How to make passwords more secure
HTML-код
- Опубликовано: 1 сен 2022
- Learn more about threat management → ibm.biz/BdPYKY
Passwords have become a cornerstone of modern IT security, but should they be? In recent years, the rules have started to change, with multi-factor authentication and the increased adoption of biometrics, we've started to move towards passwordless security. In this video, Jeff Crume explains how the rules are changing around password in the evolving security landscape.
Get started for free on IBM Cloud → ibm.biz/BdPYK2
Subscribe to see more videos like this in the future → ibm.biz/subscribe-now
I love your advice. I worked with computers for 35 years. I've had strong passwords for 30 years on some accounts. I've never had a problem.
I wish we lived in a world where passwords aren't even needed, that nobody would try to hack someone's computer in the first place. I hate crooks and thieves.
Security questions should have nonsensical answers. Q. "What is your favorite dessert?"
A. "floorboard"
Lol, I usually give answers like: What's your favorite dish? :: Vatican city
Q: Where were you born?
A: Hogwartz
I suppose that would partialy defeat the purpose of security questions
I can never remember my answers even if I write a real question. So I have adopted a new strategy, "whatever the question, same exact answer"
Thank you sir! Brief, yet straight to the point 👍🏾
We have come a long way way multifactor authentication. Loved the sentence part. Thought I’ve seen no spaces as a rule? Combo keys would be excellent.
Thanks for the update.
Ideally you would use all 8 bits in each character byte for a total of 255 combinations. In reality due to the limitations of the English keyboard, it only allows about 94 unique characters, including lower, upper, and special characters. As long as you're using random characters of at least 30 characters long, it's impossible to crack it using current computer technology which of course may chance in the future.
There are several methods of cracking passwords.
First, by trying different combinations on a login page. Unless you can guess it within a few tries, this method is futile due to the failed attempts and timeout lockout. Basically you get locked out after a few tries unless guessed correctly.
Second, is where the attacker has the hashed password file stolen, and simply runs an unlimited number of brute force attempts till it's guessed correctly. If you have used most of the 94 characters on the keyboard with at least 30 random characters, this method will fail too (at least for now).
Third, is by social engineering where an attacker tries to obtain the login/password by fooling the user via a phishing text or email, or hacking the password reset email, thus gaining access to the target account.
All I need to know is HOW MANY LETTERS NUMBERS AND SIMBLES 😮🤔😊
Setting the password is easy remembering them is the toughest thing. How to remember these stuff?
@@vimalc578choosing something obscure that you might think of is a good strategy, the key is to use something that isn't easily found personal information. Like for a designer, they might integrate PANTONE colour standards that they personally relate to or similar
brief but great. Link to the documents you referred to?
Thanks!
Thanks for this nice presentation... All best
Thanks for watching!
Realy clear explanation . Imagine you my uncle i can deep learn from you for free 😅
I’d happy to have more technology nephews and nieces 😊
I totally agree with what he says. Thanks.
Thanks for watching!
This drives me crazy, because I was happy with my original passwords and was forced by websites to change them. All of this made sense to me then, but you can’t reason with a stupid website.
Well
Literally no one...
My passwords in a nutshell:
1. [Tigris€山]Rōse*42Бeans
2. {Cøffee#समुद्र}Bólts^Førêt
3. P@ss[wörd*Αlpha$]Tempo青
4. Sól*Chât[eau#水]Mango£56
5. [Møøn^Gesund]heit€Rainиж
Can you please send us an example of strong Password
The reality is, if you're logging in all the time you will remember a complex password. Mine makes use of phrases, numbers, special characters, and so on. All memorised.
I'm 73 years old. Memorised ? Enjoy it while you can !! 🙂🤣
i've been using quotes from 1 of my favourite movie characters for years, with a number and special character at the end. lots of length, easy to remember. just fucking annoying when you have to type it on a phone
Thanks Got your Google account now! 👍
Take any old book you have, open it at random, take any line and your password is the first letter of every word in that line. Just remember the page and line.
Just encrypt the book
I prefer passwordless logins. It is much harder for everyone other than the intended account owner to log in to accounts as shoulder surfers cannot see anyone typing a password. Given people’s terrible password choices, passkeys are preferred using biometrics like a face and fingerprint.
More secure from brute forcing, what about social engineering? what will happen when quantum computer already used commercially?
Social engineering is hard to prevent, so more 2FA and more zero-trust. IBM just released the first quantum-safe server so that will become more prevalent as quantum also does, but for now quantum is still growing and isn't used commercially like that.
Humans will always be the weakest link (i.e. social engineering). Quantum represents a significant threat. The good news is that NIST recently approved 4 quantum safe algorithms, which will help us going forward. (BTW, IBM contributed to 3 of the 4 selected!)
SSO
I’ve recorded a video recently on SSO so stayed tuned as it makes its way through the production process …
Because remembering passwords are the only thing you need to remember in your life.
Replace passwords with public keys already
...this a joke right?
Long passphrase that is very easy to remember?? Oh, you mean like lyrics. :D
Yes! As long as they aren’t too well known as those might show up in a password dictionary and get tried early in the cracking process
Secret questions are fine. Just answer the question nonsensically. Then it isn't useful to the threat. "What is your favorite color?": Suzuki Vitara
As long as you can remember your “lie”… 😊
@@jeffcrume good ol pen and paper
My password is 77 characters long & easy to remember 😂
We are mere puppets
I always give out my nameday as my birth date
My password is 12345. I use it on my luggage.
Yes but users dont set the rules so mostly useless advice.
16 characters minimum for a pssword.
There were hundreds of email sent from my email account between 30 Aug to 1 Sept to many hotmail and outlook addresses with sECURED.shtml attachment of 764KB. Some emails were not delivered and deleted from my inbox automatically. How can I track who did this or which program/app is doing this? Is my email compromised?
Sorry to hear this happened to you. The first thing to consider is that the emails could have been spoofed. In other words, they were actually sent from another account but made to look like they came from yours. Not much you can do about that. To be on the safe side, change your password and set up 2 factor authentication. It’s good to do this anyway
correcthorsebatterystaple
😂 yes, I understand your reference