Safer Internet week at BCS 4 – 8th Feb 2019

We are starting up our weekly blogs and start with a short but helpful blog from Mr McGrail to coincide with National Internet Safety week, which we will be using as an opportunity to remind our students about internet safety.

In the interest of being part of this yearly ‘event’, I have decided to write a short article dedicated to everyone’s favourite subject…pa55w0rd5! I’m also aiming to provide some practical help as well. Below is a link to a website that allows you to check the strength of passwords. Very useful for those of you who insist on using passwords such as your birthday/anniversary, pet’s name, mothers name your name or other very easily guessed passwords. Yes, guessed, or more technically known as brute force attacked. Forget humans typing in loads of passwords primary school style, criminals have computer algorithms that compute thousands of possible combinations of words and numbers per minute. This website: https://howsecureismypassword.net/ shows you just how long it would take to crack your password(s). You’ll be shocked. Have fun coming up with hard to crack passwords!

Good practice for a hard to crack but memorable password; 3 random words with a number to separate.

E.g dog1army2africa3

So, you’ve come up with a few hard to crack passwords? Pleased with yourself? Don’t be! I bet you’ve written them all down on an easily lost/stolen/destroyed piece of paper. How do I know? Most people do and keep them all together, in a plain sight…WITH NO BACKUPS!!

Let me introduce Dashlane, 1password and lastpass to name a few. These are what’s called ‘Password Managers’ and they take the hassle out of 1) remembering passwords and 2) coming up with those hacker proof, Mr McGrail pleasing passwords.

How do they work?

Good question and somewhat of a change of mindset is needed to get your head around the idea of allowing one application to handle all your passwords. But wait! You’ve been doing that in your handy dandy little password book for years! However, unlike your notebook, a password manager can’t get burnt in a fire. Or, stolen from a draw. Or, lost in various bags etc.

You can use password managers in two ways. On 1 device, this would effectively replace your little notebook, but in a more secure way because all the passwords are encrypted. The password manager requires a Master Password to access your passwords. This is the only password you need remember, but you need to make it a good one. So go back to https://howsecureismypassword.net/ and get creating one Master Password to act as a guardian angel over it and your passwords. Then you can smile smugly at your accomplishments.

The second way is to pay for a subscription and to have your passwords sync across devices. This is insanely useful, especially when you’re chopping and changing between devices. You can create and save a password for your favourite website and access the password from your mobile device with the Password manager app installed. There are free Password Managers available from Google and Apple however they can often not work across different devices, makes and models.

These, along with other security features (paid version) such as personal VPN (Virtual Private Network) so you can browse the internet anonymously. Auto-fill to get you logged in faster. Password generator to take the hassle out of coming up with hard to crack passwords. In a nutshell, Password Managers, when used properly, make for a secure, relaxed and stress free digital existence.

Is it safe?

Yes…next question

Okay, this does need answering as some will think that a Password Manager is a single point of failure, and you’d be correct in terms of only needing to hack your chosen Password management’s servers. However, Password Manager companies have a vested interest in maintaining and upgrading their protection systems regularly. Your data is encrypted and stored securely with your Master Password being stored on your devices rather than on the company’s servers. They also backup your encrypted password data in the event of your devices being lost or stolen.

This does mean you need to set a strong password/code on your devices.

Password Management is a modern day skill we all need to learn. Like counting change at the local shop after buying your sweets and pop magazines was in the 90’s. It’s a necessary skill, just not a widely taught skill. We shouldn’t rely on Password Managers solely though. Awareness is the key. Being aware of your data, devices and how you operate on networks both locally in your workplaces and homes or the internet at large.

Still in doubt? Read this article for further peace of mind.

https://blog.dashlane.com/what-if-dashlane-gets-hacked/

As a challenge to you all, my master password would take over 300 billion years to crack…

Enjoy.

Mr McGrail

Technology and Communications Manager

Bradford Christian School

Leave a Comment