Monday, April 19, 2010

MANAGING YOUR PASSWORDS

Passwords are just long or short strings of characters typed onto a keyboard from memory.You use passwords in withdrawing cash from ATMs, in paying for goods and services in Nigeria and abroad; also to log in to your facebook account or any other social media sites such as twitter, linkedin etc;When you join an organisation that is IT driven, to log in to the companies environment, you must be authenticated with a password; You use them when checking mails especially on Yahoo, others include Hotmail, Gmail and a list of other email supporting sites; you also use it in managing your websites.

Consequently, it could be said that passwords are the key to the essence of locking the doors to the vast opportunities that are embedded in utilizing modern day technologies.Passwords are the most common form of authentication in Nigeria, at the same time, they are the weakest form of authentication.

Password attacks have become ubiquitous that in less than five seconds, your password can be compromised, and whatever happens after that is history. No matter how many passwords are used, multiple passwords are ultimately no stronger than any single password by itself. It will be pertinent to inform you that longer and more complex passwords will take more time and more processing power, but this does not change the fact that your password can't be surmised.

If 50% of Nigerians have access to ATM cards, suffice it to say that those percentage of Nigerians are vulnerable to losing their money at one point or the other due to password compromise or negligence; If 15% Nigerians are using facebook and 30% are using Yahoomail, it thus means that someday, these set of Nigerians might lose access to personal information in their mail box, perhaps they might become a victim of identity theft whereby a criminal takes up their identity.

To avoid this eminent danger that's looking at us, we must change the way we create and manage passwords.(Please read How to Create passwords on this Blog).
1. Do not use Dictionary words as your password.
2. Do not write passwords on paper or store them anywhere.
3. Memorize your passwords.
4. Do not use names as passwords.
5. Always include non-alphabetic characters such as £, $, & in your passwords.
6. Do not use the same password you use to log in to your Yahoomail for your facebook account.
7. Change passwords as often as possible.
8. Never give out your password or password hint on any website, other than the website its been used for.

HOW TO PROTECT YOUR AUTOMATED TELLER MACHINE (ATM) CARDS

ATM cards has become the most vulnerable IT gadget we take about in Nigeria.7 out of 10 people in Nigeria uses their year of birth as their Personal Identification Number (PIN)!Please, if you have done that, change your PIN right away; Do not use numbers associated with you as your PIN (please refer to how to create passwords);Do not tell anybody your PIN-They might use it later, or tell someone else unconsciously; Do not write your PIN on a paper, please try and know the four characters by heart.

As the Banking industry as resorted to downsizing as one of their strategies in recuperating from the economy downturn in the country, it will be expedient for Nigerians that patronizes these banks, especially, the affected ones, to keep watch on their ATM transactions, they can resort to changing their PIN every 20 days; check on their bank transaction statement whenever they visit the banks.

Obviously, the internet has become a safe haven for fraudsters all around the world, Phishing sites now populate our emails with ATM update mails. Please Do not respond to those mails, delete those mails immediately!No bank or organization in Nigeria or in other part of the world will ask you to "upgrade or update your ATM Card Information".

Online Shopping has become one of the holy grails Nigerians can not afford to meet up with, and if they do, they should be aware that even in developed countries, credit card scams that emanate from online shopping constitute to about 60% of cybercrimes that has been witnessed over time; You should be conscious of the websites your transact business with or on, check if they are been verified by an authorized SSL (secure socket layer)certificate vendor which includes companies like Verisign, Thwate, and Digicert.

The ATM as become part of our life, and it makes transactions easier, for us to maximize its usage, we must protect our PIN from fraudsters, it is only then, we can be rest assured of enjoying the value that comes with Information Technology

HOW TO CREATE PASSWORDS

Passwords should be as long and as complicated as possible. Most security experts believe a password of 10 characters is the minimum that should be used if security is a real concern. If you use only the lowercase letters of the alphabet, you have 26 characters with which to work. If you add the numeric values 0 through 9, you’ll get another 10 characters.If you go one step further and add the uppercase letters, you’ll then have an additional 26 characters, giving you a total of 62 characters with which to construct a password.

Most vendors recommend that you use non alphabetic characters such as #,$,and % in your password, and some go so far as to require it.If you used a 4-character password, this would be 62 × 62 × 62 × 62, or approximately 14 million password possibilities. If you used 5 characters in your password, this would give you 62 to the fifth power, or approximately 920 million password possibilities. If you used a 10-character password, this would give you 62 to the tenth power, or 8.4 × 1017 (a very big number) possibilities.

As you can see, these numbers increase exponentially with each position added to the password. The 4-digit password could probably be broken in a fraction of a day, while the 10-digit password would take considerably longer and much more processing power.If your password used only the 26 lowercase letters from the alphabet, the 4-digit password would have 26 to the fourth power, or 456,000 password combination. A 5-character password would have 26 to the fifth power, or over 11 million, and a 10-character password would have 26 to the tenth power, or 1.4 × 1014. This is still a big number, but it would take considerably less time to break it.Mathematical methods of encryption are primarily used in conjunction with
other encryption methods as part of authenticity verification.

The message and the hashed value of the message can be encrypted using other processes. In this way, you know that the message is secure and hasn’t been altered.Nigerians, as we continue to explore the world of IT, please let passwords management be at the back of our minds-it is from the day you start using a cellphone, opening a Yahoomail, joining people on facebook, you become vulnerable, perhaps, you don't know- you are in an IT cloud, and it might soon start to rain!

IT SECURITY AND NIGERIA

Over the course of several centuries, the Industrial Revolution saw the development of new manufacturing processes that changed much of the world’s economy and ways of doing business. Whereas it took centuries to develop new business manufacturing processes of the Industrial Revolution, a new revolution, what I call the Information Technology Revolution, has occurred over the past 35 years, and it has literally changed the face of the world, Nigeria inclusive. This great change in business and economic focus took years to develop and is still being perfected till this very day.

This revolution has brought us such great things as the personal computer, software for the personal computer, computer networking, Automated Teller Machine (ATM) Cards, Mobile Phones, computerized medical equipment and, of course, the Internet.It is quite interesting to know that about 30% of Nigerians do use this technology.The technology revolution has brought us huge intangibles as well, such as productivity,quality, larger profit margins, vast new markets to increase sales, and efficiency. These intangibles have been the driving force to make the technology revolution the most important revolution during the existence of man.

If Nigerians are to truly reap the benefits of the latest technologies-The use of mobile phones, the internet, ATM cards, Social Media such as facebook, twitter, flickr and a whole lot,they have to be educated and trained as to the appropriate ways of dealing with the dark side of information technology terror. In simple terms,all users have to learn the safe practices for their gadgets, their business networks, and the Internet. The security basics of “what to do” and “what not to do” become the front-line defense for most businesses. Much reason why Cloneshouse Nigeria has taught it well in using this medium to get across to Nigerians, intimating them on dos and donts of their IT gadgets.