WEBVTT

0
00:01.080 --> 00:07.710
In this lecture I'd like to give you some advice on how to properly choose your passwords and then store

1
00:07.710 --> 00:09.420
them securely.

2
00:09.420 --> 00:10.820
Let's get started!

3
00:10.920 --> 00:20.220
Use strong passwords that consist of at least 12 random characters including both lower and upper case

4
00:20.220 --> 00:29.010
letters, digits and special characters. Password's length and complexity are key elements in choosing

5
00:29.100 --> 00:30.950
a good password.

6
00:30.960 --> 00:39.630
This is an example of a strong password! Do not use dictionary words including combination of these words,

7
00:39.660 --> 00:47.300
no matter the language.There are dictionaries for every language on Earth.

8
00:47.560 --> 00:50.920
These are examples of bad passwords!

9
00:53.550 --> 00:58.530
A long password that consists of dictionary words is not a good one.

10
00:58.660 --> 01:07.510
The rule of thumb is that if you can remember the password it is not a good one. Do not store passwords

11
01:07.520 --> 01:14.050
unencrypted like for example in word files! Do not write them down!

12
01:14.050 --> 01:21.670
Use an application that generates random passwords and then a password manager to store them encrypted!

13
01:21.670 --> 01:27.220
Use a very strong master password to lock the password manager!

14
01:27.480 --> 01:32.500
There are many password managers out there but some good ones are

15
01:32.560 --> 01:42.030
Keepass, LastPass or Password Safe. I for example use password safe that works both on Windows, 

16
01:42.300 --> 01:44.370
Mac, Linux and Android. 

17
01:44.490 --> 01:53.030
The Linux version is called Gorilla and is compatible with the Windows, Mac or Android version.

18
01:53.070 --> 02:01.950
There are also browser extensions that help you to securely store your passwords; do not to reuse your

19
02:01.950 --> 02:07.080
password; use a unique password for each Web site or service.

20
02:07.080 --> 02:13.200
If you don't do this and the hacker finds out your password he will use that password to hack your

21
02:13.290 --> 02:22.220
other accounts that have the same password. Additionally set up two way authentication for important

22
02:22.250 --> 02:28.100
websites like your bank, PayPal or even Google or Facebook accounts.

23
02:28.280 --> 02:36.170
Think that no matter how strong your password is there is always a smaller risk that it can be cracked.

24
02:36.560 --> 02:43.880
If you enable two way authentication even if a hacker has your password it will not be enough for him

25
02:43.880 --> 02:45.420
to log into your account.

26
02:45.500 --> 02:47.980
An extra one time code is required.

27
02:49.860 --> 02:56.860
If you have the possibility to use an application like  Google Authenticator do prefer it over codes

28
02:57.000 --> 03:07.140
sent by sms. Phone sims can be easily swapped.
And the last tip that’s in most of the cases forgotten

29
03:07.520 --> 03:13.090
is to always double check the ways an account password can be reset.

30
03:13.130 --> 03:20.180
There were cases when an account with a very strong password was compromised because that account used

31
03:20.270 --> 03:27.890
an email address as a password recovery option, and that email address used a weak password. 

32
03:27.880 --> 03:28.360
The hacker 

33
03:28.370 --> 03:35.240
cracked the weak password of the recovery email address and then changed the strong password using the 


34
03:35.240 --> 03:36.510
recovery address

35
03:36.560 --> 03:38.420
he was in control of.