Tag Archive | security

When Training Saves Lives

It is far too easy to consider workplace emergency training an unwelcome distraction or even an annoyance. You might think to yourself that you will never use the information you are being given, or that someone else will take responsibility when the time comes, and you promptly forget it soon after.

What happened recently at the Ronald E. McNair Discovery Learning Academy in Georgia proves that training well and often can truly save lives.

When a man entered into the elementary school carrying an assault rifle and began shooting at the ground, the extensive emergency training of Antoinette Tuff kicked in.

Thankfully Tuff and other school staff had received extensive training in dangerous situations involving trespassers and emergency protocol.

While Tuff worked to keep the gunman calm and spoke with him, she signaled a code to her two counterparts, who alerted teachers to lock doors and send children to safety. She then called 911 and began to act as a go-between to relay the shooter’s demands to the police.

Without police ever having directly talked to the gunman, Tuff helped him to surrender peacefully.

Her incredible heroism was recorded in the lengthy 911 call. She stayed calm and expressed empathy toward the gunman while revealing her own personal struggles. Hailed as a hero by President Obama, Tuff truly saved lives that day.

Read more: http://www.cnn.com/2013/08/21/us/georgia-school-gunshots

Change Your Passwords

It seems like everyday there is a news headline about a major Internet security breach with passwords hacked, phished or stolen. It cannot be stressed enough that we all need to exercise better password safety precautions.1234

Mat Honan, a senior writer for Wired Magazine’s Gadget Lab, had the unfortunate experience of having his entire digital life destroyed in just one hour.  His terrifying experience proves that a strong password is not enough anymore, but you must at the very least start with one.

Use Different Passwords Everywhere

It can be difficult to develop a perfect password that has all the right elements and yet you can still remember it, but do not be tempted to use it more than once. A study by BitDefender showed that 75 percent of people use the same password for their email and Facebook accounts. Now imagine what percentage of those might also use it for their online Banking or Amazon shopping password you can see why the risk is not worth taking.

Avoid Common Passwords

It should go without saying that you should never, ever, ever use “123456” or “password” as your password. Not only that, you should avoid at all costs using the name of your relatives, your kids, your pet, favorite team, or pretty much any word found in the dictionary.

Adding a number at the end of your password does not make it safer either. Hacker programs check for those variations too. SplashData’s “Worst Passwords of 2012” showed that bad password habits are simply not changing fast enough.

Complexity vs. Length

A strong password is one that cannot be easily guessed or broken. It should contain numbers, punctuation, and upper/lower-case letters. A complex password can be made even stronger with sufficient length. A 15-character password can potentially be 90 times harder to crack than a 14-character one.

Unfortunately users typically create password complexity in the same format. For example, when people are required to create an 8-character password with complexity, most will choose a standard dictionary word beginning with an uppercase letter followed by a lowercase letter. If they use a number, it will usually be a “1” or a “2” and placed at the end. If they use a symbol, it will typically be placed somewhere in the middle, often replacing a letter with a similar shape such as an @ or to replace an “o,” an exclamation mark for an “i.”

Two-Factor Authentication

Two-Factor or Two-Step Authentication is a new added measure of security is being provided by many major sites such as Google and Facebook. Lifehacker has a handy post of all the places you can go to enable it for your online accounts.

For example, you can set Google to send a temporary PIN to your cell phone whenever you log in from an unfamiliar machine (this PIN must be provided along with your password the first time you attempt to log in via that new machine). This means a hacker would not only need to have your password, but your phone as well in order to gain entrance to your account.

Read more:  http://www.infoworld.com/d/security/creating-strong-passwords-easier-you-think-206865

http://www.pcworld.com/article/237113/password_management_idiot_proof_tips.html

http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two+factor-authentication-right-now

Avoid Popular Passwords

We are all guilty of occasional laziness when it comes to password selection, but the absolute worst thing anyone can do is use “password” as his or her password.  SplashData (a major password management application provider) recently published its annual list of worst Internet passwords and guess what was number 1?

“Password” ranks first on the list, followed by “123456.” Sequences of adjacent numbers or letters on the keyboard, such as “qwerty,” and popular names, such as “ashley” and “michael,” all are common choices.

Using any of these passwords puts you immediately at risk with hackers or identity thieves.  To illustrate the point, Mel Brooks famously spoofed a terrible password choice in the movie Spaceballs.

SplashData created the rankings based on millions of stolen passwords posted online by hackers. The complete list:

  1. password
  2. 123456
  3. 12345678
  4. qwerty
  5. abc123
  6. monkeyLog In and Password
  7. 1234567
  8. letmein
  9. trustno1
  10. dragon
  11. baseball
  12. 111111
  13. iloveyou
  14. master
  15. sunshine
  16. ashley
  17. bailey
  18. passw0rd
  19. shadow
  20. 123123
  21. 654321
  22. superman
  23. qazwsx
  24. michael
  25. football

If you are using any password on this list you should change it immediately. It is also advisable to use different passwords for every online account, especially between work and personal accounts.  Hackers have exploited reused passwords in many high profile security breaches including Sony and HBGary Federal.

Recommendations from SplashData for choosing secure passwords include using numbers, letters and special characters whenever possible and creating long passwords of eight characters or more (separating short words with spaces or underscores).

Read more here: http://splashdata.com/splashid/worst-passwords/

%d bloggers like this: