SlideShare a Scribd company logo

How to be safe on the internet. Make the web better!

Octavian Irimia
Octavian Irimia

This is a slide for non-IT persons that surf over the internet every day. There are few rule to know, before you do anything.

EducationTechnology
1 of 16
Download to read offline
Make the web better How to be safe on the internet by vectorialpx.net
First rule of security: trust nobody And some other simple rules:
1. Do not give your passwords to friends and don't type passwords in public places. If you really need to, look both ways and make sure no one can see your hands. This is not a joke! Lots of accounts got "hacked" this way.
2. Do not use your password (login) in unknown networks, like public wiFi networks (hotels, McDonalds or others) There may be some dude (proxy)between you and the internet that can record any action (request) between you and any server (website). Even your passwords. What can you do? When you are at home, check "Keep me logged in" on the website so when you get into public places you will not need to enter your password.
3. Never click on unknown links. Before you click a link make sure you check the address from the address bar. I hate short links!!! (even fb.me or t.co ... all of them)
NOTE1:When you check the address bar make sure it is a perfect match. As example: if it's a mail from PayPal and the link is something like http://client12.paypl.com you should not click it. The domain must be PayPal.com and not paypl.com. Do not assume that an email from paypal.com is safe. The sender can easy be changed. Note2: Never complete a login forms unless you checked the address-bar twice. You may get into pages that look like the Yahoo! (just an example) interface BUT there is another address, another website. It is a copy of the interface to just make you enter (give) your password.
4. Do not give passwords to any support desk, bank agent or other person that will tell you that "it's safe!" to do it. Any support desks or administrator must have access to your account (of any type) without your password.
Never store passwords in plain text (on paper, in your browser, in your phone, in your computer)
Do not have stupid passwords Make sure that your passwords contains at least one special character and at least one digit and it's over 8 characters. If you have any password that doesn't meet this, go and change it right now.
Why is this important? Well, read this if you like technical stuff: the simplest method of getting passwords is a savage one, named brute-force. This method consists into entering all combinations of letters and even digits until a valid password is found. If you add a special character and a digit into your password and you make it long enough (over 8 chars) you will add billions of brute-force combinations. Most of the big websites logins are protected against bruteforce (it's nothing sure) but a simple security breach could lead to database records or files that store passwords. If you have a strong password, it will be impossible to "unhash" it. A hash is a computed value of a string with a one-way algorithm. So, once a password is hashed it cannot be unhashed BUT you can make brute-force over it and trying lots of combinations you can find the valid hash. A programmer needs just few lines of code to create a brute-force. And, of course, a lot of time.
Ok, how can I have a strong password? As example: my name is Octavian and my password can be "0C5@vi1N" and it's easy for me to remember. We have: 0 (zero) is like "O" + big "C" + 5 is over "T", @ looks like "A", we also have "vi" as simple string, 1 is over "A" and, in the end a big "N". So, it's my name in a new way. If you need, you can use something like http://password.phpadminpanel.com or even a password manager
Another important thing about passwords: make sure you have a different password for every important service that you have - Email, Facebook, forums, games, FTP accounts (if you are a developer) and other accounts. Why should I do that? Sometimes, in my past, I got a website to maintain. I was surprised to see that all passwords recorded until that time are in plain text. You could just see passwords (even now, I cannot understand how a programmer can be that stupid). So I took some random password and the email of the account and just tried into the Yahoo! login form (it was a Yahoo! email). It was amazing to find out that 3 of 5 users had the same passwords for their emails. Of course, next thing, I hashed all passwords. So, never have the same password for two services because you cannot know who will bump into your clear password. At least you will lose one account, not your entire internet life.
Have alternate ways for your password recovery. As example, have an alternate email to recover your password. Both Yahoo! and Google will allow a second email address that can reset your password. Also, if you can, add your phone number for trusted websites so this will also be a new method to recover your password. If you don't have an alternate email, add it now!
Make sure you have a good updated antivirus and you make a scan once a month A good antivirus will also have a firewall. In case it does not, make sure your OS (ie: Windows) firewall is ON. Also, update your system at least once a month because there are security updates that you may need.
Please share this and help me to make the web better. Octavian Irimia www.vectorialpx.net

Recommended

[Computer] hacking for dummies how to learn to hack in easy steps
[Computer] hacking for dummies how to learn to hack in easy steps[Computer] hacking for dummies how to learn to hack in easy steps
[Computer] hacking for dummies how to learn to hack in easy stepsLee Toulouse
 
What Is A Web Browser
What Is A Web BrowserWhat Is A Web Browser
What Is A Web Browserkevpatel
 
Password hacking
Password hackingPassword hacking
Password hackingAbhay pal
 
Overview of information security
Overview of information securityOverview of information security
Overview of information securityAskao Ahmed Saad
 
Hacking with experts (by anurag dwivedi)
Hacking with experts (by anurag dwivedi)Hacking with experts (by anurag dwivedi)
Hacking with experts (by anurag dwivedi)Esteban Bedoya
 
Website Hacking Oldie
Website Hacking OldieWebsite Hacking Oldie
Website Hacking OldieAung Khant
 
Hacking with experts 3 (facebook hacking) by anurag dwivedi.
Hacking with experts 3 (facebook hacking) by anurag dwivedi.Hacking with experts 3 (facebook hacking) by anurag dwivedi.
Hacking with experts 3 (facebook hacking) by anurag dwivedi.Esteban Bedoya
 
qrth
qrthqrth
qrthboozsha
 

Recommended

[Computer] hacking for dummies how to learn to hack in easy steps
[Computer] hacking for dummies how to learn to hack in easy steps[Computer] hacking for dummies how to learn to hack in easy steps
[Computer] hacking for dummies how to learn to hack in easy stepsLee Toulouse
 
What Is A Web Browser
What Is A Web BrowserWhat Is A Web Browser
What Is A Web Browserkevpatel
 
Password hacking
Password hackingPassword hacking
Password hackingAbhay pal
 
Overview of information security
Overview of information securityOverview of information security
Overview of information securityAskao Ahmed Saad
 
Hacking with experts (by anurag dwivedi)
Hacking with experts (by anurag dwivedi)Hacking with experts (by anurag dwivedi)
Hacking with experts (by anurag dwivedi)Esteban Bedoya
 
Website Hacking Oldie
Website Hacking OldieWebsite Hacking Oldie
Website Hacking OldieAung Khant
 
Hacking with experts 3 (facebook hacking) by anurag dwivedi.
Hacking with experts 3 (facebook hacking) by anurag dwivedi.Hacking with experts 3 (facebook hacking) by anurag dwivedi.
Hacking with experts 3 (facebook hacking) by anurag dwivedi.Esteban Bedoya
 
qrth
qrthqrth
qrthboozsha
 
Protect Your Business With Web Security
Protect Your Business With Web SecurityProtect Your Business With Web Security
Protect Your Business With Web SecurityHarrison Kenyon Marketing
 
W make107
W make107W make107
W make107Greg in SD
 
I forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyI forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyMichal Špaček
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewSTO STRATEGY
 
Password management
Password managementPassword management
Password managementWilmington University
 
So Many Passwords So Little Mind
So Many Passwords So Little MindSo Many Passwords So Little Mind
So Many Passwords So Little MindAlain Lemay
 
Free SEO
Free SEOFree SEO
Free SEOKailas P
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques أحلام انصارى
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - PasswordsBarry Caplin
 
How to become hacker
How to become hackerHow to become hacker
How to become hackerRaman Sanoria
 
security procedures
security procedures security procedures
security procedures offbeatnominee633
 
How to choose a password that’s hard to crack
How to choose a password that’s hard to crackHow to choose a password that’s hard to crack
How to choose a password that’s hard to crackKlaus Drosch
 
183433 xunleashed
183433 xunleashed183433 xunleashed
183433 xunleashedDome Lambogini
 
Password Management
Password ManagementPassword Management
Password ManagementDavon Smart
 
Test ideas for Login / Authentication and Login Session
Test ideas for Login / Authentication and Login SessionTest ideas for Login / Authentication and Login Session
Test ideas for Login / Authentication and Login SessionSanthosh Tuppad
 
Honeywords - BSides London 2014
Honeywords - BSides London 2014Honeywords - BSides London 2014
Honeywords - BSides London 2014Gavin Holt
 
Disclosing password hashing policies
Disclosing password hashing policiesDisclosing password hashing policies
Disclosing password hashing policiesMichal Špaček
 
Web + Social Media + Cyber Security for Lawyers
Web + Social Media + Cyber Security for LawyersWeb + Social Media + Cyber Security for Lawyers
Web + Social Media + Cyber Security for LawyersJoshua Weaver
 
Document
DocumentDocument
DocumentEsper Herrera
 
Password management for you
Password management for youPassword management for you
Password management for youChit Ko Ko Win
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 

More Related Content

Similar to How to be safe on the internet. Make the web better!

I forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyI forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyMichal Špaček
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewSTO STRATEGY
 
So Many Passwords So Little Mind
So Many Passwords So Little MindSo Many Passwords So Little Mind
So Many Passwords So Little MindAlain Lemay
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - PasswordsBarry Caplin
 
How to become hacker
How to become hackerHow to become hacker
How to become hackerRaman Sanoria
 
How to choose a password that’s hard to crack
How to choose a password that’s hard to crackHow to choose a password that’s hard to crack
How to choose a password that’s hard to crackKlaus Drosch
 
Password Management
Password ManagementPassword Management
Password ManagementDavon Smart
 
Test ideas for Login / Authentication and Login Session
Test ideas for Login / Authentication and Login SessionTest ideas for Login / Authentication and Login Session
Test ideas for Login / Authentication and Login SessionSanthosh Tuppad
 
Honeywords - BSides London 2014
Honeywords - BSides London 2014Honeywords - BSides London 2014
Honeywords - BSides London 2014Gavin Holt
 
Disclosing password hashing policies
Disclosing password hashing policiesDisclosing password hashing policies
Disclosing password hashing policiesMichal Špaček
 
Web + Social Media + Cyber Security for Lawyers
Web + Social Media + Cyber Security for LawyersWeb + Social Media + Cyber Security for Lawyers
Web + Social Media + Cyber Security for LawyersJoshua Weaver
 
Password management for you
Password management for youPassword management for you
Password management for youChit Ko Ko Win
 

Similar to How to be safe on the internet. Make the web better! (20)

Protect Your Business With Web Security
Protect Your Business With Web SecurityProtect Your Business With Web Security
Protect Your Business With Web Security
 
W make107
W make107W make107
W make107
 
I forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyI forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and why
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of view
 
Password management
Password managementPassword management
Password management
 
So Many Passwords So Little Mind
So Many Passwords So Little MindSo Many Passwords So Little Mind
So Many Passwords So Little Mind
 
Free SEO
Free SEOFree SEO
Free SEO
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - Passwords
 
How to become hacker
How to become hackerHow to become hacker
How to become hacker
 
security procedures
security procedures security procedures
security procedures
 
How to choose a password that’s hard to crack
How to choose a password that’s hard to crackHow to choose a password that’s hard to crack
How to choose a password that’s hard to crack
 
183433 xunleashed
183433 xunleashed183433 xunleashed
183433 xunleashed
 
Password Management
Password ManagementPassword Management
Password Management
 
Test ideas for Login / Authentication and Login Session
Test ideas for Login / Authentication and Login SessionTest ideas for Login / Authentication and Login Session
Test ideas for Login / Authentication and Login Session
 
Honeywords - BSides London 2014
Honeywords - BSides London 2014Honeywords - BSides London 2014
Honeywords - BSides London 2014
 
Disclosing password hashing policies
Disclosing password hashing policiesDisclosing password hashing policies
Disclosing password hashing policies
 
Web + Social Media + Cyber Security for Lawyers
Web + Social Media + Cyber Security for LawyersWeb + Social Media + Cyber Security for Lawyers
Web + Social Media + Cyber Security for Lawyers
 
Document
DocumentDocument
Document
 
Password management for you
Password management for youPassword management for you
Password management for you
 

Recently uploaded

Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...M56BOOKSTORE PRODUCT/SERVICE
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 

Recently uploaded (20)

Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 

How to be safe on the internet. Make the web better!

  • 1. Make the web better How to be safe on the internet by vectorialpx.net
  • 2. First rule of security: trust nobody And some other simple rules:
  • 3. 1. Do not give your passwords to friends and don't type passwords in public places. If you really need to, look both ways and make sure no one can see your hands. This is not a joke! Lots of accounts got "hacked" this way.
  • 4. 2. Do not use your password (login) in unknown networks, like public wiFi networks (hotels, McDonalds or others) There may be some dude (proxy)between you and the internet that can record any action (request) between you and any server (website). Even your passwords. What can you do? When you are at home, check "Keep me logged in" on the website so when you get into public places you will not need to enter your password.
  • 5. 3. Never click on unknown links. Before you click a link make sure you check the address from the address bar. I hate short links!!! (even fb.me or t.co ... all of them)
  • 6. NOTE1:When you check the address bar make sure it is a perfect match. As example: if it's a mail from PayPal and the link is something like http://client12.paypl.com you should not click it. The domain must be PayPal.com and not paypl.com. Do not assume that an email from paypal.com is safe. The sender can easy be changed. Note2: Never complete a login forms unless you checked the address-bar twice. You may get into pages that look like the Yahoo! (just an example) interface BUT there is another address, another website. It is a copy of the interface to just make you enter (give) your password.
  • 7. 4. Do not give passwords to any support desk, bank agent or other person that will tell you that "it's safe!" to do it. Any support desks or administrator must have access to your account (of any type) without your password.
  • 8. Never store passwords in plain text (on paper, in your browser, in your phone, in your computer)
  • 9.
  • 10. Do not have stupid passwords Make sure that your passwords contains at least one special character and at least one digit and it's over 8 characters. If you have any password that doesn't meet this, go and change it right now.
  • 11. Why is this important? Well, read this if you like technical stuff: the simplest method of getting passwords is a savage one, named brute-force. This method consists into entering all combinations of letters and even digits until a valid password is found. If you add a special character and a digit into your password and you make it long enough (over 8 chars) you will add billions of brute-force combinations. Most of the big websites logins are protected against bruteforce (it's nothing sure) but a simple security breach could lead to database records or files that store passwords. If you have a strong password, it will be impossible to "unhash" it. A hash is a computed value of a string with a one-way algorithm. So, once a password is hashed it cannot be unhashed BUT you can make brute-force over it and trying lots of combinations you can find the valid hash. A programmer needs just few lines of code to create a brute-force. And, of course, a lot of time.
  • 12. Ok, how can I have a strong password? As example: my name is Octavian and my password can be "0C5@vi1N" and it's easy for me to remember. We have: 0 (zero) is like "O" + big "C" + 5 is over "T", @ looks like "A", we also have "vi" as simple string, 1 is over "A" and, in the end a big "N". So, it's my name in a new way. If you need, you can use something like http://password.phpadminpanel.com or even a password manager
  • 13. Another important thing about passwords: make sure you have a different password for every important service that you have - Email, Facebook, forums, games, FTP accounts (if you are a developer) and other accounts. Why should I do that? Sometimes, in my past, I got a website to maintain. I was surprised to see that all passwords recorded until that time are in plain text. You could just see passwords (even now, I cannot understand how a programmer can be that stupid). So I took some random password and the email of the account and just tried into the Yahoo! login form (it was a Yahoo! email). It was amazing to find out that 3 of 5 users had the same passwords for their emails. Of course, next thing, I hashed all passwords. So, never have the same password for two services because you cannot know who will bump into your clear password. At least you will lose one account, not your entire internet life.
  • 14. Have alternate ways for your password recovery. As example, have an alternate email to recover your password. Both Yahoo! and Google will allow a second email address that can reset your password. Also, if you can, add your phone number for trusted websites so this will also be a new method to recover your password. If you don't have an alternate email, add it now!
  • 15. Make sure you have a good updated antivirus and you make a scan once a month A good antivirus will also have a firewall. In case it does not, make sure your OS (ie: Windows) firewall is ON. Also, update your system at least once a month because there are security updates that you may need.
  • 16. Please share this and help me to make the web better. Octavian Irimia www.vectorialpx.net