Passwords or Pass Phrase? Protecting your Intellectual Property

Much has been said on the theory of password protection for files, computer login, and other network access. In the past we used a combination of letters, special characters, and other techniques to try and prevent unwanted or unauthorized access to our computers, resources, and networks. A new theory on passwords is emerging that may help us remember our access codes, be more secure, and generally keep hackers and thieves out of our networks.

A password is a combination of words, letters, and special characters that only the user knows, allowing access to a computer or other information resources. As humans we have a large number of codes and numbers we need to remember every day ? such as the key lock on our apartment entries, national identification numbers, automobile license or tag numbers, telephone numbers ? it is a large and confusing suite of items we need to memorize.

When selecting a new password or pass code for access to a computer system, most of us understand how difficult it is to remember complex codes, and thus we select something already know n to us, such as names, birthdays, national identifiers, or other known items, and then place a number or character in front of the name or number thinking it is secure. This is easy to understand, as most of us simply do not have an ability to instantly recall large numbers of complex codes.

In a worst case we simply write down the complex code on a piece of paper, and leave it in a desk, our pocketbook, or in many cases taped to the front of our computer monitor.

However, to a hacker this makes access to your network or computer much easier, at they generally only have to learn a couple things about you, and add a few numbers to the front or ending of your personal data ? you would be surprised how often this grants access to computers and networks. Ad some good "cracking utilities" to the hacker's suite of tools, and you can understand the threat.

PassPhrases are a concept that will help us create more secure, easy to remember safeguards for our computer and network resource protection. A passphrase is a selection of words and/or numbers that are 15 characters or more in length, and are easy for us to remember. A couple examples of a good pass phrases are:

? igotodalaieejdaily

? shehasbeautifulhair

? surfinginhawaiiisgreat

According to Mark Minasi, a noted security consultant, a 15 character pass phrase will require a cracking program the following number of computations to try and break a 15 character pass phrase:

? 15 lowercase letters = 1,677,259,342,285,725,925,376 possibilities

? Try a million a second, it'll take 531,855 centuries/years to break the code

As you can see, this is a pretty good level of security for your resource.

Another concern with passwords is if you forget or lose the password, and are using a utility like Microsoft's Encrypting File System (EFS), you run the risk of losing all access to your important files if you require a hardware reset of your password. All EFS encrypted files are linked to your login profile, meaning if you encrypt a directory or file with EFS, and you do a hardware reset on your computer, those files and directories are lost FOREVER.

For Microsoft Windows users you can now also use spaces within your pass phrase, however we would not recommend embedding spaces in your pass phrase, as that actually does allow a cracker better access to getting your code ? it may help them crack it in 100,000 years rather than 250,000!

(About the Author ? John Savageau is a managing director at CRG-West, responsible for managing operations and architecture for several of the largest telecommunications interconnect facilities in the US, including One Wilshire in Los Angeles)

In The News:

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news

Forbes

Brexit Chaos: Why It Is A Major Terrorism And Security Risk
Forbes
In Berlin earlier this year, the Director General of MI5, Andrew Parker, addressed a symposium organized by BfV, Germany's domestic security agency. “Europe faces an intense, unrelenting and multidimensional international terrorist threat,” he said.


Washington Post

The White House bickering endangers national security
Washington Post
This week's spat between the “Office of the First Lady” and the National Security Council took the Trump team's endless infighting to a new and dangerous level. The public shaming of deputy national security adviser Mira Ricardel by her own White House ...
Deputy National Security Adviser Leaves Post After Criticism From Melania TrumpNPR
National Security Aide Is Out After Feud With First LadyWall Street Journal
President Trump reassigns Mira Ricardel, the deputy national security adviser the first lady wanted firedUSA TODAY
CNN -ABC News -Wall Street Journal -CNN
all 2,328 news articles »

Chicago Tribune

Witness to shooting of security guard Jemel Roberson: Officer opened fire 'not even 5 seconds' after warning
Chicago Tribune
Jemel Roberson was wearing a cap and sweatshirt that had the word “Security” on them when he was fatally shot by a Midlothian police officer while Roberson was trying to subdue a suspect early Sunday at a Robbins bar, a man who said he was working ...
'Hero' security guard killed by police was working extra shifts for his son's ChristmasCNN
Police Suggest Security Guard Jemel Roberson Was To Blame For His Own DeathHuffPost
'Hero' security guard killed by cops was working extra shifts for son's Christmas presentsWLWT Cincinnati

all 74 news articles »

BBC News

Japan's cyber-security minister has 'never used a computer'
BBC News
Japan's new cyber-security minister has dumbfounded his country by saying he has never used a computer. Yoshitaka Sakurada made the admission to a committee of lawmakers. "Since I was 25 years old and independent I have instructed my staff and ...
Japan's cyber security minister admits he has never used a computerTelegraph.co.uk
Japanese cyber security minister 'doesn't know what a USB stick is'The Register
Japan's Cyber Security Minister Has Never Used a Computer, Doesn't Know What a USB Drive isNews18
The Guardian -The Japan Times
all 365 news articles »

Axios

One small step for a decade-long security "moonshot"
Axios
What they're saying: "A lot of cybersecurity today is how can we patch this problem in the next five days or months, or legislate a solution before the next election," says Altabef, co-chair of the National Security Telecommunications Advisory ...

and more »

fox2now.com

Metro security study bemoans lack of police, coordination
fox2now.com
ST. LOUIS – Some of the recommendations from the $375,000 security study of Metro Transit were released Thursday. Representatives of transit agencies from four other cities (Portland, Sacramento, Minneapolis-St. Paul, and Washington DC) came to St.

and more »

ZDNet

DOD disables file sharing service due to 'security risks'
ZDNet
"The AMRDEC SAFE site was disabled as a preventative measure after agencies outside of AMRDEC identified potential security risks," said a statement posted on the SAFE portal. "At this point, we are uncertain if the site will be reinstated." ...


KWCH

QuikTrip to add full-time security officers
KWCH
What is true is that the company is looking for people with law-enforcement experience or veterans to help add security to its stores. QuikTrip has already tested having the in-store security and sees already sees positive results in Wichita. For years ...


WIRED

Mozilla Makes a Naughty List of Gifts That Aren't Secure
WIRED
Among the important signifiers of a trustworthy stocking stuffer, according to Mozilla's rubric: the use of encryption, pushing automatic software security updates, strong password hygiene, a way to deal with vulnerabilities should they arise, and a ...
Mozilla ranks dozens of popular 'smart' gift ideas on creepiness and securityTechCrunch
Mozilla - *privacy not included - Mozilla AdvocacyMozilla Advocacy

all 26 news articles »

New York Times

Police Report in Killing of Black Security Guard Is Criticized as Rushed
New York Times
The Illinois State Police took steps on Tuesday to defend the actions of a suburban Chicago police officer who killed an armed security guard on Sunday, claiming that the guard was not wearing a uniform and ignored verbal commands to drop his weapon.
Police officer who shot armed black security guard is white: AuthoritiesABC News
Fatal shooting of Chicago-area security guard investigated as racially motivatedNBCNews.com
Officer Gave Security Guard 'Multiple Verbal Commands' To Drop Gun, Police Now SayNPR
WLS-TV -WGN-TV -Chicago Sun-Times -Associated Press
all 430 news articles »
Google News

Spyware, This Time Its Personal!

First the basic definition of Spyware: It is a type... Read More

The Importance of Protecting Your PC from Viruses and Spam

Today the internet is a mine field of malicious code... Read More

Protecting Your Home Both Inside and Out

If you are a parent, you have probably wondered at... Read More

DOS Attacks: Instigation and Mitigation

During the release of a new software product specialized to... Read More

The Truth About Hiding Your Tracks on the Internet

Ok, ok, I know you've seen them. All those pop... Read More

Computer Viruses and Other Nasties: How to Protect Your Computer from These Invaders

Can you protect your computer from all possible viruses and... Read More

Message Board Security Problems

Security leaks can be a big problem for any site... Read More

New CipherSend Online Security Service Thwarts Email Address Theft And Soothes Password Fatigue

In 1997, I decided after 15 years as a practicing... Read More

Website Security - Creating a Bulletproof Site in 5 Easy Steps

When it comes to a secure website and passwords it... Read More

Identity Theft -- 10 Simple Ways to Protect Your Good Name!

Identity Theft is one of the most serious problems facing... Read More

If You Steal It, They May Come!

Business on the internet is getting down right shameless. This... Read More

Secrets On Security: A Gentle Introduction To Cryptography

Let us take the example of scrambling an egg. First,... Read More

Computer Viruses, Worms, and Hoaxes

In recent days, I was one of the unfortunate persons... Read More

Preventing Online Identity Theft

Identity theft is one of the most common criminal acts... Read More

How Did This Happen to Me? Top 10 Ways to Get Spyware or Viruses on Your Computer

If you use the internet, you have probably been infected... Read More

Everything You Need To Know About Spyware and Malware

You are at your computer, checking out software on EBay.... Read More

Parental Control - Dangers To Your Child Online & Internet Child Safety Tips

Did you know...? 1 in 5 children who use computer... Read More

Technology and Techniques Used in Industrial Espionage

Industrial Espionage. These methodologies are being used on a daily... Read More

Make Money Online - Latest Scam Disclosed

Before we start, I want to make it clear that... Read More

Hacking the Body Via PDA Wireless Device

First I would like to stress I am condoning the... Read More

Watch Out For That Scam

The IFCC (Internet Fraud Complaint Center) received over 200,000 complaint... Read More

Virus Nightmare..Lessons Learned

I got a virus the other day, Thursday I believe... Read More

Be Alert! Others Can Catch Your Money Easily!

So called phishers try to catch the information about the... Read More

Firewall Protection - Does Your Firewall Do This?

The first thing people think about when defending their computers... Read More

Web Conferencing Readers - So What Do We Do with the PAYPAL SPAMMER

From: "Paypal Security" Subject: New Security Requirements Date: Tue, 26... Read More