Subscribe to our Resources Blog RSS feed to stay up-to-date on latest news.
FishNet Security is joining the National Cyber Security Alliance, the Department of Homeland Security and the Multi-State Information Sharing and Analysis Center for National Cyber Security Awareness Month. Now in its tenth year, NCSAM is a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online. Learn more.
Are your login credentials a bit funky? Not Bootsy Collins funky, but bottom of your farm boots funky? Have a seat, let’s talk.
This topic is, of course, much larger than Network Security. It’s part of security as a whole at the cellular level. Poor password habits on networking equipment can carry a nuclear payload if exploited. Total infrastructure pwnage.
You won’t just lose control of the device that’s been snatched from your clammy hands. You’ll lose control of everything that goes through it, too. What passes through your firewalls? All your organizational traffic. All. Of. It.
Bad password hygiene can take many forms. Let's cover a few of these in more detail. And let’s make it a game. We’ll call it Credential Golf, the lower your score, the better
off you are.
Fix: Disconnect it, flash the rom and sell it on eBay in “as is” condition. Do not pass go, do not collect a red stapler. Add 8 strokes.
Fix: Make ‘em longer, make ‘em stronger. Eight characters is a start, but you make guessing/bruting/cracking/hashing more difficult with each character you add. 16 characters is a good length to shoot for. Use a random mix of upper and lower case, numbers and special characters. I still believe in the correcthorsebatterystaple as well. Lengthy passphrases are less effective against GPU hashing, but good for many uses nonetheless. Add 3 strokes.
Fix: At least include some special chars or something, sheesh. Add 2 strokes.
Fix: Don’t use any password in more than one place. Add 4 strokes.
Fix: Never save passwords in unencrypted format. At a very minimum, use Axcrypt or a similar solution to encrypt your saved password files if they don’t have built-in encryption. Add 8 strokes, unless you named your dog Chum, in which case, just add 7 for your macabre self-awareness.
Let’s see how you did. Add up all your offenses, and see where you land:
0-3: You are well on your way to not having to explain a massive breach. Keep it up!
4-7: You heart is in the right place, we just need to fix you up a bit.
8+: Password overhaul needed. Don't say we didn't warn you.
Just for some perspective: this inexhaustive list only targets good old fashioned single factor passwords. Which as we know, are about as safe as a gravy-drenched lamb at WolfCon. Single-factor authentication will always have weaknesses due to the static nature of the credential. But, if they must be used, password management tools are the best option for using single factor credentials. I prefer KeePass, but there are apparently around 241,000,000 other options according to Larry Page.
To use a password manager optimally, follow these guidelines: