Cyber Security Awareness - Passwords and Encryptions

Passwords and Encryption

Encryption is the process of encoding data or information in such as way that only authorized parties can read it. Encryption does not of itself prevent interception or data theft; however, it disallows the data content from being readable or usable to the interception or thief.

Hashing is the process of encoding data so that it can't be decrypted, and is later used for reference. Hashing only uses the encoding process, where encryption actually can decode the encrypted message as well.

Passwords are a string of characters, secret word(s) or phrase(s) that must be used to gain admission to something.

Entropy is the lack of order or predictability. When entropy increases so does the difficulty to guess, making it harder for attackers to guess.

Passwords and encryption are two separate concepts that normally work together on the various systems we utilize. In fact, on modern systems, passwords are encrypted via hashing to help protect them.

Always use a strong password to protect your computer, mobile device and online accounts. Select a strong password with a mix of upper and lower case letters, numbers and special characters.

Things to Remember

Since passwords are the entry to your virtual life, you should do everything you can to prevent people from gaining access to them.

Remember:

  • Don't share your password with others
  • Don't write down passwords
  • Make a password unique to your life and something not easily guessed
  • Have a different password for each account
  • Change your passwords several times a year
  • Create passwords that are longer, which are stronger and harder to break
  • Use a minimum of eight (8) characters, uppercase, lowercase, numbers, and symbols

To increase the length of your password and still make it memorable...consider pass phrases as this well-known XKCD comic suggests.

Comic

For more comics feel free to visit XKCD.

Many thanks to the University of Georgia's Office of Information Security department for allowing us to use their image concepts for our campaign to help combat cybercrime. It is this type of shared governance and shared responsibility that will hopefully slow down the attackers and create a safer environment for us all.
Was this helpful?
0% helpful - 1 review

Details

Article ID: 11972
Created
Wed 3/30/16 10:33 AM
Modified
Mon 8/15/22 8:23 AM

Related Articles (4)

Identity Theft is defined as the fraudulent acquisition and use of an individual's personally identifying information, usually for financial gain. Key pieces of personally identifying information include such items as social security, insurance, or driver's license numbers. Thieves who steal such information may then use it to obtain credit, merchandise, or medical drugs and services, all in the name of the victim.
Malware is a general term for any software that can interrupt computer operations, gather sensitive information, or gain access to a system of computers. Malware may include computer viruses, worms, trojan horses, ransomware, spywear, adware, and scareware to name a few.
Mobile Security refers to security of personal and business-related information stored on mobile devices such as smartphones and tablets. These mobile devices are targets for attacks because a lot of people leave them on all the time, unlike regular computers.
Phishing attacks are attempts to collect sensitive information such as social security numbers, passwords, usernames, credit cards (and sometimes cash - usually in the form of a wire transfer) in the form of an electronic communication. When attackers get the victim to bite the bait then phishing succeeds.