340 likes | 511 Vues
Internet Security. Passwords. What Are Passwords?. September 2008: Hacker steals password, breaks into Vice-Presidential candidate Sarah Palin’s email account. 2005: Hacker steals file with customer passwords from advertising company Acxiom.
E N D
Internet Security Passwords
What Are Passwords? • September 2008: Hacker steals password, breaks into Vice-Presidential candidate Sarah Palin’s email account. • 2005: Hacker steals file with customer passwords from advertising company Acxiom. • October 2009: Hackers steal thousands of passwords from Hotmail, Gmail, and Yahoo accounts, then post them online.
What Are Passwords? • People need all sorts of keys for everyday life. • Your family uses a key to lock the front door when someone goes out, and to open the door to come back inside. • Keys are used to lock and unlock the doors and trunk of a car. • A store’s owner will use a key to open and close for the day.
What Are Passwords? • All of these keys are used to get to something; the inside of a house, a car, a store. • The keys also make these things safe, by keeping out strangers. • We use keys like this on the Internet too. Internet keys used to open things for us and keep out strangers are known as passwords.
What Are Passwords? • Passwords are kind of different from everyday keys like your house keys though. • Passwords are also like nametags. • People at work will sometimes wear tags with their name and picture on them. This shows that they are really allowed to work there. • Passwords are like your nametag when you are on the Internet.
What Are Passwords? • Like nametags, passwords are also made up of characters like letters. • Passwords are kind of different from nametags too. • Instead of just using letters, passwords can use anything else you might type in on a keyboard, like numbers or question marks.
When Are They Used? November 2005: Private Info On Website For Papa John’s Pizza Is Leaked • Between Sept 29 and November 7th, personal comments by users and company emails were displayed publicly on an online mailing list. • Users’ names, addresses, phone numbers, and email addresses were exposed. So were private discussions between managers. • This occurred because Papa John’s Pizza’s email system did not use passwords. Since this occurred, they have now installed a password system. http://news.cnet.com/Pizza-chain-caught-without-fully-baked-security/2100-7349_3-5938572.html?tag=lia;rcol
When Are They Used? There are many websites that may make you use a password. • Websites for talking to friends like Facebook or MySpace make you use passwords. • Websites that let you email people make you use passwords. • You or a teacher might need to use a password to get on some school related websites.
When Are They Used? • When you make passwords to be able to use websites, you have to give the websites facts about yourself. • When you do this and make a password to use, these websites make a personal “account” for you that only you can use. • Now you can use these websites. The password you use keeps the facts you gave safe. • The password also shows that you have gotten special permission from the website to use it.
When Are They Used? • Sometimes you also need a password to be able to use a computer. • This is done to keep important files and personal information private, so that only people with special permission can see and use that stuff.
Reasons For Protecting Your Passwords October 2009: Man in Hazel Green, WI charged with identity theft. • According to local authorities, he found the pin # and password to someone else’s PayPal account. • He then used the person’s account to buy 47 items, totaling $1,753. 53. http://www.wkowtv.com/Global/story.asp?S=11383665
Reasons for Protecting Passwords • Just like with regular keys, you don’t want to leave your password out for someone to take. • This could be bad for a number of reasons. • The Internet is kind of different from everyday life, so it is important to look at some of the reasons we need to protect our passwords.
Reasons For Protecting Your Passwords oSomeone could steal personal information from you or your family. This might be • Your birthday, address, or phone number • Credit card numbers or bank account information • Important information about money or school.
Reasons For Protecting Your Passwords A stranger could do bad things with this stolen information like • Stealing money from your family’s bank account. • Buying lots of things for themselves using a family account instead of paying for it themselves. • Damaging or stealing programs and files on the computer you use.
Reasons For Protecting Your Passwords Someone who has your password can also • Act up on an account to get you kicked off or embarrass you • Give your personal information to other people • Use your account to attack other people using computer viruses
Reasons For Protecting Your Passwords • Remember that a password is like a nametag. • If a stranger has it, they can pretend to be you online. • If that person does anything bad online or to other computers, you could be blamed for it.
How To Make Safe Passwords • Someone who wants to steal your password will usually try guessing what it is • There are special computer programs and viruses that a person can use to guess other people’s passwords • These programs only work well for unsafe passwords • To protect yourself, you need strong passwords
How To Make Safe Passwords • Passwords can be tricky, because you have to come up with good ones yourself. • Don’t worry though. There are rules you can follow to help you make good passwords.
How To Make Safe Passwords • Passwords that are longer are harder to guess. • You should use at least 8 typed characters. • Don’t just use upper or lower case letters. Mix them up. • Passwords are harder to guess if they use more than one kind of character. • Don’t just use letters. Use symbols and numbers too, like 8or %.
How To Make Safe Passwords • Passwords are the safest when they look really mixed up and confusingto other people. • A good way you can do this is by chopping up real words and mixing them with other characters. • You should also try to make passwords that you can remember without too much trouble. • This can be done by making your own secret messages.
How To Make Safe Passwords Here is an example to show how you can do these things. • Start with a message that means something to you: “ My cute dog Argos is two years old.” • Now write the message with just one letter from each word: “mcdAityo” • Now try to mix things up with other characters: M;c13D>Ai2_y0 • This is just an example. Remember, you have to come up with your own.
What You ShouldNot Do The Most Common Passwords In 2007: monkey myspace1 password1 link182 (your first name) • password • 123456 • qwerty • abc123 • letmein http://www.pcmag.com/article2/0,2817,2113976,00.asp
What You Should Not Do • In October 2009, security researchers looked at over 10,000 passwords which had been captured by attackers from people’s “accounts”. • Most of the passwords did not follow good password practice and were easy to guess. • Many were still things like “123456” or first names. • Let’s go over common mistakes to avoid when you make your passwords. http://news.cnet.com/8301-27080_3-10371499-245.html
What You Should Not Do These are things you should not do when making passwords. • Do not use words or names in any language. • Do not use personal information like your birthday or phone number. • Do not use ordered characters, like “1,2,3,4,5,” or “abcdef”.
What You ShouldNot Do More things you should not do when making passwords. • Don’t use basic words that have just been moved around, like backwards words or anagrams. • “Anagrams” are words made by moving around the letters of a word. An anagram of “pepsi” would be “pipes”. • A password isn’t safe unless it looks really mixed up. If it still looks like a word, like “Pa55w0Rd”, its not safe.
Keeping Your Passwords Safe July 2007: Nevada governor’s email password accidentally posted on state government website • Microsoft Word document is posted by the Nevada government on its website, explaining how to send the governor’s email updates. • Document shows the governor’s password for his email. • Other documents on the website also show his password for some time afterward. http://news.cnet.com/8301-10784_3-9747705-7.html?tag=mncol;title
Keeping Your Passwords Safe After you make passwords you still have to keep them safe. Here are some ways to do it. • Neverlet a computer remember your password for you. Anyone else who used that computer could easily get your password. • Do not keep passwords anywhere online, especially in emails. • Some websites have you come up with a password recovery question in case you forget your password. Make sure to pick an answer for these questions that is hard to guess.
Keeping Your Passwords Safe • Be careful if you have to write or type your passwords in public. Make sure that no one can see them. • Don’t let anyone except an authorized adult know what your passwords. • If you have to give any of your passwords to someone, try to give them in person.
Keeping Your Passwords Safe • Don’t use the same password for more than one “account” or computer. • Passwords can be hard to remember. It’s OK if you write them down, but make sure to keep them somewhere safe. • Websites will make you change your password every so often. Make sure that when you do change passwords, you make safe ones.
Keeping Your Passwords Safe Remember, if you think someone might have your password . . . Change it ! !
Conclusion • Passwords are very important because they are your Internet keys and name tags. • It is important to make them safe, to keep people from getting sensitive information. • Passwords might seem complicated and a lot of bother, but they can actually be a lot of fun.
Sources • http://www.staysafeonline.info/content/cyber-security-materials • http://cybersmartcurriculum.org/safetysecurity/lessons/4-5/powerful_passwords/ • http://cybersmartcurriculum.org/safetysecurity/lessons/9-12/managing_passwords/ • http://it.unm.edu/accts/passwordinfo.html • http://www.tcnj.edu/~it/security/passwords.html • http://www.cs.unc.edu/cgi-bin/howto?howto=security-passwords • http://en.wikipedia.org/wiki/Passwords • http://www.microsoft.com/protect/fraud/passwords/create.aspx • http://www.cert.org/homeusers/HomeComputerSecurity/#6 • http://www.securityfocus.com/infocus/1537 • http://www.securityfocus.com/infocus/1192 • http://news.cnet.com/8301-27080_3-10371499-245.html?tag=mncol;txt • http://www.cnn.com/2008/POLITICS/10/08/palin.hacker/index.html • http://news.cnet.com/Data-thief-gets-eight-years/2100-7348_3-6042290.html?tag=lia;rcol • http://www.pcworld.com/article/173210/stolen_hotmail_passwords_show_that_crooks_like_webmail.html
Sources • http://news.cnet.com/Pizza-chain-caught-without-fully-baked-security/2100-7349_3-5938572.html?tag=lia;rcol • http://www.wkowtv.com/Global/story.asp?S=11383665 • http://www.pcmag.com/article2/0,2817,2113976,00.asp • http://news.cnet.com/8301-10784_3-9747705-7.html?tag=mncol;title