Dan Houser, profile picture
Uploaded byDan Houser
107 views

Protect passwords - User Awareness Training

Security Awareness Training content on passwords, the use of password vaults, and why it matters

Embed presentation

Download to read offline
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved Password Vaults: Protecting Yourself Online & In Real Life Dan Houser, CISSP-ISSAP-ISSMP CISM CGEIT CSSLP CCFP-US CISA InfoSec Leader & Architect Dan.houser@gmail.com @SecWonk #CPE4Free / #CPEs4Free
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved Keeping your digital identity SAFE Armoring Up Installing Password Manager
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved 3 4000 year old technology Most predominant authentication method – Halt! Who Goes There? [Identification] – What is the password? [Authentication] Most common form of authentication used No end in sight
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved But does it work? ...ish Copyright (c) 2019, Trogdor Heavy Industries, All Rights Reserved bit.ly/2019InfoSecSummit
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved CyberCrime & Passwords 2018 CyberCrime Losses: $3.3 TRILLION #1 Corporate Vector: email Phishing -> stealing passwords #1 Consumer vector: Stolen passwords Jan 2019: Collection 1-6 – Collection 1: 773Million passwords, emails, login IDs – Collections 2,3,4,5,6: Total 3.3 BILLION passwords & emails – Cost to download: $2 5
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved Why this talk? “Only amateurs attack machines; professionals target people.” -Bruce Schneier “Cryptographic systems are only as strong as the underlying implementations…. Even though the [cryptographic] protocol itself is believed to be solid, a ‘lock’ icon is hardly of much significance when displayed by a bug-riddled browser running on a spyware-infested computer talking to a compromised Web server. “ - Paul Kocher Wizards Bank Galleons to Muggle Ministry Transfers Sign In Flue powder chat with a personal banker now
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved SMS & Caller ID spoof, easy Smishing MFA: A Field of Fail Broken authenticators: Human Factor
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved 8 Why passwords fail Bad passwords – The top 10 most common passwords used in 2018 are as follows: o 123456 (Unchanged) o password (Unchanged) o 123456789 (Up 3) o 12345678 (Down 1) o 12345 (Unchanged) Using passwords multiple places o 111111 (New) o 1234567 (Up 1) o sunshine (New) o qwerty (Down 5) o iloveyou (Unchanged)
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved Armoring Up Use a password manager Use Multi-Factored Authentication Protect your accounts, don’t share! Split your accounts: • Use different accounts for different persons • Use multiple emails: • One email for banking/financials • One email for social media • One email for online purchases • One for everything else
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved Multi-Factored Authentication Combines: – Something you know PIN, password, demographics, challenge-response – Something you have OTP token, phone, employee access card, key fob, RFID – Something you arefingerprint, voice print, photograph, facial recognition – Fourth factor: Somewhere you are o Does transactional activity indicate this logically is the same person? o Is Alice currently in Singapore?
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved MFA: Multi-Factored Auth Use MFA wherever it’s offered – Banking / Finance – Social media – Email – Medical records – Centrify
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved Why Different email accounts? Cascade Failure in Web of Trust Compromise of one account often enables compromise of others: Personal email -> social media -> banking credential reset -> corporate credential reset -> phone carrier reset -> new SIM -> OTP token reset -> cryptocoin wallet unlock… The challenge here is that reset of a credential ALWAYS relies on other credentials, and most are in-band Password reset is the weakest link of all FAIL MODES: Using same password for cat GIFs and banking
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved PROTECT PASSWORDS of those you love Password Protection Methods & the reality of non-technical family members  Phishing exists because of this dichotomy  How to protect…  Techno-Phobe?  Grandma?  Middle Schooler?  Mentally Incompetent?
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved PROTECT PASSWORDS Use a password manager: • 1Password • KeePass / KeePassXC • LastPass • BitWarden Unique passwords for every site No more stress about “where else have I used this password?”
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved LastPass Interactive Demo Get on Guest Wifi guest@place.org HowNowBC? Install LastPass
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved LastPass
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved LastPass
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved LastPass
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved LastPass
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved LastPass
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved LastPass
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved LastPass
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved LastPass
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved Armoring Up Use a password manager Use Multi-Factored Authentication Protect your accounts, don’t share! Split your accounts: • Use different accounts for different persons • Use multiple emails: • One email for banking/financials • One email for social media • One email for online purchases • One for everything else
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved 25 “Apply” Slide Next week you should: – START Over the next 3 months you should: – Inventory all credentials, paths, flows for establish & reset – Normalize identity verification standards & scripts Within 6 months you should: – Instrument velocity checks on all authentication paths – Create backup MFA plan / solution – Migrate insecure credentials; consider NIST 800-63-3 as credential standard
Copyright © 2020 Trogdor Heavy Industries – All Rights Reserved 26 Q&A Copyright FarWorks & Gary Larson

More Related Content

PPTX
CybSecurity Awareness Storyboard Edit.pptx
byamahoganyv
 
PPTX
Internet Safety for Seniors presentation
bymwnorman1
 
PPT
MFA, 42 & Compliance - Answers to the Wrong Questions
byDan Houser
 
PPTX
Password management
byWilmington University
 
PPTX
205-5-6-Security Seminar - Master
byDan Tervo
 
PDF
Be Cyber Smart! (DLH 10/25/2019)
byDavid Herrington
 
PDF
SBA Live Academy - Passwords: Policy and Storage with NIST SP800-63b by Jim M...
bySBA Research
 
PDF
Why is password protection a fallacy a point of view
bySTO STRATEGY
 
CybSecurity Awareness Storyboard Edit.pptx
byamahoganyv
 
Internet Safety for Seniors presentation
bymwnorman1
 
MFA, 42 & Compliance - Answers to the Wrong Questions
byDan Houser
 
Password management
byWilmington University
 
205-5-6-Security Seminar - Master
byDan Tervo
 
Be Cyber Smart! (DLH 10/25/2019)
byDavid Herrington
 
SBA Live Academy - Passwords: Policy and Storage with NIST SP800-63b by Jim M...
bySBA Research
 
Why is password protection a fallacy a point of view
bySTO STRATEGY
 

Similar to Protect passwords - User Awareness Training

PDF
Taking Control of the Digital and Mobile User Authentication Challenge
byEMC
 
PPTX
Passwords
byGrittyCC
 
PDF
W make107
byGreg in SD
 
PPT
Let me in! 10 tips to better passwords
byMarian Merritt
 
PDF
Why is password protection a fallacy a point of view
byYury Chemerkin
 
PPTX
Protecting your online identity - Managing your passwords
byBunmi Sowande
 
PPTX
How to Protect Yourself From Heartbleed Security Flaw
byConnectSafely
 
PPTX
The Top Password Security Trends
byCloudswave
 
PPTX
2 Laymans Course - LAMP V2.pptx
byssuser2f0fb0
 
PPT
Unit-4 Cybercrimes-II Mobile and Wireless Devices.ppt
byajajkhan16
 
PPTX
Hyphenet Security Awareness Training
byJen Ruhman
 
PPTX
Hyphenet Security Awareness Training
byJen Ruhman
 
PPTX
Cyber Security Training Module 2025.pptx
bysurnil7785
 
PPTX
Securing your digital life - Jason Addie
byDataFest Tbilisi
 
PDF
Personal Digital Security (JavaZone Academy 2017)
byMichael Johansen
 
PPTX
Cybersecurity awareness _20241220_223916_0000.pptx
byjoyabisha1
 
PPTX
How to Create (use use) Strong & Unique Passwords
byConnectSafely
 
ODP
Secure Password Management, Informal, @WalmartLabs
byKarl Mueller
 
PDF
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
byHitachi ID Systems, Inc.
 
PDF
Executive Directors Chat:It's easy to stay safe online.pdf
byTechSoup
 
Taking Control of the Digital and Mobile User Authentication Challenge
byEMC
 
Passwords
byGrittyCC
 
W make107
byGreg in SD
 
Let me in! 10 tips to better passwords
byMarian Merritt
 
Why is password protection a fallacy a point of view
byYury Chemerkin
 
Protecting your online identity - Managing your passwords
byBunmi Sowande
 
How to Protect Yourself From Heartbleed Security Flaw
byConnectSafely
 
The Top Password Security Trends
byCloudswave
 
2 Laymans Course - LAMP V2.pptx
byssuser2f0fb0
 
Unit-4 Cybercrimes-II Mobile and Wireless Devices.ppt
byajajkhan16
 
Hyphenet Security Awareness Training
byJen Ruhman
 
Hyphenet Security Awareness Training
byJen Ruhman
 
Cyber Security Training Module 2025.pptx
bysurnil7785
 
Securing your digital life - Jason Addie
byDataFest Tbilisi
 
Personal Digital Security (JavaZone Academy 2017)
byMichael Johansen
 
Cybersecurity awareness _20241220_223916_0000.pptx
byjoyabisha1
 
How to Create (use use) Strong & Unique Passwords
byConnectSafely
 
Secure Password Management, Informal, @WalmartLabs
byKarl Mueller
 
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
byHitachi ID Systems, Inc.
 
Executive Directors Chat:It's easy to stay safe online.pdf
byTechSoup
 

More from Dan Houser

PPTX
Cryptography Overview Presentation circa 2005
byDan Houser
 
PPTX
RSA2003: Forget Firewalls - early Zero Trust
byDan Houser
 
PPTX
Digital Deception: Raising the Stakes on Hackers
byDan Houser
 
PPTX
The Hidden Enemy Within - Why Ungoverned Data is Such a Big Problem
byDan Houser
 
PPT
RSA2008: Sins of our Fathers, for which we still are punished
byDan Houser
 
PPTX
Now More than Ever: Ethics in Cybersecurity
byDan Houser
 
PPT
RSA 2005 H&T: Die Script Kiddie! Die, Die, Die!
byDan Houser
 
PPTX
Crypto in the Real World - ISACA 10-Jan-2008
byDan Houser
 
PPT
Power Up your LinkedIn Profile, Effectively Highlight your Branc
byDan Houser
 
PPTX
My Baby Done Bad Crypto - My Sweet Baby Done Me Wrong
byDan Houser
 
PPTX
The Death of Best-of-Breed - Leveraging Cloud for Security Transformation
byDan Houser
 
PPTX
2024 Security Outlook & Essential Security Practices
byDan Houser
 
PPTX
Hacking and Armoring Identity Ecosystems: When MFA Isn't Good Enough Any Longer
byDan Houser
 
PPTX
Driving Change and Resilience: Aligning Cybersecurity with Organizational St...
byDan Houser
 
ODP
2013 (ISC)² Congress: This Curious Thing Called Ethics
byDan Houser
 
PPTX
Securing Big Data and the Grid
byDan Houser
 
PPT
RSA2008: What Vendors Won’t Tell You About Federated Identity
byDan Houser
 
PPT
The Challenges & Risks of New Technology: Privacy Law & Policy
byDan Houser
 
PPT
Perimeter Defense in a World Without Walls
byDan Houser
 
PPT
Risk Based Planning for Mission Continuity
byDan Houser
 
Cryptography Overview Presentation circa 2005
byDan Houser
 
RSA2003: Forget Firewalls - early Zero Trust
byDan Houser
 
Digital Deception: Raising the Stakes on Hackers
byDan Houser
 
The Hidden Enemy Within - Why Ungoverned Data is Such a Big Problem
byDan Houser
 
RSA2008: Sins of our Fathers, for which we still are punished
byDan Houser
 
Now More than Ever: Ethics in Cybersecurity
byDan Houser
 
RSA 2005 H&T: Die Script Kiddie! Die, Die, Die!
byDan Houser
 
Crypto in the Real World - ISACA 10-Jan-2008
byDan Houser
 
Power Up your LinkedIn Profile, Effectively Highlight your Branc
byDan Houser
 
My Baby Done Bad Crypto - My Sweet Baby Done Me Wrong
byDan Houser
 
The Death of Best-of-Breed - Leveraging Cloud for Security Transformation
byDan Houser
 
2024 Security Outlook & Essential Security Practices
byDan Houser
 
Hacking and Armoring Identity Ecosystems: When MFA Isn't Good Enough Any Longer
byDan Houser
 
Driving Change and Resilience: Aligning Cybersecurity with Organizational St...
byDan Houser
 
2013 (ISC)² Congress: This Curious Thing Called Ethics
byDan Houser
 
Securing Big Data and the Grid
byDan Houser
 
RSA2008: What Vendors Won’t Tell You About Federated Identity
byDan Houser
 
The Challenges & Risks of New Technology: Privacy Law & Policy
byDan Houser
 
Perimeter Defense in a World Without Walls
byDan Houser
 
Risk Based Planning for Mission Continuity
byDan Houser
 

Recently uploaded

PDF
AI Vector Search Best Practices Multicloud Feb 2026
bySandesh Rao
 
PDF
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
PPTX
The Transformative Technology in Contemporary Businesses
bygreyaudrina
 
PDF
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
PDF
apidays New York 2025 | AI in Application Security
byapidays
 
PDF
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
PDF
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
PDF
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
PDF
GTM-and-Sales-Plan for a cyber security product
byAshish Jangir
 
PPTX
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
PDF
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
PDF
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
PDF
Empower your IT team with cloud-based PC management using Dell Management Por...
byPrincipled Technologies
 
PDF
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
PDF
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
PDF
final~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~.pdf
byomarbishtawi04
 
PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
PDF
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
AI Vector Search Best Practices Multicloud Feb 2026
bySandesh Rao
 
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
The Transformative Technology in Contemporary Businesses
bygreyaudrina
 
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
apidays New York 2025 | AI in Application Security
byapidays
 
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
 
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
GTM-and-Sales-Plan for a cyber security product
byAshish Jangir
 
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
Empower your IT team with cloud-based PC management using Dell Management Por...
byPrincipled Technologies
 
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
final~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~.pdf
byomarbishtawi04
 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 

Protect passwords - User Awareness Training

  • 1.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved Password Vaults: Protecting Yourself Online & In Real Life Dan Houser, CISSP-ISSAP-ISSMP CISM CGEIT CSSLP CCFP-US CISA InfoSec Leader & Architect Dan.houser@gmail.com @SecWonk #CPE4Free / #CPEs4Free
  • 2.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved Keeping your digital identity SAFE Armoring Up Installing Password Manager
  • 3.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved 3 4000 year old technology Most predominant authentication method – Halt! Who Goes There? [Identification] – What is the password? [Authentication] Most common form of authentication used No end in sight
  • 4.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved But does it work? ...ish Copyright (c) 2019, Trogdor Heavy Industries, All Rights Reserved bit.ly/2019InfoSecSummit
  • 5.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved CyberCrime & Passwords 2018 CyberCrime Losses: $3.3 TRILLION #1 Corporate Vector: email Phishing -> stealing passwords #1 Consumer vector: Stolen passwords Jan 2019: Collection 1-6 – Collection 1: 773Million passwords, emails, login IDs – Collections 2,3,4,5,6: Total 3.3 BILLION passwords & emails – Cost to download: $2 5
  • 6.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved Why this talk? “Only amateurs attack machines; professionals target people.” -Bruce Schneier “Cryptographic systems are only as strong as the underlying implementations…. Even though the [cryptographic] protocol itself is believed to be solid, a ‘lock’ icon is hardly of much significance when displayed by a bug-riddled browser running on a spyware-infested computer talking to a compromised Web server. “ - Paul Kocher Wizards Bank Galleons to Muggle Ministry Transfers Sign In Flue powder chat with a personal banker now
  • 7.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved SMS & Caller ID spoof, easy Smishing MFA: A Field of Fail Broken authenticators: Human Factor
  • 8.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved 8 Why passwords fail Bad passwords – The top 10 most common passwords used in 2018 are as follows: o 123456 (Unchanged) o password (Unchanged) o 123456789 (Up 3) o 12345678 (Down 1) o 12345 (Unchanged) Using passwords multiple places o 111111 (New) o 1234567 (Up 1) o sunshine (New) o qwerty (Down 5) o iloveyou (Unchanged)
  • 9.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved Armoring Up Use a password manager Use Multi-Factored Authentication Protect your accounts, don’t share! Split your accounts: • Use different accounts for different persons • Use multiple emails: • One email for banking/financials • One email for social media • One email for online purchases • One for everything else
  • 10.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved Multi-Factored Authentication Combines: – Something you know PIN, password, demographics, challenge-response – Something you have OTP token, phone, employee access card, key fob, RFID – Something you arefingerprint, voice print, photograph, facial recognition – Fourth factor: Somewhere you are o Does transactional activity indicate this logically is the same person? o Is Alice currently in Singapore?
  • 11.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved MFA: Multi-Factored Auth Use MFA wherever it’s offered – Banking / Finance – Social media – Email – Medical records – Centrify
  • 12.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved Why Different email accounts? Cascade Failure in Web of Trust Compromise of one account often enables compromise of others: Personal email -> social media -> banking credential reset -> corporate credential reset -> phone carrier reset -> new SIM -> OTP token reset -> cryptocoin wallet unlock… The challenge here is that reset of a credential ALWAYS relies on other credentials, and most are in-band Password reset is the weakest link of all FAIL MODES: Using same password for cat GIFs and banking
  • 13.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved PROTECT PASSWORDS of those you love Password Protection Methods & the reality of non-technical family members  Phishing exists because of this dichotomy  How to protect…  Techno-Phobe?  Grandma?  Middle Schooler?  Mentally Incompetent?
  • 14.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved PROTECT PASSWORDS Use a password manager: • 1Password • KeePass / KeePassXC • LastPass • BitWarden Unique passwords for every site No more stress about “where else have I used this password?”
  • 15.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved LastPass Interactive Demo Get on Guest Wifi guest@place.org HowNowBC? Install LastPass
  • 16.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved LastPass
  • 17.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved LastPass
  • 18.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved LastPass
  • 19.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved LastPass
  • 20.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved LastPass
  • 21.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved LastPass
  • 22.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved LastPass
  • 23.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved LastPass
  • 24.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved Armoring Up Use a password manager Use Multi-Factored Authentication Protect your accounts, don’t share! Split your accounts: • Use different accounts for different persons • Use multiple emails: • One email for banking/financials • One email for social media • One email for online purchases • One for everything else
  • 25.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved 25 “Apply” Slide Next week you should: – START Over the next 3 months you should: – Inventory all credentials, paths, flows for establish & reset – Normalize identity verification standards & scripts Within 6 months you should: – Instrument velocity checks on all authentication paths – Create backup MFA plan / solution – Migrate insecure credentials; consider NIST 800-63-3 as credential standard
  • 26.
    Copyright © 2020Trogdor Heavy Industries – All Rights Reserved 26 Q&A Copyright FarWorks & Gary Larson

Editor's Notes

  • #14 We know how tough it is in today’s cyber world. It seems like every day you hear of another company or bank being hacked. People are hacked everyday too; often, it is due to a poor password. We all have dozens of passwords to remember and the minimum requirements are getting bigger. Passwords used to be just that - a word; and often with only four characters. Now sites and apps require you to have 12 or more characters with numbers, capital letters and symbols.   These password requirements are not going to get shorter or easier so you might want to get ahead of the game. Ever wonder how you can possibly remember all of these passwords while still making them secure?   Make each password a phrase, a saying or even lyrics from a song. Just put all the letters and numbers together and you are on your way to a new “password.” Do not use: Passwords obtained from previous breaches, dictionary words, repetitive or sequential characters (aaaaa or 123456) and context-specific words like the name or purpose of the site requiring the password. Teach your kids to have fun creating passwords and making them as secure as possible. Remember never to share your passwords and teach your children the same. Use passwords on lock screens for all mobile devices and computers. Now that you’ve safely entered the cyber world, be careful what you let your children download into your world.