Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT...

Two-Factor Authentication & Tools for Password Management

August 29, 2014

Pang Chamreth, IT Development Innovations

1

Objectives

• Understand what is two-factor authentication• Define how to enable two-factor authentication for• Understand how to setup step by step • Understand most common worst password• Know how to securing your password• Understand what is password management


2

What is Two-Factor Authentications

• Two-factor authentication adds a second level of authentication to an account log-in.

• Two-factor authentication is used to increase security by requiring:

“Something you know”

AND “Something you have”


3

How to enable two factor authentications for:

• LinkedIn • Twitter • Microsoft • Apple • Google• Yahoo• Dropbox


4

Benefits of Two-Factor Authentications

• Stronger security• When logging in to your account, after typing in your

username and password, a second password sent to you via text.

• If a hacker gets your username and password they still won’t be able to get in to your account.


5

Does loss of

control over

your email?


6

How two-factor authentication can help

•Can recovery your email’s password•Can protect your account from hacker•Easy to used with 1st password & 2nd mobile•See the practice to use 2-step verification on your google account


7

Practices to used two- factor authentication

Practices to used two- factor authentication with google account.

Set up 2- Step VerificationsPang Chamreth, IT Development Innovations

8

2-step verification

Help to prevent hacker that try to use your account when they know your username and password.

For best practices we will set up 2-Step Verification in Gmail account.


9

Why you should use 2-Step Verification

2-Step Verification adds an extra layer of security to your Google Account, drastically reducing the chances of having the personal information in your account stolen.

To break into an account with 2-Step Verification, hacker would not only have to know your username and password, they'd also have to get a hold of your phone.


10

How it work

• Enter your password• Enter a code from your phone• Keep it simple


11

Set up 2-Step Verification

Sign in to your Google Account settings page by clicking on your name or picture in the upper right corner of the screen and then clicking Account.


12

See Setup process

• At the top, click Security tab• In the Password box, click Setup next to “2-Step

verification” This will bring your to the 2-Step Verification settings page.

• You will then see a step-by-step guide which will help you through the setup process.


13

Set up a backup

• Once you’re done, you’ll be taken to the 2-Step Verification settings page again. Be sure to review your settings and Set up a backup phone numbers and Get backup codes.

• You’re done! Next time you sign in, you’ll receive an SMS with a verification code


14

Common Techniques for Protecting Emails

• The three common techniques adopted by most internet users for protecting themselves are:

1. Logging out of accounts when they’re done, and not just close your

2. Confirm it is a secure session or website (such as https://) for “security”

3. Changing password periodically


15

Best practices of password management

Why best practices of password management are required?

Recently, most of people have their own password at least three so they are difficult to remember all of it because of they don’t know how to manage their password properly. You will see the common password that the hacker can easily to guess.


16

Most Common Passwords

• Most people choose passwords that can too easily be guessed. If your password can easily be guessed, or it can easily be reset, you are at risk of identity theft.


17

Most Common Passwords


18

Password recommendations

• A good password are:– Private– Secret– Easily Remembered– At least 8 characters, complex– Not guessable– Changed regularly

• Beware that someone may see you typing it. If you accidentally type your password instead of your login name, it may appear in system log files

• Use 3rd party tools to encrypt password


19

Sample how to put password

Combine 2 unrelated words Mail + phone = m@!lf0n3

Abbreviate a phrase My favorite color is blue=

Mfciblue

Music lyric Happy birthday to you,

happy birthday to you,

happy birthday dear John,

happy birthday to you.

hb2uhb2uhbdJhb2u


20

How are passwords stolen?

• CrackedBrutef orce

Dictionary- based

Decryption

• TheftKey loggers

Screen captures

Social engineering


21

Securing your password

• Do not share your password with others• Avoid recording your passwords in an insecure manner• Avoid saving passwords in Web browsers and other

applications• Always delete e-mails that contain a password• Use a Web site’s logout feature rather than just closing your

browser• Be smart with secret questions and answers• Create strong passwords with a combination of number, special

symbols, and letters that cannot be guessed• Always change passwords Once every three months is

recommended


22

Password management

• Today you need to remember many passwords. You need a password for:- Windows network logon, - Servers and Routers- E-mail account, Social account- your website's FTP password, - online passwords (like website member account), etc.

• Password Management(LastPass – KeePass)


23

What is KeePass?

• Free open source for password manager• No need remember many passwords• Can bring along with you any where


24

Q & A***Security is everyone’s responsibility!

25Pang Chamreth, IT Development Innovations

Date post:	16-Dec-2015
Category:	Documents
Upload:	bethanie-dickerson
View:	214 times
Download:	0 times

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT...

Documents