How to Protect Yourself From Heartbleed Security Flaw презентация

Don’t panic It’s a serious problem but it’s not the end of the Internet as we know it Flaw has been around for two years So far (as of 4/11/14) there

Слайд 1How to Protect Yourself From Heartbleed Security Flaw
Larry Magid
Co-director
ConnectSafely.org
April 11, 2014



Слайд 2Don’t panic
It’s a serious problem but it’s not the end of

the Internet as we know it
Flaw has been around for two years
So far (as of 4/11/14) there are no reports of the flaw being exploited
Hardware could be vulnerable but not clear if consumer routers are at risk



Слайд 3See if the sites you visit are vulnerable
Check to see if

sites you visit are now vulnerable*, using:
Lastpass Heartbleed checker
Filippo Valsorda's Hearbleed test
Qualys SSL Labs
Also check CNET’s list of top 100 sites

* The fact that a site is now vulnerable doesn’t mean it wasn’t in the past


Слайд 4Change passwords once you know your site is not vulnerable
After confirming

that a site is not vulnerable, change the password
Actually you should do this regularly – at least every few months

Keep reading for advice on how to change your passwords

Слайд 5Monitor your accounts & watch for phishing
Check your accounts

Check your email,

bank, social media and other accounts to make sure there is no irregular or suspicious activity or unauthorized purchases

Beware of “phishing attacks”
You might get email that appears to be from banks and other sites, "disclosing" that the site was vulnerable and asking users to reset their passwords. These could be phishing attacks designed to trick you into revealing your log-on credentials to thieves. And some of these attacks are very sophisticated, taking you to sites that look identical to a company's real site


Слайд 6Change your passwords once you know the site isn’t vulnerable
Change your

passwords after you know that the site isn't vulnerable
If you change them on currently vulnerable sites you’ll have to do it again with another unique password

Read on for password suggestions

Слайд 7Passwords should be:
At least 8 characters long
Contain at least one number
Contain

at least one capital letter
Contain at least one symbol (like #, %, &)
Not be a real word, name or anything that would be relatively easy to guess

Go to next slide for suggestions


Слайд 8Think of a phrase you can remember
Come up with a phrase

and use a character from each word. Use capitals where appropriate

Example

“I met Susan Morris at Lincoln High School in 1991”

The password could be: ImSMaLHSi#91



Слайд 9An easy way to make each password unique
Add a letter or

two to the password based on the name of the site you’re logging into. For example:

Amazon: aImSMaLHSi#91z (added an A to beginning and a z to end)
Google: gImSMaLHSi#91
Twitter: tImSMaLHSi#91r




Слайд 10Change your passwords if & when:
There has been any type of

security breach on the site or your system
You have lost a device that has the password stored
Someone else gets hold of your password

And even if none of this happens, change your passwords every few months

Слайд 11Consider 2-factor authentication
A growing number of sites allow you to use

two-factor authentication: Something you know & something you have.
Typically, the site will send a code to your phone that you type in along with your username and password. Anyone trying to access your site without your phone is out of luck.
Some sites (like Google) only require it if you’re on a new device. Others require it each time.
Downsides are it’s a little inconvenient and a hassle if you don’t have your phone
Upside: It’s a lot more secure (but not 100% secure)

Слайд 12Be wary of tricks to get your password
Avoid phishing: Never enter

a password based on a link in an email unless you’re absolutely sure it’s legitimate. It’s safer to type in the web address of your bank or other company rather than clicking on a link.
Don’t give out password over phone: Be skeptical if you get a call from a service you use or your company’s network support department asking for a password. Tell them you’ll call them back and find out if it’s legitimate.

Слайд 13Consider using a password manager
Password managers store and enter passwords for

you. You can create really strong passwords (or let them generate random ones) and all you need to remember is the password manager’s password
Examples:
Lastpass
Roboform
Kaspersky Password Manager
DataVault Password Manager (iPhone)
mSecure Password Manger (Android)

Слайд 14Use a very strong password for:
Email
Many sites will send your password

to your email address so it’s important that it be very secure
Social network sites
Your reputation can be affected if someone posts negative and abusive material in your name
Banking
Pretty much goes without saying that you want a strong lock on your bank account
E-commerce sites
Don’t let anyone go on a shopping spree with your money

Слайд 15Never share your passwords
Sharing a password is not a sign of

being a good friend. Even if you really trust that person:

A friend can become an ex-friend
Your friend might not be as careful as you are
Your friend might use the password on a machine that’s not all that secure
Possible exceptions are kids sharing with parents or spouses sharing with each other


Слайд 16For more on strong passwords: passwords.connectsafely.org
Larry Magid
Co-director
ConnectSafely.org larry@ConnectSafely.org



Обратная связь

Если не удалось найти и скачать презентацию, Вы можете заказать его на нашем сайте. Мы постараемся найти нужный Вам материал и отправим по электронной почте. Не стесняйтесь обращаться к нам, если у вас возникли вопросы или пожелания:

Email: Нажмите что бы посмотреть 

Что такое ThePresentation.ru?

Это сайт презентаций, докладов, проектов, шаблонов в формате PowerPoint. Мы помогаем школьникам, студентам, учителям, преподавателям хранить и обмениваться учебными материалами с другими пользователями.


Для правообладателей

Яндекс.Метрика