Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Monday, 06 March 2017 09:37

Gone in 60 seconds – a missing notebook every minute

By

Independent studies from Gartner and Dell show that a notebook is stolen about every 60 seconds. These often contain sensitive data and hackers need only a few milliseconds with the device to break a password – if there is one.

It gets worse if that notebook is a corporate or cloud app gateway where the login and password may provide access to those resources or a browser is set to remember logins and passwords.

BetterBuys has provided some advice on password strength and a password tester to show how strong your passwords are tested by brute force cracking.

For example, if the base word is in the dictionary, say the sport of “soccer”, it will take .29 milliseconds to crack it. The warning is not to use a dictionary listed word without mixing it up like S0ccer*2017 which would take 11163 millennia.

BetterBuys say that passwords weaken over time as computing power increases. For example, the password security1 took three years and 10 months to crack using brute force in the year 2000 with the computing power of the day.

Using an Intel Core i5-6600K, certainly not the fastest processor available, it would take three months. This demonstrates the need to change passwords frequently, certainly more often than every three years.

password time and length

What constitutes a good P@ssW0rd?

While the example above looks secure, it is one of many frequently used passwords so it is not good. Words that have their base in a dictionary and vowels replaced with symbols and numbers are commonly used and password hacking programs will test for a=@, e=3, i=1, o=0 etc.

Also, avoid common short phrases like “Idontknow” or “beatsme” – these are being added to the word lists to check against and take .29 milliseconds. However, “IDon’tKnow” takes 121 millennia to crack.

  • The longer the better – 7 characters takes .29ms to crack whereas 12 characters takes two centuries.
  • Don’t use dictionary words as standalone passwords.
  • Mix upper and lower case.
  • Add in numbers.
  • Add in symbols.
  • Never use the same password or base word twice.

What else can you do?

Many new notebooks now have Windows Hello biometric login and it is also available as an add-on device from Logitech in its new Brio 4K Pro Webcam.

Some also have fingerprint sensors and offer pin, pattern and other authentication systems – use these!

Also set up two-factor authentication (2FA) on all critical sites e.g. finance, e-commerce etc.

Use a password manager/generator

There are several free password managers that do a good job. Most have a limit on the number of passwords stored or cloud sync access etc., before they nag you to buy the premium version. But they are great tools to get you familiar with a password manager. Most work across Windows, Mac, iOS, and Android. Those in the list below are known to the writer as reputable and effective.

A word of advice here – once you start using a password manager you will invariably end up going to the premium paid version so start small, test a couple of sites, see if you like the interface and functionality, before you invest a lot of time in it. That is because you will invariably find out how weak your existing passwords are and there may be a considerable time in updating all logins.


BACK TO HOME PAGE

NEW OFFER - ITWIRE LAUNCHES PROMOTIONAL NEWS & CONTENT

Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.

POST YOUR NEWS ON ITWIRE NOW!

talentCRU FREE WEBINAR INVITE - Cybersecurity in COVID-19 times and beyond

With the mass transition to remote working, our businesses are becoming highly dependent on the Internet.

So, it’s no surprise that we’ve seen an increase in cyberattacks.

However, what’s more concerning is that just 51% of technology professionals are highly confident that their cybersecurity teams are able to detect and respond to these threats.

Join us for this free online roundtable where our experts discuss key cybersecurity issues IT leaders are facing during the pandemic, and the challenges that will likely emerge in the coming years.

JOIN WEBINAR!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

BACK TO HOME PAGE

VENDOR NEWS & WEBINARS

REVIEWS

Recent Comments