General information about the podcast
What
Where
Why
Episode 1
Good password etiquette is the answer, What was the question
We all have passwords
They are one of the hardest components for most people to understand the significance and reasons behind them.
Passwords are your passport to the digital world and like your passport there are some principles and requirements we need to embrace
From your need to gain access to the internet in the 90's to a system of protection for all access to the internet.
There are a number of areas where retirees and the elderly need to focus and address
This episode we are going to focus on passwords ………..
How did we get into the password issue, why we need passwords, what should be a password (or not), why we need them, understanding that when it comes to security convenience is our enemy, and how do the cybercriminal steal them.
Passwords, password scams and password managers.
History of passwords (open sesame)
Since the late 90's
Started basic and got more and more complex.
Why do we have passwords
Protect our digital assets.
Restrict access to information
Stop the bad guys getting information
What should be a passwords
Unique, complex and 12 characters
What should not be a password
Names, personal information, locations
Understanding the need for a password
To stop people gaining access to PI
Convenience vs security
Small passwords are convenient for you and also for the bad guys
Password theft and scams
Never give away your password
If it demands your password never give it away
Pop ups,
Now I have to remember something else
Last episode we focused on the dreaded password
- Where did they come from
- Why do we use them,
- Why they are important for protecting your stuff
- What they are made up of and what not to use.
This episode of the "old persons take on protecting your stuff" we will focus on the addition of a third level of protection around your internet based sites and services
Access to every account has a username and password - who you are and what you know
The third layer is what you have and that is called multi factor authentication or 2 factor authentication
In the same area is also the wonderful capture system.
Username and password and now prove that you are human by answering this little puzzle - traffic light, hills which animal is the right way up.
Then there is the next one - how can a tick in a box prove that I am not a robot?
So this episode we are going to focus on 2 factor, multi factor authentication and captcha
Multi factor authentication
Why do we need another layer of authentication
Password stealing
Scams
MITM attacks
A warning system for criminals accessing your account
What is 2 factor / Multi factor Authentication
A technology that allows for a third level of information to gain access to an account
SMS,
authentication app,
dongle
How does it work
Association with an account
SMS - put in your mobile number
Authenticator app - usually a Qrcode
Dongle - set up by the organisation
Which way is best
All systems have vulnerabilities
Each has its own use
SMS can be used on non smart phones
Where does capture come into this
This is to counteract the automated systems
Used to prove that it is a human
You have to pick the 3 or 4 things that are right
The other one - I am not a robot relies on the browser content
Dos and don'ts
Do set up 2 FA
Do add 2FA to your accounts - website,
Do use 2FA on all admin accounts
Do not - Never give away the code
Do change your password if you receive a code and it was not you
If more than 2 people need access there are ways to set it up
Summary