1 00:00:06,421 --> 00:00:08,534 - So how do we do better with passwords? 2 00:00:08,534 --> 00:00:11,151 We've used passwords for decades 3 00:00:11,151 --> 00:00:12,654 in order to protect our accounts 4 00:00:12,654 --> 00:00:15,658 and we can see that they are no longer sufficient. 5 00:00:15,658 --> 00:00:17,941 So there are two angles we can look at this problem from. 6 00:00:17,941 --> 00:00:19,287 One from the consumer side, 7 00:00:19,287 --> 00:00:21,176 and one from the organizational side. 8 00:00:21,176 --> 00:00:24,287 From the organizational side we need to do a better job 9 00:00:24,287 --> 00:00:27,922 of securing and encrypting our passwords themselves. 10 00:00:27,922 --> 00:00:30,556 So that means use hashing algorithms, 11 00:00:30,556 --> 00:00:33,906 use salted hashes to actually increase 12 00:00:33,906 --> 00:00:36,760 the difficulty for actually cracking the passwords, 13 00:00:36,760 --> 00:00:39,064 and also from an organizational standpoint 14 00:00:39,064 --> 00:00:42,375 we need to secure the password storage as well. 15 00:00:42,375 --> 00:00:45,342 On top of that, from an organizational standpoint, 16 00:00:45,342 --> 00:00:49,312 organizations should support longer passwords. 17 00:00:49,312 --> 00:00:51,631 I know you'll probably look at some websites 18 00:00:51,631 --> 00:00:53,196 where they'll say they only support passwords 19 00:00:53,196 --> 00:00:54,612 up to eight characters. 20 00:00:54,612 --> 00:00:55,920 And we can't do that 21 00:00:55,920 --> 00:00:57,694 from an organizational standpoint anymore. 22 00:00:57,694 --> 00:01:00,280 We really need to support longer and longer passwords 23 00:01:00,280 --> 00:01:03,525 because longer passwords are much more secure 24 00:01:03,525 --> 00:01:05,683 than smaller complex passwords. 25 00:01:05,683 --> 00:01:07,525 From a consumer standpoint, 26 00:01:07,525 --> 00:01:09,925 there isn't too much they can do 27 00:01:09,925 --> 00:01:13,462 to manipulate how the passwords are stored, 28 00:01:13,462 --> 00:01:16,300 so really consumers should look for 29 00:01:16,300 --> 00:01:17,931 two-factor authentication, 30 00:01:17,931 --> 00:01:20,186 they should definitely enable two-factor authentication 31 00:01:20,186 --> 00:01:21,241 on all their accounts, 32 00:01:21,241 --> 00:01:24,041 and even if a password gets compromised 33 00:01:24,041 --> 00:01:26,679 if an individual has two-factor authentication 34 00:01:26,679 --> 00:01:30,033 on their account the intruders can't get into their account 35 00:01:30,033 --> 00:01:33,146 without having, let's say, their phone as well. 36 00:01:33,146 --> 00:01:35,382 So there are many systems that do not support 37 00:01:35,382 --> 00:01:36,578 two-factor authentication 38 00:01:36,578 --> 00:01:38,886 so that's on the organizational side 39 00:01:38,886 --> 00:01:40,251 to actually implement. 40 00:01:40,251 --> 00:01:41,742 But from a consumer standpoint, 41 00:01:41,742 --> 00:01:44,445 you know most of the popular applications 42 00:01:44,445 --> 00:01:46,572 now support two-factor authentication 43 00:01:46,572 --> 00:01:48,870 from all of your email clients 44 00:01:48,870 --> 00:01:51,390 to all of your social media clients as well. 45 00:01:51,390 --> 00:01:54,688 The onus is on the consumer side, though, 46 00:01:54,688 --> 00:01:55,944 to go into your settings 47 00:01:55,944 --> 00:01:57,826 and actually turn those features on. 48 00:01:57,826 --> 00:02:00,397 Very highly recommended to implement 49 00:02:00,397 --> 00:02:01,793 two-factor authentication. 50 00:02:01,793 --> 00:02:04,586 And while that won't prevent any breaches, 51 00:02:04,586 --> 00:02:07,125 it will prevent an intruder from actually 52 00:02:07,125 --> 00:02:11,292 accessing your account once that information is breached.