Difference between revisions of "Password Security"

From Embedded Lab Vienna for IoT & Security
Jump to navigation Jump to search
(Created page with "== Summary == This documentation provides advice about secure passowrds. It covers known problems with passwords and elaborates various solutions for secure password creatio...")
 
Line 4: Line 4:


== Problems with Passwords ==
== Problems with Passwords ==
There are several more or less widely known bad habits regarding passwords.
=== The Password Quality ===
'''Personal information''' is used to create passwords which is a polpular target for social engineering. Often '''standard passwords''' like "123456" or "passowrd" are used. Actually, "123456" is the most used password for the last years [2]. The re-use of passwords is one of the main topics: many users use the '''same password for various accounts'''. It is obvious that it is not a good idea to use the same password for online banking and for Adobe account.
=== Good Passwords ===
There are 3 general aspects for good passwords: the length plays a main role, the pwassword must not be trivial, and the password must be easily memorized.
Good password '''checklist''':
* Minimum length of 12 characters
* Contains lower & upper case letters, digits, and special characters
* As random as possible
* Easy to remember




Line 42: Line 59:


* [1] https://www.owasp.org/images/1/1c/OWASP-IoT-Top-10-2018-final.pdf
* [1] https://www.owasp.org/images/1/1c/OWASP-IoT-Top-10-2018-final.pdf
* [2] https://metro.co.uk/2019/12/19/10-worst-passwords-2019-revealed-nothing-changed-11932281/




[[Category:Basic]]
[[Category:Basic]]

Revision as of 15:04, 2 March 2020

Summary

This documentation provides advice about secure passowrds. It covers known problems with passwords and elaborates various solutions for secure password creation and usage. The issue "bad passwords" is the number 1 vulnerability in the Internet-of-Things (IoT)[1].

Problems with Passwords

There are several more or less widely known bad habits regarding passwords.

The Password Quality

Personal information is used to create passwords which is a polpular target for social engineering. Often standard passwords like "123456" or "passowrd" are used. Actually, "123456" is the most used password for the last years [2]. The re-use of passwords is one of the main topics: many users use the same password for various accounts. It is obvious that it is not a good idea to use the same password for online banking and for Adobe account.

Good Passwords

There are 3 general aspects for good passwords: the length plays a main role, the pwassword must not be trivial, and the password must be easily memorized.

Good password checklist:

  • Minimum length of 12 characters
  • Contains lower & upper case letters, digits, and special characters
  • As random as possible
  • Easy to remember


Requirements

none - so far...

In order to complete these steps, you must have followed Some Other Documentation before.

Description

Step 1

Enter these commands in the shell

echo foo
echo bar

Step 2

Make sure to read

  • War and Peace
  • Lord of the Rings
  • The Baroque Cycle

Used Hardware

Device to be used with this documentation Maybe another device to be used with this documentation

Courses

References