Making a good password
It is important to make a good password.
- Stops others from stealing your information.
- Stops others from stealing your identity.
- Stops others from getting you in trouble.
What is Identity Theft?
- It is where someone impersonates another person
- Physical identity theft is a minor problem.
- Electronic identity theft is a major problem.
What identifies you electronically?
- Identification numbers (social security number, student id, ...)
- Usernames or account names
- Passwords or pins
Where could identity theft occur
- Anywhere you have personal information.
- Accounts, (school, fafsa, bank, amazon)
- Or you send personal information
- IRS, DMV, ..
What could be stolen?
- Cash
- Items purchased using your credit
- A 2012 DOJ report states
- 7% of the adult population of the US were victims of Identity Theft
- 85% involved the use of account information (credit card, bank account, ...)
- $24.7 billion in direct and indirect losses in 2012
- 68% of the victims reported a financial loss
- The average financial loss was $1,769
You should NEVER
- Give your password to anyone
- A friend or family
- A systems person - if they need it, they have access to it.
- An anonymous email
- An be careful when unexpected requests for passwords appear.
Also, be careful about social engineering
- People just flat out asking you to sign in so they can "test" the system
- People using personal information to "guess" your password.
- Someone watching over your shoulder to see what you type.
- Don't write it down and tape it to your keyboard, desk drawer, ..
What doesn't make a good password?
- The default password, whatever it is.
- Your name, your boy/girl friend's name.
- ANY word in English.
- ANY word in ANY language.
- Non words that have cultural meaning (R2D2, C3PO)
- A word spelled backwards, in any language.
- A word with a number tacked onto the end.
- Standard number for letter replacements 3=E, 0=O.
- Short passwords.
What makes a good password?
- Two words stuck together: dog+four
- A word spelled really poorly: linkon
- Numbers mixed in: 2Brnot2b
- Something you can remember, (Don't have to write down)
- Something that is quick to type.
Some Rules:
- Keep your password to yourself.
- You should never have to give your password to a person.
- Keep a secure password, banner and such, and an insecure
password (web sites).
- Always be careful with your password.
Why these rules for passwords?
- Identity Theft has become a major problem
- In most systems, your account name or number along with your password are your identity on that system.
- Most account names are public information.
- How many different passwords can I make using one lowercase letter?
- a, b, c, ....
- A total of 26
- How about two letters?
- aa, ab, ac, ... zz
- a total of 26*26 or 262 = 676
- Let us do an experiment
- Start Excel
- In Cell A3 put Number of Characters
- In Cell B3 put 26
- In Cell C3 put Tests Per Second
- In Cell D3 put =1*10^9 (A 1 GHZ machine)
- In Cell B5 put K
- In Cell C5 put 2^K
- In Cell D5 put Seconds
- In Cell E5 put Min
- In Cell F5 put Hour
- In Cell G5 put Day
- In Cell H5 put Year
- In Cell B6 put 1
- In Cell C6 put =$B$3^B6
- In Cell D6 put =C6/60
- In Cell E6 put =D6/60
- In Cell F6 put =E6/60
- In Cell G6 put =F6/24
- In Cell H6 put =G6/365.25
- Copy the formulas down
- Your final worksheet should look like this.
-
- This assumes a 4 GHz machine that takes 4000 instructions to check a password.
- This is good, but look at this article
Resetting and Changing your password at Edinboro
- Go to my.edinboro.edu
- Select Forgot/Expired/Change Password
-
- Select the proper choice for you.
- Know password
-
- Don't know password
-
- Reset code sent to alternative email
-
- Reset using security questions
-
- If all else fails, go to the helpdesk in Ross hall.
- Notice the restrictions on new passwords
-
