Upload File

mac security mac group presentation february 15, 2016 ... · 3. change the passwords for other...

  • Home
  • Documents
  • Mac Security Mac Group Presentation February 15, 2016 ... · 3. Change the passwords for other sites. 4. Set up a prioritized list of sites that need to have passwords changed •
5
Mac Security Mac Group Presentation February 15, 2016 Nonnie Markeset How to Secure your Mac and iDevices and Avoid Common Vulnerabilities What are vulnerabilities? 1. Viruses 2. Malware 3. Trojan Horses 4. Weak Passwords 5. Sharing too much personal information on public websites, like Facebook 6. Visiting sites that contain your sensitive information on a public computer or on a public website 7. Visiting “bad sites”. Ones that offer free movies, music, cheap goods and services. 8. Clicking on links in emails you receive 9. Not having your computer/iDevices password or passcode protected and/or having a weak password/passcode for your device. 10. Having the same password or similar for all sites. 11. Not keeping your OS/iOS and apps up to date 12. Spilling coffee on your keyboard 13. Dropping your device Of all the vulnerabilities listed above, your greatest vulnerability is your passwords. How do you create a strong password? A password should be at least 12 characters. It should contain letters, numbers and symbols and preferably not contain words found in a dictionary. To check the strength of your password: http://www.takecontrolbooks.com/resources/0148/zxcvbn/ Each site should have a unique password How do you remember all your passwords? 1. In Safari, turn on AutoFill (This I do not recommend as it is the least secure of all the options.) 2. Use Keychain Access (UserApplicationsUtilitiesKeychain Access) 3. Use a third party Password Manager (Your best option.) 1Password LastPass

Upload: others

Post on 27-May-2020

6 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Mac Security Mac Group Presentation February 15, 2016 ... · 3. Change the passwords for other sites. 4. Set up a prioritized list of sites that need to have passwords changed •

MacSecurityMacGroupPresentationFebruary15,2016NonnieMarkesetHowtoSecureyourMacandiDevicesandAvoidCommonVulnerabilities

Whatarevulnerabilities?

1. Viruses2. Malware3. TrojanHorses4. WeakPasswords5. Sharingtoomuchpersonalinformationonpublicwebsites,likeFacebook6. Visitingsitesthatcontainyoursensitiveinformationonapubliccomputerorona

publicwebsite7. Visiting“badsites”.Onesthatofferfreemovies,music,cheapgoodsandservices.8. Clickingonlinksinemailsyoureceive9. Nothavingyourcomputer/iDevicespasswordorpasscodeprotectedand/orhaving

aweakpassword/passcodeforyourdevice.10. Havingthesamepasswordorsimilarforallsites.11. NotkeepingyourOS/iOSandappsuptodate12. Spillingcoffeeonyourkeyboard13. DroppingyourdeviceOfallthevulnerabilitieslistedabove,yourgreatestvulnerabilityisyourpasswords.

Howdoyoucreateastrongpassword?

Apasswordshouldbeatleast12characters.Itshouldcontainletters,numbersandsymbolsandpreferablynotcontainwordsfoundinadictionary.

Tocheckthestrengthofyourpassword:http://www.takecontrolbooks.com/resources/0148/zxcvbn/

EachsiteshouldhaveauniquepasswordHowdoyourememberallyourpasswords?

1. InSafari,turnonAutoFill(ThisIdonotrecommendasitistheleastsecureofalltheoptions.)

2. UseKeychainAccess(User➔Applications➔Utilities➔KeychainAccess)3. UseathirdpartyPasswordManager(Yourbestoption.)

• 1Password• LastPass

Page 2: Mac Security Mac Group Presentation February 15, 2016 ... · 3. Change the passwords for other sites. 4. Set up a prioritized list of sites that need to have passwords changed •

MacSecurityMacGroupPresentationFebruary15,2016NonnieMarkeset

Herearesomeexamplesofweakpasswords:•123456•jack0322•w0nd3r•pr1ncess•samkenmary•122940

Herearesomeexamplesofstrongpasswords:•wHx9vm5Gs7zR•vxqCIKypD7”

Youshouldalsosetup2-stepverificationforanysitethathasthisfeature.This,however,requiresyoutohaveamobiledeviceonwhichyoucanreceiveageneratedcodetocompletethesigninprocess.ThiscodewillbesenttoyouviaaspecialapponyouriDeviceorviaanSMSmessageifyouareusinganiPad.Howitworks:

1. Gotothesite.2. Enteryourpassword.3. Receivearandomlygeneratedcodeonyourphone.4. Enterthatasasecondpasswordonthesite.

Herearesomesitesthatoffer2-stepverification:Google/Gmail--https://www.google.com/landing/2step/Facebook--GotoSettings,SecurityandselectLoginApprovalsApple/iTunes/iCloud--https://support.apple.com/en-us/HT204152

ExampleofwhatyouwillseeontheAppleSign-InSite.

Stepstotakeifyouthinkyouhavebeencompromised.

1. Changethepasswordforthecompromisedsite.2. Changethequestionsandanswerstothesecurityquestionsforthatsite.3. Changethepasswordsforothersites.4. Setupaprioritizedlistofsitesthatneedtohavepasswordschanged

• Allyouremailaccountpasswords• Bankandinvestmentaccounts• Facebookandothersocialsites• Amazon,Netflix• eBay/PayPal• AppleID/iCloud

Page 3: Mac Security Mac Group Presentation February 15, 2016 ... · 3. Change the passwords for other sites. 4. Set up a prioritized list of sites that need to have passwords changed •

MacSecurityMacGroupPresentationFebruary15,2016NonnieMarkeset

Ialsorecommendthatyousetupascheduletochangepasswordseverysixmonths,atleastforyourmostimportantsites.Whattodoifyougetconstantpop-upsinyourwebbrowserwarningyouthatyourcomputerhasbeencompromised.DONOTCLICKONTHELINK.DONOTDOWNLOADTHESUGGESTEDAPPTHATCLAIMSITWILLCLEANYOURCOMPUTER.Instead:

1. InSafari(FirefoxandChromehavesimilarprocedures)“ClearHistory”intheSafaridropdownmenu

i.

2. InSafariPreferences,goto“Privacy”

Page 4: Mac Security Mac Group Presentation February 15, 2016 ... · 3. Change the passwords for other sites. 4. Set up a prioritized list of sites that need to have passwords changed •

MacSecurityMacGroupPresentationFebruary15,2016NonnieMarkeset

Malware,Viruses,TrojanHorsesandHackersThesearevulnerabilitiesthatcomefromexternalsources.Virusesareatypeofmalwarethatgetinstalledonacomputerwithoutpermissionandhavetheabilitytocreatehavocwithyourcomputer.Thistypeofmalwareisatthispoint“non-existent”onMacsbecauseofthesafeguardsApplesetsup.ThetypesofmalwarethatMacusersmustbeawareofarecalledTrojanhorses.Theyarepiecesofsoftwarethatcanpiggybackonothersoftwaretogetintoyourcomputer.Basicallyyougivethempermissionwithoutknowingit.DoyouneedAnti-Virussoftwaretoprotectyourselffromthese?MostMacpunditswillsayno.Insteadfollowthese4rules.

1. KeepyourMacupdateda. MakesureyouhavethelatestOSandwhenincrementalupdatescome

throughmakesuretoinstallthemb. Updatetheappsyouusewhenyouarenotifiedofupdates.c. TurnonAuto-Updateifyouwant,inSystemPreferences-AppStore

2. Downloadsoftwareonlyfromtrustedsites.Herearesomesafesites

MacAppStoreAdobe

MicrosoftAgilebits

Ifanofferistoogoodtobetrue,itisusuallytoogoodtobetrue!3. Stayinformedandresearchanunknownsitebeforeyoudownloadfromit.

Searchthewebtoseeifthereisanyinfoonthecompany.2goodsitestocheckandtokeepyouinformedare:MacRumors.comCultOfMac.com

4. Donotclickonlinkscontainedinemailsyoureceive.• Asfrustratingasthisisyouaresaferifyouopenyourwebbrowser

andmanuallyputintheaddress…notcopyit.• Gmailhastwonewsymbolstoinformyouifyouremailisbeingsent

encryptedandifthepersonyouarereceivingtheemailfromistheactualpersonsendingtheemail.Thefirstisrepresentedbyalockandthesecondbyaquestionmark.

ExtraProtection

1. InSafariPreferencesunderGeneralmakesure“OpenSafeFiles”isunchecked*2. InSystemPreferencesunderSecurityandPrivacy,chose“MacAppStoreand

IdentifiedDevelopers”.**FirewallThefirewallletsyoublockincomingtraffictoparticularprograms,meaningitisonlyusefulifthereareprogramsonyourcomputerthatyouwanttorestrictintermsofincominginformation.Ifthat’snotthecase,andifyouusetheInternetprimarilybehindasecurerouter,youprobablydon’tneedtoenableafirewallatall.

Page 5: Mac Security Mac Group Presentation February 15, 2016 ... · 3. Change the passwords for other sites. 4. Set up a prioritized list of sites that need to have passwords changed •

MacSecurityMacGroupPresentationFebruary15,2016NonnieMarkeset

*InSafariPreferencesunderGeneralmakesure“OpenSafeFiles”isunchecked.

**InSystemPreferencesunderSecurityandPrivacy,chose“MacAppStoreandIdentifiedDevelopers”.**


Passwords & corresponding accounts

Remove App Passwords (iPhone) - Vermontdii.vermont.gov/sites/dii/files/PDF/Support/Remove-App-Password...Remove App Passwords (iPhone) Problem: “Unable to verify account information”

Passwords Das Cartas

Using Hamiltonian Totems as Passwords Abstract 1 Visual passwords

3d passwords

Passwords And Security

Chapter 7 Passwords - cdn.ttgtmedia.comcdn.ttgtmedia.com/.../HackingforDummiesCh07.pdf · Chapter 7 Passwords ... Therefore, passwords are one of the weakest links in ... This includes

Top 7 Sites Of Undelete Mac File

PDF Passwords-Eltima

Handsworth Grange Passwords

Passwords Managing your Online - Bates College€¦ · LastPass saves and fills in logins and passwords for your (Sites). Use the LastPass in-field icon to save a new login or to

Passwords Defecto Routers

Perfect Passwords

Passwords, Passwords and more Passwords

8 login passwords

Digital Citizenshipdigitalcitizenshipsusd.weebly.com/uploads/7/8/6/6/78661500/__stud… · 1 powerful passwords dos and don’ts of powerful passwords powerful passwords / student

Passwords, Passwords, Passwords - MemberClicks · Most common passwords of 2017 1. 123456 2. 123456789 3. qwerty 4. 12345678 5. 111111 6. 1234567890 7. 1234567 8. password 9. 123123

You$and$Your$Passwords$sites.duke.edu/training/files/2012/10/PasswordPresentation.pdf · Recommendaons$ • Notjustone$strong$passwords,$butmulLple$ strong$passwords$ • Password$Escrow$

Passwords and You CREATING AND MAINTAINING SECURE PASSWORDS

Security Awareness Passwords - Illinois.gov · 3 Passwords Password Cracking Find weak passwords Verify the use of good passwords Characters (complex) Estimated time to crack 7 15

Updating Secondary Students Passwords & Challenge Questions...Updating Secondary Students Passwords & Challenge QuestionsAudience: Secondar y Students Purpose:Updating passwords and

Unauthorized Cross-App Resource Access on MAC OS X and iOS · latest Mac OS X 10.10.3, our sandboxed app successfully retrieved from the system’s keychain the passwords and se-cret

Alternatives to Passwords David Bohn. Password : History The average working professional has 6 passwords to perform daily functions Passwords if used

Making Strong Passwords

Software that can create and remember different passwords for different sites

Chapter 4.2 presentation · Stops fraudulent sites attacking the computer Up to date anti-spyware software can be used Use of passwords Changing passwords from default passwords Regularly

Strong Passwords

Auto-pilot for all your passwords. · Remembers your passwords so you don’t have to. Auto-pilot for all your passwords. Remembers your passwords so you don’t have to. Forget forgotten

Passwords Issa

Passwords 101

MAC 1147 Syllabus 2014 Spring - People Sites - University of Florida

Death To Passwords

Passwords Everywhere

graphical passwords

Go to CCV Login Page usernames and passwords from other ...€¦ · • Go to CCV Login Page • Note that . usernames and passwords from other NSERC sites won’t work on the CCV