+ All Categories
Home > Documents > Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT...

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT...

Date post: 16-Dec-2015
Category:
Upload: bethanie-dickerson
View: 214 times
Download: 0 times
Share this document with a friend
Popular Tags:
25
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1
Transcript

Two-Factor Authentication & Tools for Password Management

August 29, 2014

Pang Chamreth, IT Development Innovations

1

Objectives

• Understand what is two-factor authentication• Define how to enable two-factor authentication for• Understand how to setup step by step • Understand most common worst password• Know how to securing your password• Understand what is password management

Pang Chamreth, IT Development Innovations

2

What is Two-Factor Authentications

• Two-factor authentication adds a second level of authentication to an account log-in.

• Two-factor authentication is used to increase security by requiring:

“Something you know”

AND “Something you have”

Pang Chamreth, IT Development Innovations

3

How to enable two factor authentications for:

• LinkedIn • Twitter • Microsoft • Apple • Google• Yahoo• Dropbox

Pang Chamreth, IT Development Innovations

4

Benefits of Two-Factor Authentications

• Stronger security• When logging in to your account, after typing in your

username and password, a second password sent to you via text.

• If a hacker gets your username and password they still won’t be able to get in to your account.

Pang Chamreth, IT Development Innovations

5

Does loss of

control over

your email?

Pang Chamreth, IT Development Innovations

6

How two-factor authentication can help

•Can recovery your email’s password•Can protect your account from hacker•Easy to used with 1st password & 2nd mobile•See the practice to use 2-step verification on your google account

Pang Chamreth, IT Development Innovations

7

Practices to used two- factor authentication

Practices to used two- factor authentication with google account.

Set up 2- Step VerificationsPang Chamreth, IT Development Innovations

8

2-step verification

Help to prevent hacker that try to use your account when they know your username and password.

For best practices we will set up 2-Step Verification in Gmail account.

Pang Chamreth, IT Development Innovations

9

Why you should use 2-Step Verification

2-Step Verification adds an extra layer of security to your Google Account, drastically reducing the chances of having the personal information in your account stolen.

To break into an account with 2-Step Verification, hacker would not only have to know your username and password, they'd also have to get a hold of your phone.

Pang Chamreth, IT Development Innovations

10

How it work

• Enter your password• Enter a code from your phone• Keep it simple

Pang Chamreth, IT Development Innovations

11

Set up 2-Step Verification

Sign in to your Google Account settings page by clicking on your name or picture in the upper right corner of the screen and then clicking Account.

Pang Chamreth, IT Development Innovations

12

See Setup process

• At the top, click Security tab• In the Password box, click Setup next to “2-Step

verification” This will bring your to the 2-Step Verification settings page.

• You will then see a step-by-step guide which will help you through the setup process.

Pang Chamreth, IT Development Innovations

13

Set up a backup

• Once you’re done, you’ll be taken to the 2-Step Verification settings page again. Be sure to review your settings and Set up a backup phone numbers and Get backup codes.

• You’re done! Next time you sign in, you’ll receive an SMS with a verification code

Pang Chamreth, IT Development Innovations

14

Common Techniques for Protecting Emails

• The three common techniques adopted by most internet users for protecting themselves are:

1. Logging out of accounts when they’re done, and not just close your

2. Confirm it is a secure session or website (such as https://) for “security”

3. Changing password periodically

Pang Chamreth, IT Development Innovations

15

Best practices of password management

Why best practices of password management are required?

Recently, most of people have their own password at least three so they are difficult to remember all of it because of they don’t know how to manage their password properly. You will see the common password that the hacker can easily to guess.

Pang Chamreth, IT Development Innovations

16

Most Common Passwords

• Most people choose passwords that can too easily be guessed. If your password can easily be guessed, or it can easily be reset, you are at risk of identity theft.

Pang Chamreth, IT Development Innovations

17

Most Common Passwords

Pang Chamreth, IT Development Innovations

18

Password recommendations

• A good password are:– Private– Secret– Easily Remembered– At least 8 characters, complex– Not guessable– Changed regularly

• Beware that someone may see you typing it. If you accidentally type your password instead of your login name, it may appear in system log files

• Use 3rd party tools to encrypt password

Pang Chamreth, IT Development Innovations

19

Sample how to put password

Combine 2 unrelated words Mail + phone = m@!lf0n3

Abbreviate a phrase My favorite color is blue=

Mfciblue

Music lyric Happy birthday to you,

happy birthday to you,

happy birthday dear John,

happy birthday to you.

hb2uhb2uhbdJhb2u

Pang Chamreth, IT Development Innovations

20

How are passwords stolen?

• CrackedBrutef orce

Dictionary- based

Decryption

• TheftKey loggers

Screen captures

Social engineering

Pang Chamreth, IT Development Innovations

21

Securing your password

• Do not share your password with others• Avoid recording your passwords in an insecure manner• Avoid saving passwords in Web browsers and other

applications• Always delete e-mails that contain a password• Use a Web site’s logout feature rather than just closing your

browser• Be smart with secret questions and answers• Create strong passwords with a combination of number, special

symbols, and letters that cannot be guessed• Always change passwords Once every three months is

recommended

Pang Chamreth, IT Development Innovations

22

Password management

• Today you need to remember many passwords. You need a password for:- Windows network logon, - Servers and Routers- E-mail account, Social account- your website's FTP password, - online passwords (like website member account), etc.

• Password Management(LastPass – KeePass)

Pang Chamreth, IT Development Innovations

23

What is KeePass?

• Free open source for password manager• No need remember many passwords• Can bring along with you any where

Pang Chamreth, IT Development Innovations

24

Q & A***Security is everyone’s responsibility!

25Pang Chamreth, IT Development Innovations


Recommended