Tag Archives: password

The Anatomy of a Strong Password: Fortifying Your Digital Security

In an increasingly interconnected world, safeguarding our digital lives has become paramount. One of the fundamental pillars of online security is the strength of our passwords. In this article, we will explore the characteristics of a robust password, the importance of techniques such as PBKDF2, hashing, and salt, and the advantages of using a password manager to enhance our digital defense.

  1. Length and Complexity:
    A strong password should be long and complex, combining uppercase and lowercase letters, numbers, and special characters. Longer passwords are harder to crack through brute-force attacks, as the number of possible combinations increases exponentially.
  2. Unique and Random:
    Avoid using common or predictable passwords, such as “123456” or “password.” These passwords are easily guessed and can be cracked in seconds. Instead, create unique and random combinations that are unrelated to personal information, such as birthdays or pet names.
  3. Avoid Dictionary Words:
    Password-cracking algorithms often include dictionary attacks that try thousands of common words. Using dictionary words makes it easier for attackers to guess your password. Instead, consider using passphrases – a series of random words – that are easy for you to remember but difficult for others to guess.
  4. Password-Based Key Derivation Function 2 (PBKDF2):
    PBKDF2 is a cryptographic algorithm designed to protect passwords against brute-force attacks. It uses a process called key stretching, which slows down the password hashing process, making it more time-consuming for attackers. PBKDF2 incorporates multiple iterations, increasing the computational cost of each attempt.
  5. Hashing:
    When you create an account or set a password, websites and applications do not store the actual password but rather its hash value. Hashing is a one-way process that converts your password into an unreadable string of characters. This way, even if a data breach occurs, attackers won’t have direct access to your password.
  6. Salt:
    To further strengthen password security, a salt is added before hashing. A salt is a random value that is unique for each user, making the same password appear differently in the database. Salting adds an additional layer of complexity, thwarting precomputed hash tables or rainbow tables used by attackers.
  7. Two-Factor (or Multifactor) Authentication (2FA/MFA):
    While not directly related to passwords, enabling 2FA adds an extra layer of security to your accounts. It requires a second verification method, such as a temporary code sent to your mobile device, in addition to your password. This ensures that even if your password is compromised, an attacker still needs physical access to your secondary authentication method.

Benefits of Using a Password Manager:

  1. Enhanced Security:
    Password managers generate and store complex, unique passwords for each of your accounts. This eliminates the need to remember multiple passwords, reducing the likelihood of weak or reused passwords. By having a strong master password for the password manager itself, you only need to remember one secure passphrase.
  2. Convenience and Efficiency:
    Password managers streamline the login process by automatically filling in your credentials across websites and applications. This saves time and effort, especially when managing numerous accounts. You no longer need to struggle with forgotten passwords or resort to less secure practices like writing them down.
  3. Encrypted Storage:
    Password managers encrypt your passwords and store them in a secure vault. This means that even if an attacker gains access to your password manager’s data, they would still need the master password to decrypt and access your credentials.
  4. Cross-Device Synchronization:
    Modern password managers offer synchronization across multiple devices, such as smartphones, tablets, and computers. This ensures that your passwords are readily available wherever you need them, without compromising security.

In an era of increasing cybersecurity threats, protecting our digital identities and accounts is of utmost importance. By adhering to the characteristics of a strong password, leveraging techniques like PBKDF2, hashing, and salt, and embracing the use of a password manager, we can fortify our defenses and minimize the risks associated with online security breaches. Remember, a strong password is the first line of defense in safeguarding your valuable digital assets.

Cyber Security awareness

As the field of risks in cyberspace expands more and more, it is imperative to understand these and reduce your areas of vulnerabilities.

From a consumer perspective this mostly touches on a few points:

  1. Reduce exposure
  2. Only provide what is required
  3. Secure credentials
  4. Maintain retention policies
  5. Change often and unique

So what do I mean by the above as these do not seem to be really “consumer” terminologies. Lets go through them one-by-one.

Continue reading

7 – Fabric Security

This topic is hardly ever touched when fabric designs are developed and discussed among storage engineers but for me this always sits on my TODO list before hooking up any HBA or array port. It is as important in the storage world as it has been in the IP networking sector for decades. Historically the reasoning to not pay attention to this topic was that the SAN was always deeply embedded in tightly controlled data-centres with strict access policies. Additionally the use of fibre-optics and relatively complex architectures to the storage un-inaugurated even more, unfairly, devalued the necessity of implementing security policies.

Let me make one thing clear: Being able to gain access to a storage infrastructures is like finding the holy grail for archaeologists. If no storage infrastructure security is implemented it will allow you to obtain ALL data for good or bad purposes but even worse it also allows the non-invited guest to corrupt and destroy it. With this chapter I will outline some of the procedures I consider a MUST and some which you REALLY should take a good look at and if possible implement them.

Continue reading