2. Common Password Patterns
Common Complexity Misconceptions
Proof to Password Madness
Get to the Point
Your New Best friend
Overview:
3. • Using a name, place, or common word as the seed
• Capitalizing the first letter
• Adding a number at the end of the password or base word
• Adding one of the most common symbols (~, !, @, #, $, %, &, ?)
• Starting with uppercase followed by lower case
• Putting digits before or after letters
• Repeating previous passwords
Do these look familiar?
4. Most would think the methods below would create complex passwords,
but even these seemingly “complex” of passwords can be breached.
Deceivingly Simple Passwords…
Rule Pattern
Must consist of 2 upper case, 2 lower
case characters and 2 digits
uu33dd
Must consist of 9 digits and 1 letter d{9}L
Must consist of 10 alphanumeric
characters, where at least 1 is a letter
and at least 1 is a digit
LdA{8}
Must consist of 10 alphanumeric
characters, where at least 2 are upper
case and at least are 2 lower case
characters
uullA{6}
Must consist of 9 characters out of the
set "ABCDEF" and an '@' symbol
somewhere in it
@[ABCDEF]{9}
http://keepass.info/help/base/pwgenerator.html
5. Case Study by Korelogic:
Most
Common
Company
Password
Standards
One upper
case, then 6
lower case,
then 2 digits
(Example:
Abugmar64)
One upper
case, then 3
lower case,
then 4 digits
(Example:
Itio1981)
One upper
case, then 5
lower case,
then 2 digits
(Example:
Dulith57)
http://stateofthenet.net/2014/10/the-big-password-mistake-that-hackers-are-hoping-youll-make/
6. Password hacking is happening. Right now.
Your company might have made it so far without a breach, but what
about the future?
Let’s take a stroll back to this past year…
What is the Point?
Verizon's 2014 Data Breach Investigation Report concluded:
50 CONTRIBUTING GLOBAL ORGANIZATIONS
1,367 CONFIRMED DATA BREACHES
63,437 SECURITY INCIDENTS
95 COUNTRIES REPRESENTED
file:///C:/Users/bd1226/Downloads/rp_Verizon-DBIR-2014_en_xg.pdf
7. What do we do?
- nFront Password Filter allows up to 6 different password policies in the
same Windows domain
- Each password policy offers over 40 different rules
Sound complicated? Best part, IT’S NOT. We are here to:
• Eliminate risk of password hacking
• Create an easy to use password policy system
• Prevent user frustration
• Save the risk of losing expenses and time
nFront Security to the Rescue
8. To see how our nFront Password Filter product can help
your company prevent weak and easily hacked passwords
please visit our website.
http://nfrontsecurity.com/products/nfront-password-filter/