20/04/23 1

Passwords are high value targets

2,000,000passwords stolen from Facebook,

Twitter and Google

The Independent, 5 December 2013

Stolen Facebookand Yahoo passwords

dumped onlineBBC News,

4 December 2013

Racing Post Breached: Users'

Passwords Stolen

Infosecurity Magazine, 25 November 2013

Did your Adobe password leak? Now

you and 150m others

can checkThe Guardian,

7 November 2013

How are passwords stolen?

Password cracking Phishing Malware

VIRUS

Password mistakes Pet’s name

Significant dates

Child’s name

Favourite football team

Partner’s name

Place of birth

Username

Password1234567123456123456789password12345678Qwerty111111123123Photoshop

John Smith

Don’t make it easy!

• Names, dictionary words or acronyms in any language

• A word with a number after it (e.g. password1)

• Logical number replacements for letters in a word (e.g. pa55w0rd)

• Keyboard patterns (e.g. qwertyuiop or poiuytrewq)

• Sequential numbers (e.g. 12345678 or 987654321)

• Your username

• Words that could be guessed easily by researching your life

Embed Animation

How to create a strong password

1

Use at least eight characters, preferably more

2

Use UPPER CASE and lower case

letters

3

Use letters, numbers

and special characters

4

Make itlook like

a random configuration

5

Use a

passphrase

How to create a passphrase

Take the initial letters 2

Substitute some of the letters for logical numbers

3

Add logical special characters I E F @ C 4 L £ F4

Vary the letter case I e F @ c 4 L £ f5

“I Eat Fish And Chips For Lunch Every Friday” 1Think of a phrase I E F A C F L E F

I E F A C 4 L E F4

@ £

e c f

How to protect your passwords

Never share your password Never reuse old passwords

Never use the same password for different systems or devices

Never allow websites to remember your password

Change default passwords immediately Passwords can only be stored in an encrypted file

Change your password every 90 daysPasswords are classified Strictly Confidential

Mobile device passwords and PINs

Make it appear random

Never use sequences (e.g. 1234, 9876, etc.)

Never use sequential numbers (e.g. 0000, 9999, etc.)

Passwords and PINs must be at least four characters long

Compromised password?

Contact the IT Helpdesk immediately

Change your password immediately

Use Password Manager to protectyour passwords

To take away...

Your passwords are extremely valuable

Create strong passwords

Never share your password

Passwords can only be stored in an

encrypted format

Never use the same password for different

systems or devices

Report compromised passwords to the IT

Helpdesk immediately

Thank you!