Digital Survival - passwords

FAQs: Password and encryption

katie — Wed, 02 Feb 2011 13:21:56 +0000

Should I protect my computer with a password?

As standard practice you should password-protect your computer. This is to safeguard it from unwanted eyes or someone walking up to your computer and quickly copying files to an external USB stick. However, password-protecting your computer won't prevent someone having access to your data if your computer is stolen or falls into the wrong hands. To create a password to protect your computer, make it long, make it complex and make it difficult for anyone to guess. But also make it practical for you to remember, and always keep it secret.

Should I encrypt my hard drive?

If you keep any information on your hard drive that is sensitive, you should keep your hard drive encrypted. This will prevent the information from falling into the wrong hands if your computer is stolen.

For more on encrypting your hard drive please see: http://security.tacticaltech.org/chapter_4_1

Tags:

security

encrypt

passwords

Tip: Passwords

katie — Wed, 02 Feb 2011 13:19:34 +0000

1. Pick one really easy password and use it only for nuisance logins - those sites where you know you won't really care if someone gets hold of your account. Yes, someone could steal your password - but what are they going to do with it? If you’re worried about protecting your privacy, use a better password, but if you aren't, use the same plain word over and over again and don't think twice about it. Good examples of nuisance logins are:

Newspapers and other online content

Travel sites or airline sites

Email lists, online communities and photo sharing site

2. Pick one password for private things that aren't life or death. Find a random password or invent a semi-random password. Passwords you should be able to keep to yourself:

Your email account(s)
The FTP login for your website

3. You might need a few passwords you can share – these should change at least as often as staff changes. They should be random passwords, but they shouldn't be the same as any password you use for personal logins. Server passwords and shared websites often fall into the shared category.

4. Your last password category is for really sensitive stuff. Ideally, you wouldn't reuse these passwords, but more importantly, this should be a truly random password, and you should change it from time to time. For example:

A web-based membership database
Remote access to your desktop computer
Banking websites or anywhere your information is stored

Passwords are strongest when they have a combination of letters, numbers and symbols. Easy-to-remember passwords can be made stronger by incorporating numbers in place of letters, for instance: “f@6u1ou5”

For more on password-protecting your computer please see: http://security.tacticaltech.org/chapter_3_1

Tags:

security

passwords

Keeping your computer and data safe

katie — Wed, 02 Feb 2011 13:12:54 +0000

Any connection in to your computer can be a source of vulnerability: your office or home network, the internet, a USB flash drive or even someone who has just walked into your office.

Assess your risks

Security risks differ according to the user and the context of use. What's the last thing you'd want to see happening to your data? Who are the last people you'd want to see getting their hands on it? Think about how to prevent these fears from being realised. Remember that one piece of information may be vulnerable on many different levels.

Think about:

The communication channels you use and how you use them
How you store important information
The physical location of your computer, your external drive and any printed documents containing sensitive information

For more on assessing your risks see: http://security.tacticaltech.org/chapter_2_1

Other important things to consider:

Firewalls

A firewall is the first programme on a computer to receive incoming data from the internet. It is also the last programme to handle outgoing information. Like a security guard posted at the door of a building to decide who can enter and who can leave, a firewall receives, inspects and makes decisions about all incoming and outgoing data. Most operating systems have a built-in firewall, which should always be switched on. In addition, many anti-virus programmes also come with a firewall.

Passwords

If you have information you want to keep private, you can save documents or files with a password which only you know. There is an option to create a password on your computer system itself to restrict or limit other users of the computer. You can also save your documents with passwords. In Microsoft Office applications click Save As>Tools>General Options, and then a window will pop up where you can type in your password. In Open Office, go to File>Save As, and then tick the 'Password' option.

Physical security still affects your digital security. You might think your anti-virus software is protecting the information on your USB stick, but if you are carrying that USB stick in your pocket and it starts pouring with rain, you would probably be better off with a sealed plastic bag! Even if you encrypt the data on the hard drive of your computer, you won't be able to use it anymore if someone breaks in and steals your computer.

An 'intruder' can gain access to the information on your computer or portable storage devices remotely, by reading or modifying your data over the internet, or physically, if they manage to get access to your hardware. It is best to have several layers of defence, which is why you should also protect the files themselves. That way your sensitive information is likely to remain safe even if your other security efforts prove inadequate.

There are two general approaches to the challenge of securing your data in this way: you can encrypt your files, making them unreadable to anyone but you, or you can hide them in the hope that an intruder will be unable to find your sensitive information.

Tags: