tiered serving tray
2 years ago
6.09.2010
Passwords: Short & sweet...
Short & sweet but at least 14 characters...
Passwords are our personal firewall against cyberattacks. Almost everything we do online involves a password; email, bank account, blogger, google analytics all require passwords. Even news sources like WSJ.com and entertainment sites like fandango. Are you into online shopping? Amazon.com, eBay.com, Zappos.com? We may have 10-20 sites to access with user names and passwords. I myself could easily name 42 of my favorite sites which I use frequently that require a user name/password. Sometimes we create accounts with our usual passwords in sites we may not even trust and most of the time forget we visited.
Most people use one password for everything. If access where to be gained for one account, then all online accounts (i.e. facebook, eBay, zappos, amazon, nyt.com) would be compromised. Experts suggest long complex passwords and ask use to check how strong they are. Is it possible to remember a unique password for all individual sites? [and along with that also remember the password limit for all specific sites, i.e. 4, 8 or 12 characters password limit]
Microsoft recommends the following when creating passwords.
When creating a password avoid using:
Passwords are our personal firewall against cyberattacks. Almost everything we do online involves a password; email, bank account, blogger, google analytics all require passwords. Even news sources like WSJ.com and entertainment sites like fandango. Are you into online shopping? Amazon.com, eBay.com, Zappos.com? We may have 10-20 sites to access with user names and passwords. I myself could easily name 42 of my favorite sites which I use frequently that require a user name/password. Sometimes we create accounts with our usual passwords in sites we may not even trust and most of the time forget we visited.
Most people use one password for everything. If access where to be gained for one account, then all online accounts (i.e. facebook, eBay, zappos, amazon, nyt.com) would be compromised. Experts suggest long complex passwords and ask use to check how strong they are. Is it possible to remember a unique password for all individual sites? [and along with that also remember the password limit for all specific sites, i.e. 4, 8 or 12 characters password limit]
Test your password with Microsoft Online Safety
is it strong?
Microsoft recommends the following when creating passwords.
When creating a password avoid using:
- Dictionary words in any language.
- [Words in all languages are vulnerable]
- Words spelled backwards, common misspellings, and abbreviations.
- [Words in all languages are vulnerable]
- Sequences or repeated characters.
- [Examples 12345, 22222, or adjacent letters on your keyboard (qwerty)]
- Personal information.
- [Your name, birthday, driver's license, passport number or similar information]
So I suggest having different tiers of passwords.
So microsoft recommends long passwords and a list of what to avoid. But This doesn't really help the people who have 10-40 different sites to access. So I suggest having different tiers of passwords. Place your websites into importance of information contained within and then bundle the passwords or the idea that you used to create a password. For example, the password for wsj.com and nyt.com can be the same ; But don't use the same password for eBay, Amazon, your email or bank account. Everything you use the same password you lower the security of your personal information.
So microsoft recommends long passwords and a list of what to avoid. But This doesn't really help the people who have 10-40 different sites to access. So I suggest having different tiers of passwords. Place your websites into importance of information contained within and then bundle the passwords or the idea that you used to create a password. For example, the password for wsj.com and nyt.com can be the same ; But don't use the same password for eBay, Amazon, your email or bank account. Everything you use the same password you lower the security of your personal information.
Sources:
- http://viathread.blogspot.com/2010/06/ww3-is-not-what-you-may-think.html
- http://www.zappos.com/
- https://www.microsoft.com/protect/fraud/passwords/checker.aspx?WT.mc_id=Site_Link
- http://www.microsoft.com/protect/fraud/passwords/create.aspx
6.02.2010
WW3 is not what you may think...
As bad as WW3 sounds its upon on us, but not as history would have predicted. The next global war is completely digital and its effects are economically devastating...
In response to the ongoing onslaught of cyberattacks on numerous companies, individuals, governments and any other entities connected to the internet, the US government has named its first commander, Gen. Keith Alexander, for the U.S. Cyber Command; which is given a mission of defending against cyberattacks.
Cyberattacks are very complicated but a simple scenario for illustration would start with a botnet. A botnet is an application that gets installed on pc users computers without their knowledge by either opening a malicious attachment in an e-mail or downloading a file (i.e. music downloads). The application sends emails from the infected computer without the users knowledge and thats how it spreads. Now the cyberattack happens when the all the computers that have the application installed are told to do certain actions as a big group of computers. The action of millions of computers trying to access a single website can cause the site to crash and/or simply overload routers and servers and bring an entire infrastructure down [without the PC user ever knowing their computer was being used for an attack elsewhere].
Enron comes to mind when I hear about cyberattacks and infrastructure dangers. While Enron and cyberattacks have no correlation the thought of manipulating energy grids and shutting down power does have a correlation with Enron and cyberattacks. Apparently the computers used to control the energy grids were made to be used in isolation to any other network. Problem is cheap PCs and improved technology has connected almost all energy grids to the internet which makes it susceptible to cyberattacks. The control systems and energy infrastructure are fragile. The best solution seems to be to take systems offline. Bruce Averill writes about why energy companies need to pay attention in the Journal of Energy Security.
Network infrastructures keeps growing for different uses and governments can control the internet more than they have in the past, but should they? Is an Army General the right one to lead against cyber crimes?
Sources:
In response to the ongoing onslaught of cyberattacks on numerous companies, individuals, governments and any other entities connected to the internet, the US government has named its first commander, Gen. Keith Alexander, for the U.S. Cyber Command; which is given a mission of defending against cyberattacks.
Cyberattacks are very complicated but a simple scenario for illustration would start with a botnet. A botnet is an application that gets installed on pc users computers without their knowledge by either opening a malicious attachment in an e-mail or downloading a file (i.e. music downloads). The application sends emails from the infected computer without the users knowledge and thats how it spreads. Now the cyberattack happens when the all the computers that have the application installed are told to do certain actions as a big group of computers. The action of millions of computers trying to access a single website can cause the site to crash and/or simply overload routers and servers and bring an entire infrastructure down [without the PC user ever knowing their computer was being used for an attack elsewhere].
Enron comes to mind when I hear about cyberattacks and infrastructure dangers. While Enron and cyberattacks have no correlation the thought of manipulating energy grids and shutting down power does have a correlation with Enron and cyberattacks. Apparently the computers used to control the energy grids were made to be used in isolation to any other network. Problem is cheap PCs and improved technology has connected almost all energy grids to the internet which makes it susceptible to cyberattacks. The control systems and energy infrastructure are fragile. The best solution seems to be to take systems offline. Bruce Averill writes about why energy companies need to pay attention in the Journal of Energy Security.
Network infrastructures keeps growing for different uses and governments can control the internet more than they have in the past, but should they? Is an Army General the right one to lead against cyber crimes?
Sources:
- http://www.nsa.gov/about/leadership/bio_alexander.shtml
- http://news.cnet.com/8301-13639_3-20005749-42.html
- http://www.af.mil/news/story.asp?id=123205791
- http://www.topbits.com/botnet.html
- http://www.ensec.org/index.php?option=com_content&view=article&id=243:canvassing-the-cyber-security-landscapewhy-energy-companies-need-to-pay-attention&catid=106:energysecuritycontent0510&Itemid=361
Strangers with Experience
Take notice of the second trusted source "Strangers with experience"; in 1997 it was the 3rd lowest trusted source and in 2007 it is the 2nd highest trusted source.
6.01.2010
Check out the new look
Blogger themes are okay, but not enough control is given over every corner of the screen. Hope you like the new theme.
