An old persons take on protecting your stuff

General information about the podcast

What

Where

Why

Good password etiquette is the answer, What was the question

We all have passwords

They are one of the hardest components for most people to understand the significance and reasons behind them.

Passwords are your passport to the digital world and like your passport there are some principles and requirements we need to embrace

From your need to gain access to the internet in the 90's to a system of protection for all access to the internet.

There are a number of areas where retirees and the elderly need to focus and address

This episode we are going to focus on passwords ………..

How did we get into the password issue, why we need passwords, what should be a password (or not), why we need them, understanding that when it comes to security convenience is our enemy, and how do the cybercriminal steal them.

Passwords, password scams and password managers.

History of passwords (open sesame)

Since the late 90's

Started basic and got more and more complex.

Why do we have passwords

Protect our digital assets.

Restrict access to information

Stop the bad guys getting information

What should be a passwords

Unique, complex and 12 characters

What should not be a password

Names, personal information, locations

Understanding the need for a password

To stop people gaining access to PI

Convenience vs security

Small passwords are convenient for you and also for the bad guys

Password theft and scams

Never give away your password

If it demands your password never give it away

Pop ups,

Now I have to remember something else

Last episode we focused on the dreaded password

  • Where did they come from
  • Why do we use them,
  • Why they are important for protecting your stuff
  • What they are made up of and what not to use.

This episode of the "old persons take on protecting your stuff" we will focus on the addition of a third level of protection around your internet based sites and services

Access to every account has a username and password - who you are and what you know

The third layer is what you have and that is called multi factor authentication or 2 factor authentication

In the same area is also the wonderful capture system.

Username and password and now prove that you are human by answering this little puzzle - traffic light, hills which animal is the right way up.

Then there is the next one - how can a tick in a box prove that I am not a robot?

So this episode we are going to focus on 2 factor, multi factor authentication and captcha

Multi factor authentication

Why do we need another layer of authentication

Password stealing

Scams

MITM attacks

A warning system for criminals accessing your account

What is 2 factor / Multi factor Authentication

A technology that allows for a third level of information to gain access to an account

SMS,

authentication app,

dongle

How does it work

Association with an account

SMS - put in your mobile number

Authenticator app - usually a Qrcode

Dongle - set up by the organisation

Which way is best

All systems have vulnerabilities

Each has its own use

SMS can be used on non smart phones

Where does capture come into this

This is to counteract the automated systems

Used to prove that it is a human

You have to pick the 3 or 4 things that are right

The other one - I am not a robot relies on the browser content

Dos and don'ts

Do set up 2 FA

Do add 2FA to your accounts - website,

Do use 2FA on all admin accounts

Do not -  Never give away the code

Do change your password if you receive a code and it was not you

If more than 2 people need access there are ways to set it up

Summary