Cars, Security and a Peek into my Life
Spotted in an American airport.
Why go to all the trouble and cost to print this – on good card stock at that – but why not add a little effort and create proper logins & passwords? And print only monthly? I wouldn’t connect to this network.
Remember, airport WiFi is the most dangerous network in the world.
Airport WiFi looks like this – here
It’s the most dangerous network in the world – here
Which is why I don’t use it – here
At work, you’re probably required to change your password every 3 months or so.
It’s to kick out an attacker that may already be inside your system.
That’s it; simple and logical eh.
Because remember the golden rule – it’s not IF you’re compromised, it’s WHEN (more here)
Small business owners – it’s good practice to do this at least once every 3 months, ideally more. And when you do, be mindful of this sad stat – the more often employees are required to change passwords, the higher the chance it will be both written down, and super crappy, example: Summer2014 and Winter2015
Blog tag = passwords
This post has been brought to you by Nuix and KeriBlog.
Meet Nuix here.
Longer passwords are better, but why? 2 reasons.
1st – this mathematical formula:
2nd – that a password guessing script can make 25 billion guesses, per second.
So!
The password – kerio – uses only lower case alphabetical characters, of which there are 26.
So our formula is: 265 = 11 billion = cracked in 0.5 seconds
Here’s a proper, 25-digit password: “)pCdjAL’x*^KgV3XE!x*w!1P
It uses lower case letters (26), upper case (26), numbers (10), and symbols (32) = 9425 = 2.1291014e+49 = cracked in weeks = attacker likely moves onto an easier target
***
This post has been brought to you by Nuix and KeriBlog.
Meet Nuix here.
A strong password looks like this:
That’s difficult to brute force, and a dictionary attack won’t work on it… but how do you remember this?
You don’t – your password manager does.
Here, I made a fake one to show you, this is inside my manager.
1 – make 1 master password, like 25 characters long, write it down on paper, and ideally, memorize it, then store a physical copy somewhere other than home
2 – use that master password to log into the manager. That’s it, no more remembering from here on
3 – use the password generator to create a unique password for each site you log into
Add login information, notes, click okay to save.
To log into a site: go to manager > copy the password > back to browser > paste > done
4 – routinely backup the database, and store it on 2 USB keys in 2 locations (why? Here.)
Here’s a shopping list:
– 256 encryption minimum, AES-256 (Advanced Encryption Standard)
– ideally the backup file is encrypted
– has the ability to exclude certain characters when generating passwords
– can sync between devices
– be wary of plugins that are independent of any software
– simple is best! It’s like a car – the more features it has, the more there is to break
Possible Programs:
– KeePassX – open source
– 1Password – (a Canadian company!)
– Password Safe – open source
Important: this is not an endorsement any of these programs, do your homework
This post has been brought to you by Nuix and KeriBlog.
Meet Nuix here.
Take a common password – 8 characters in length, composed of 1 word, 1 numbers and 1 punctuation mark:
Using a script (a program that automatically executes tasks instead of a human), the script starts to guess all possible 8-character password combinations. This will take about 3 days.
This is a brute force attack – very little elegance, just plain old grinding it out.
Using a dictionary attack, again the attacker runs a script, but this time instead of random guessing, dictionaries of words are tried first, specifically, the most common password words are tried.
Choose 3 obscure words, string them into a sentence separated by punctuation and numbers.
***
This post has been brought to you by Nuix and KeriBlog. Meet Nuix here.
