4. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
General Security Tips
• It’s gonna happen – not a matter of
“if” but “when”
• Bad guys chase the path of least
resistance
–Make it just difficult enough to make it not
worth their time
5. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
General Security Tips
• Update and patch everything
–Especially Flash and Java
• Remove what you don’t use
• Change your passwords frequently
6. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
General Security Tips
• Redundant backups
–Local hard drives
–Remote service, like Carbonite or similar
• Don’t use remote wipe options
–Hackers can wipe out all your stuff if they
access your devices remotely
7. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Social Engineering
• By far the easiest way to hack
• Using your info against you
• A good guess will get a hacker into
your stuff
8. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Social Engineering
• Use false personal data for security
questions
• Guard your data on websites and social
networking
9. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Social Engineering
• Daisy chaining accounts
–Avoid having everything point to one email
account for resets
• Usernames across services
–Vary usernames for important accounts, like
banking or credit cards
10. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
2 Factor ID
• Uses your login and something you
have on you, like your phone, a
biometric, a smart card, or a USB
device
11. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• “Sorry, but your password must
contain an uppercase letter, a number,
a punctuation mark, a gang sign, an
extinct mammal and a hieroglyph” --
@StephBWright
12. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• At least eight characters long
• Combination of numbers & letters
16. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• Avoid common styles
–Replacing numbers for vowels
–Capitalizing the first letter
–Putting a special character at the end
• If you’ve thought of a pattern,
someone else has, too.
17. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• Long Passwords
–A five letter password has 10 billion
combinations and can be brute force
cracked in five seconds
• 9 letters can’t be brute forced, but
they’re vulnerable to rainbow tables
18. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• Change them often. More often than
you’d think.
–Set a calendar reminder
–Change one every day when it’s time to
change
19. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• Combination of numbers & letters
• Contains special characters
• No names
• No words found in the dictionary
• Never reused by other sites
20. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Good Passwords
• NEVER REUSED BY OTHER SITES.
• NEVER REUSED BY OTHER SITES.
!!!!!!!!
• !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!
21. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
That’s eleventy
billion different
passwords I have
to remember!!!!
22. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Managers
• Software that manages multiple
passwords
• Encrypted and secure
• Passwords are always with you
• Can auto log into websites
• Many work with tablets and mobile
devices
• Keeps a record of accounts
23. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Managers
• How do they work?
–Secured data file, usually on your device or
computer
–Some are web based
–Some require a token
24. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Managers
• Pros
–Creates & manages complex and unique
passwords
–Only one password to remember
–Bypasses keylogging software
–Helps against phishing, because it’ll spot
fake URLs
25. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Managers
• Cons
–If someone gets your one password, all is
lost.
–If you don’t have your key or app, you’ll
have to reset your password to get into your
accounts.
26. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Managers
• Good for you, and good for your library
34. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Password Management Security
• Specify logins by country
• Disallow Tor network logins
• Track logins and shares
• Drill down master password prompts
–Every login? Every change? You decide
35. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Other Features
• Support for multiple profiles
• Supports multiple identities
–Work, personal, school
• Saves credit card information
• Saves bank information
• Last Pass offers credit monitoring
36. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Other Password Managers
• RoboForm
• Iron Key Personal
• Splash ID
• Dashline
• Msecure (Security
Everywhere)
• KeePass
• Direct Pass
• Norton Identity Safe
• MyLok+
38. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Business Solutions
• Some offer business options perfect
for libraries
• Last Pass - $24 per employee per year
39. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• General Security
–Make it hard enough to make it not worth
their time
–Remove apps/programs and kill accounts
you don’t use
–Change your passwords frequently
40. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• General Security
–Run your updates and patches
–Redundant back ups
–Be cautious and don’t leave your stuff lying
around, physical or digital
41. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• Social engineering
–Use fake personal data
–Vary usernames
–Don’t link everything to one email address
–Be very mindful of sharing your personal
data
42. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• 2 factor ID
–Turn it on if it’s an option, and it’s a high
target site like Facebook , Twitter, or Gmail
43. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• Good passwords
–Numbers, letters, and caps
–Special characters
–Make ‘em long
–Change ‘em often
–NEVER REUSE THEM. EVER.
44. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
To Sum:
• Try password managing tools
–Decide which meets your personal and
library needs
–Ask how they maintain security of your data
–Use trials to get the best fit
45. Jezmynne Dene
Portneuf District Library
jezmynne.dene@portneuflibrary.org
Be Safe Out There!
Thank you!
Jezmynne Dene, MLIS
Portneuf District Library
Chubbuck, Idaho
Jezmynne.dene@portneuflibrary.org