1 / 28

Password Managers

Password Managers. Software that can create and remember different passwords for different sites. Today’s Agenda:. Do your passwords measure up? What makes for a good password? Reconciling security and complexity with usability. Comparison of popular password manager applications.

forbess
Télécharger la présentation

Password Managers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Password Managers Software that can create and remember different passwords for different sites

  2. Today’s Agenda: • Do your passwords measure up? • What makes for a good password? • Reconciling security and complexity with usability. • Comparison of popular password manager applications

  3. Are you…. • Using a single password for everything? • Using your pet’s name for a password? • Using your grandchild’s name for your p/w? • Using ‘password’ for your password? • Using ‘123456’ for your password? • Using your birthday for your password? If so, you are at risk!

  4. Hacked! • Article in Nov. 2011 issue of The Atlantic by James Fallow • http://www.theatlantic.com/magazine/archive/2011/11/hacked/8673/ • Brought to the attention of NBCUG by member Susan Philibert • Tells the story of a real life password theft and the difficulties that ensued.

  5. Hacked! – Lessons Learned: • Any site that matters needs it own password • If you use an important password in two places, it is no longer a valid password • Any step up from ‘password’, ‘123456’ or your birthday or pet’s name is worthwhile • Problem – stronger passwords tend to be complex, hence harder to remember.

  6. Microsoft’s Password ‘Do’s • Length – eight or more characters • Complexity – letters, numbers, punctuation, symbols • Variation – change passwords often • Variety – different passwords for different sites • Hackers steal passwords from poorly secured sites and then try using them in more secure environments (e.g. banks)

  7. Microsoft’s Password ‘Don’ts’ • No dictionary words – ANY language • No common abbreviations or misspellings or words spelled backwords • No sequences or repeated characters, e.g. 12345678, 22222222, abcdefg, qwerty • No personal information – name, birthday, phone, driver’s license

  8. Examples • Bad Password: Banana • Good Password: 5.ytT#0_xn0ATzQVN|_yeGk2+0vFC2]ndZ • Great, but who’s going to remember that, especially if you use a different p/w for every site????

  9. Password managers…A little help remembering • Password managers ‘remember’ your passwords • Password managers allow you to use different passwords for each site • Password managers can generate strong passwords. • Password managers can link the site to the password and call it up automatically

  10. Comparing five Applications • PassWordSafe – Elliott Alterman • LastPass – Ellis Miller • KeePass – Michael Sagaser • Ascendo DataVault – Jim Cason • Roboform – Wayne Maruna

  11. Siber Systems is a privately-held company, incorporated in 1995 in the Commonwealth of Virginia, with offices in Germany, Japan, and Russia.

  12. Roboform • Five versions: • Free trial – limit 10 passcards • Roboform Desktop for Windows – one-time buy, free minor updates • Roboform Desktop for Mac • Roboform Everywhere - use on multiple computers – free major updates - syncs to each PC you’ve installed. • Roboform2Go – extends Roboform Desktop or Roboform Everywhere to a portable USB drive

  13. Roboform Platforms

  14. Roboform

  15. Roboform2Go

  16. Roboform Key Features (1)

  17. Roboform Key Features (2)

  18. Roboform Key Features (3)

  19. Helpful On-Line Tutorials

  20. Roboform Toolbar

  21. Logins Menu

  22. Passcard Editor

  23. Password Generator

  24. Options Menu

  25. License Options

  26. Cloud Storage Security • From Fred Langa’s column in the 3/22/12 issue of Windows Secrets: • “In the case of RoboForm (and most other well-known, Cloud-based, password-storage services), your data is stored on their servers in well-encrypted form. This means that even if someone hacks into RoboForm's servers, he'll see only strings of nonsensical characters — nothing plaintext.”

  27. Cloud Storage Security • From Fred Langa’s column in the 3/22/12 issue of Windows Secrets: • “RoboForm and similar services don't store decrypted passwords anywhere on their Cloud-based servers. When data is transmitted between your device and their servers, it's sent and received in fully encrypted form. Someone successfully eavesdropping on your communication link will, again, see only a stream of gibberish — nothing plaintext. Encryption and decryption take place only when you command it, and only inside your local device.”

  28. Cloud Storage Security • From Fred Langa’s column in the 3/22/12 issue of Windows Secrets: • “The final concern is the communication channel itself. Better services — including RoboForm — employ SSL encryption (just like most bank sites) to further protect all interactions with their password-storage servers.”

More Related