Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Tuesday Tech Talk: Passwords

Informal presentation on passwords covering the what, who, why, how, where, when with a side-order of how long, how often, and storage and transmittal.

Jeffrey Gifford

on 15 March 2016

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Tuesday Tech Talk: Passwords

Passwords: "what" Things we protect with passwords What are we protecting again?
(part two) Summary Passwords provide:


Authorization your PC intellectual property make them easy to remember
and hard to figure out Authentication what you have:
key fob
smart card
token who you are:
photo ID verify/validate one's identity
"you are who you say you are" what you know:
password Authorization granting permissions
"you are permitted to do what you're trying to do" creating timesheets approving timesheets Tuesday Tech Talk: Passwords November 20th, 2012 your email Business Portal Policies Site (aka "SharePoint") All use "Domain Credentials"
e.g., INTRANET\username VPN HPC clusters network same password for all! office front door websites "J:" drive "X:" drive conference calls voicemail potentially different for each!! mobile devices printing Examples: bad passwords username: george
password: george11 Better passwords: "how" phrase or series of common words what how passwords where when why physical premises trade secrets ours our clients' ours our clients' reputation our clients' ours physical assets ours our clients' employees revenue vs vs provisioning users who can create timesheets 1234 sunshine 12221978 password 123456 12345678 qwerty asdfg dragon abc123 letmein master shadow 11111111 jordan username: fred
password: fred superman M_-0@78'dkY=t@T *{4e[P4S7e&})|l http://xkcd.com/936/ https://twitter.com/ArtJonak/status/256268122317787136 escuela username: dagwood
password: blondie might need to add a number The battle of Waterloo was won on the playing fields at Eton Waterloo was 1 But a miniature sleigh, and eight tiny reindeer. and 8 tiny reindeer. Use the basis of something you know well, such as a song title, affirmation, or other phrase. In-A-Gadda-Da-Vida bonus points if it's easy to type great only if people know you prefer Classical lousy if everyone knows you love Iron Butterfly extra bonus points if it's easy to input on your mobile device from: http://openclipart.org/detail/148987/grey-shaded-key-by-silwol Improving Passwords: "how" change frequently "the technical integrity of the Company Computing and Network Resources" "the operation of our business" "provision of service to our clients" michael 60 or 90 days include punctuation simple: harder: . , ; : ? ! Two-Factor Authentication: something you know (username)
something else you know (password)
something you have (one-time password hardware) Passwords aren't everything passwords coming in 2013 for VPN access WiFi make it long: 9 chars is better than 8
20 chars is better than 9 easy to remember hard to figure out don't send passwords over email
don't keep on a sticky note use a password vault KeePass Password Safe
Keeper lock your PC <ctrl-alt-del> when you leave your desk! least-privileged access tiger "security-by-obscurity" isn't security firewall intrusion detection monitoring virus scanning malware protection website blocking but for our externally-facing applications,
it's the first line of defense. firewall firewall firewall firewall firewall passwords passwords passwords passwords passwords passwords passwords firewall firewall patching change them often remember what you're protecting don't share them don't email them "credentials"
Full transcript