite animal?
Name of best friend?
o PIN, identification number, pattern, ect. Something you know.
o ATM card, phone. Something you have.
o Biometrics, voice or finger print. Something you are.
o Can be a random code that changes every 10-15 secs.
Not impervious to hacking.
o Need physical component of 2FA.
o Hackers could use cookies.
The account recovery feature can be used by hackers to
steal your account.
7. Preventing Identity-Theft
• Don’t share what you don’t have to
• Understand common social engineering and phishing
techniques
• Carefully manage privacy settings
• Make secure passwords and use two-factor authentication
• Don’t reply if you see a suspicious email, instant message or
webpage asking for your personal or financial information
• Always be wary of any messages or sites that ask for your
personal information, or messages that refer you to an
unfamiliar web page asking for any of the following details:
– Usernames
– Passwords
– Social Security numbers
– Bank account numbers
– PINs (Personal Identification Numbers)
– Full credit card numbers
– Your mother’s maiden name
– Your birthday
8. Beat the Thief game
Beat the Thief game (Have your kids play the game)
9. • 1 in 40 Households with children under
the age of 18 had at least one child
whose personal information was
compromised by identity crimes.
• 26,989 child identities were scanned in a
2012 study and 10.7% of the scans
showed evidence of identity theft.
• Information from PBS NOVA education
12. Safe Browsing
• Check Address bar for a padlock and HTTPS whenever personal
information is being used.
• Check for correct spelling of the website name
• Don’t click unknown objects
• De-select any unknown or unwanted software when installing
programs.
• Make use of built-in Pop-Up Blockers
• Keep your OS and antivirus updated.
• Use free tools to help you avoid pop-ups, advertisements,
dangerous web sites, and bad links.
13. – Free tools to help you take control and feel safe.
• AdBlock Plus
Block Ads on Facebook, You Tube, Hulu, ect..
• WOT (Web of Trust)
Protects you against scams, untrustworthy links and rogue
web stores
• MalwareBytes remove malicious software
• HitmanPro second opinion solution for removing Malware
• Ccleaner cleans temporary files, history, forms, recycle bin,
and any other junk that can slow your PC down
Take Control and Optimize your Browser
15. Family Safety
• Child Accounts
• Web Filtering
• Time Limits
• Curfew
• Game Restrictions
• GPS Location Apps (Life 360, Find My I-Phone
App)
16. Family Safety
• Monitor your kids while playing online video
games (Call of Duty, Battlefield, World of Warcraft)
• Stay up to date with the latest applications kids
are using (Snapchat, vine, twitter, facebook, kik, instagram)
• Mobile Technology safety
• Watch for online Bullying (In 2012, a Microsoft study of
more than 7,500 children ages 8 through 17 in 25 countries
worldwide found that 37 percent of those interviewed had
experienced meanness online.)
• Limit the amount of personal information you post online
and use privacy settings to avoid sharing information widely.
17. Make Your Home Router Secure
•Use WPA2 (Wi-Fi Protected Access )on the router.
•Change the default password.
•Disable remote administration.
•Change the default SSID(Service Set Identification)
name.
•Enable router firewall.
•Enable wireless MAC (Media Access Control)
filter.
18. Wrapping Up
Vary your passwords from site to site.
Make them complex and test their strength if necessary.
Don't provide personal information to get something free
online. Only Provide personal info to trusted sites and be
vigilant when any website asks for personal info.
Two factor Authentication is an added level of security and
should be welcomed, not displeasing. Batman says,
“It’s the citizens who are lazy that are the most vulnerable”
Help me help you, choose or look for Two factor Authentication
whenever your personal information is at stake.
Family safety can be time consuming, but with new
technology comes new responsibilities.
Most important: it’s the user that is the last line of
defense. Technologies such as anti-virus, safe browsers,
firewalls, or anything else cannot help if an Internet user
clicks on the wrong link or visits the wrong web site.
Link to simulation....http://ui.linksys.com/WRT54G/v8/8.00.0/Filters.htm
Using WPA2 on the router
WPA2 is its use of a security protocol based on Advanced Encryption Standard (AES), the U.S. Government’s preferred choice of encryption
Change default password
Make sure the router password is not still set to the default password. If the password can be guessed this could give someone access to the router setup, which could allow them to change your router settings, including viewing any security keys.
Disable remote administration
When enabled, remote administration allows anyone close enough to your router to view or change your router settings. If you never plan on remotely administrating your network, e.g. wireless connecting to the router, we recommend disabling remote administration. With routers that support this option, it is often disabled through the Administration section.
Change the default SSID name
The SSID is the name that identifies your wireless router. By default, many routers will use the name of the router as the default SSID, for example, Linksys routers use 'Linksys' as the SSID. This is a security risk since it identifies the brand of the router and would let any attacker immediately know what exploits to use.
Enable router firewall
Many routers also have their own firewall that can be enabled. If available, we also suggest enabling this feature as it helps add an extra layer of security for your network.
Enable wireless MAC filter
The Wireless MAC filter feature only allows a wireless device to connect to your router if the MAC Address has been entered into the filter list. This can make connecting new devices to your network more difficult, but improves the overall security of your wireless network.
Tip: A quick and easy to set this up is to connect any wireless device you want on your network to your router before enabling wireless MAC filter. After each device has successfully connected, open the DHCP client table, often found in the Status or Local Network section. Each device that has connected to your router thus far is seen and can be copied into a notepad and pasted into the Wireless MAC filter section of the router Security section.