District 5450
Rotary's first eClub
Chartered January 4th, 2002

Request a Makeup Confirmation

Once you have spent at least one-half hour on our website, use the button above to request a makeup confirmation. Please use your 30 minute visit to review a variety of articles from our Programs section and/or information from our web site pages. As always, Rotarians should apply the 4-Way Test to the time they spend on the Rotary eClub One site for a make-up.

Do you have a program or an idea for a program? Please click here for submission details.

Ransomware and data breaches - How secure are your passwords?

7/1/2021

By Rotarian Shannon Brunston - Rotary eClub One member
Occupation – Cybersecurity and Privacy Policy

Ransomware and data breaches are in the news more and more frequently. Something each person has control over is the passwords they use on sites across the internet and their smartphone. By using different passwords on different sites, you limit the impact of data breaches on your day to day life. But many times these data breaches prove that thousands of people continue reusing passwords like: Password1, password2021, 123password, 12346, 987654321, Winter2021 (or any combination of Season+Year), etc. You can check to see how many data breaches your email has been in on https://haveibeenpwned.com/ . My email for example has been in 23 reported breaches.

Many people have received training at work, or have read articles about the importance of 'strong' passwords & we have all had to deal with signing up for a new site only to be told by the system we didn't meet a password rule for the system and must start over. This can be very frustrating & many people think they will not be targeted. However, not many people have seen how easy it is to break a password (usually less than a minute) and the number of free password cracking tools that are available to hackers and security researchers (for example Kali Linux is a security research tool that comes preloaded with more than 10 password hacking/cracking tools). The tools can run through billions of password hashes a second searching for a match.

In this video you can see a tool that cracks the password "qu4dr1l473r4I12*$" in 31 seconds (start at 4:07).
embed video:


This video is a bit longer, but the first 3 minutes describe why every data breach makes future password cracking easier. It then continues with another example of how easy brute forcing passwords can be; for example thousands of hashed passwords can be cracked in 1 to 2 minutes.


Better than reusing passwords or storing your passwords in a file called "passwords":
- using the password managers built into Apple & Android smartphone/tablet devices (minimum 15 or more characters when allowed)
- using the password managers built into your browser (minimum 15 or more characters when allowed)
- type in random characters & reset the password every time you access a site
- set up strong, unique passphrases (that are not reused) to your email, banking and financial accounts and social media accounts.


Best Option:
- Select a password manager & migrate all your passwords to that app over a 1-3 month period.
This article helps walk you through the process of selecting a password manager and then gives an overview of how to use a password manager: https://slate.com/technology/2017/02/how-to-set-up-a-password-manager.html
Making sure the password manager app is install on your computer, phone and other tablets or electronics will make this process easier. I use a program called Dashlane, but other options like LastPass and 1Password are also great options!

Note: Don't tell us how you make your passwords!

source: https://xkcd.com/936/




Request a Makeup Confirmation