WE support the courageous few standing up to the purveyors of
malware. Those malcontents either make fun of your hard work or wish to
make money out of your distress. Stand up for yourselves!
Web-wise
thought for the day: The best anti-virus software is no substitute for
your own common sense. A majority of today's cyberheists begin with
malware that is spread via email attachments. Many of these threats will
go undetected by anti-virus tools in the first few days. Read that last
sentence again if you didn't get it.
You'd be surprised how few
business people don't think of these little things, these small but
important factors. Make it hard for the hackavists and they will go
elsewhere to peddle their destruction.
YOU STAND UP TO MALWARE AND REFUSE TO BACK DOWN!
But you also have to do your part!
Good
morning friends. Speaking of common sense, let's discuss our password
control. Password control? That sounds easy, doesn't it. But do your
employees think about it with the same seriousness you know you must
attach to the subject in order to keep your computer system and your
business safe? Do you?
What brought this particular subject to my
attention was something I read the other day. A study was completed on
the most common digit passwords currently used in machines today. Do you
know what the most common digit password was for a machine needing six
digits? 123456. How many readers got it before I showed it to you?
This,
my friends, is the primary reason why there are tens of thousands of
hackers breaking into computer systems with viruses or a single virus in
the malware. Tens of thousands of new virus attacks on a regular basis.
See
the problem that we all have? Hackers have gone wild and we have new
viruses each and every day and they find a place because most people
just don't want to bother with the little things we can all do. Things
like: Good Password Control. We users of computer systems make it easy
for them. If they are going to foist destruction on us, let's at least
make them work for it.
Now keep in mind that passwords are, in
general, transmitted and stored by plain text transmission. The
encryption part is fairly simple. Make sure encryption is used. You will
find Secure Socket Layer (SSL) pretty awesome. You will recognize that
SSL is being used when you see "https" instead of "http," at the
beginning of a web page address and also by a padlock symbol in your
browser.
Secondly, your storage is solved by "hashing." A hash is
the result of processing plaintext in order to create a unique, fixed
length identifier.
You don't have to be an expert on these things;
just be aware that it works and you need it. We all need to do our part
together.
Password security is helped by "salting." This is a
random value added before the hashing. Salting only helps if truly
random salts are used and long salts.
There are a number of
different type of attacks that you will find against your passwords. One
is called "brute force attack," and is simply a software program that
tries to find your password by building together all possible letter
combinations. This type of attack is foiled by those limits that are
placed on the number of tries being used. I know you find it a nuisance,
but this is why it is there.
A second type of attack against your
passwords is the "dictionary attack." This is where the software goes
all through possible dictionary spellings and words to try and find the
right combination.
Aucun commentaire:
Enregistrer un commentaire