1 00:00:06,400 --> 00:00:08,500 - So, how do we do better with passwords? 2 00:00:08,500 --> 00:00:11,430 We've used passwords for decades 3 00:00:11,430 --> 00:00:12,780 in order to protect our accounts. 4 00:00:12,780 --> 00:00:15,670 And we can see that they are no longer sufficient. 5 00:00:15,670 --> 00:00:16,540 So there are two angles 6 00:00:16,540 --> 00:00:18,310 we can look at this problem from, 7 00:00:18,310 --> 00:00:19,570 one from the consumer side 8 00:00:19,570 --> 00:00:21,700 and one from the organizational side. 9 00:00:21,700 --> 00:00:24,950 From the organizational side, we need to do a better job 10 00:00:24,950 --> 00:00:28,600 of securing and encrypting our passwords themselves. 11 00:00:28,600 --> 00:00:30,880 So then it means use hashing algorithms, 12 00:00:30,880 --> 00:00:34,920 use salted hashes to actually increase the difficulty 13 00:00:34,920 --> 00:00:36,970 for actually cracking the passwords. 14 00:00:36,970 --> 00:00:39,140 And also from an organizational standpoint 15 00:00:39,140 --> 00:00:42,710 we need to secure the password storage as well. 16 00:00:42,710 --> 00:00:46,130 On top of that from an organizational standpoint, 17 00:00:46,130 --> 00:00:49,750 organizations should support longer passwords. 18 00:00:49,750 --> 00:00:51,910 I know you'll probably look at some websites where 19 00:00:51,910 --> 00:00:53,510 they'll say they only support passwords 20 00:00:53,510 --> 00:00:55,840 up to eight characters, and we can't do that 21 00:00:55,840 --> 00:00:57,650 from an organizational standpoint anymore. 22 00:00:57,650 --> 00:01:00,740 We really need to support longer and longer passwords 23 00:01:00,740 --> 00:01:03,830 because longer passwords are much more secure 24 00:01:03,830 --> 00:01:06,530 than smaller, complex passwords. 25 00:01:06,530 --> 00:01:09,610 From a consumer standpoint, there isn't too much 26 00:01:09,610 --> 00:01:13,210 they can do to manipulate how the passwords are stored. 27 00:01:13,210 --> 00:01:16,360 So really consumers should look 28 00:01:16,360 --> 00:01:18,270 for two-factor authentication. 29 00:01:18,270 --> 00:01:20,460 They should definitely enable two-factor authentication 30 00:01:20,460 --> 00:01:21,910 on all of their accounts. 31 00:01:21,910 --> 00:01:24,440 And even if a password gets compromised 32 00:01:24,440 --> 00:01:26,920 if an individual has two factor authentication 33 00:01:26,920 --> 00:01:30,560 on their account, the intruders can't get into their account 34 00:01:30,560 --> 00:01:33,170 without having, let's say their phone as well. 35 00:01:33,170 --> 00:01:35,410 So there are many systems that do not 36 00:01:35,410 --> 00:01:37,210 support two factor authentication. 37 00:01:37,210 --> 00:01:39,250 So that's why on the organizational side 38 00:01:39,250 --> 00:01:40,320 to actually implement. 39 00:01:40,320 --> 00:01:42,480 But from a consumer standpoint, you know 40 00:01:42,480 --> 00:01:45,600 most of the popular applications now support two 41 00:01:45,600 --> 00:01:49,060 factor authentication from all of your email clients 42 00:01:49,060 --> 00:01:51,850 to all of your social media clients as well. 43 00:01:51,850 --> 00:01:55,310 The onerous is on the consumer side though, to go 44 00:01:55,310 --> 00:01:57,890 into your settings and actually turn those features on. 45 00:01:57,890 --> 00:02:01,190 So very highly recommended to implement two-factor 46 00:02:01,190 --> 00:02:05,100 authentication. And while that won't prevent any breaches, 47 00:02:05,100 --> 00:02:06,840 it will prevent an intruder 48 00:02:06,840 --> 00:02:08,580 from actually accessing your account. 49 00:02:08,580 --> 00:02:11,003 Once that information is breached.