Security – Examples – 2 Factor Auth

View Github Repository Open presentation in a new window

NoLogo

See all presentation from NoLogo

Security – Examples – 2 Factor Auth

0 0

26-6-14-security.github.com

Security Talk

On Github NoLogo / 26-6-14-security.github.com

Security

This was made in REVEAL . JS

Examples

These examples all demonstrate issue that affect us

Sony PSN - 2011

Hackers released the user database for the Playstation's store onto the internet

This included:

Names Addresses Phone numbers Credit card details

This affected 70 Million people

Result?

A £250000 fine for breaching the data protection act.

Apple Australia - 2014

Hackers broke into the find my device app.

They locked all users out of all their devices & demanded payment from users to regain access to their devices

This affected ALL Australian Apple USERS

Life Hack - 2014

White October's server company

Why is this relevant?

2 Factor Auth

Two stage login process
Password & a randomly generated one use code

finding a Balance between security and useability

Email

It's at the core of everything we do!

gitHub

Incuna : Who

Passwords

now some maths..........

Type Length Maths Total Combinations Number 5 10 x 10 x 10 x 10 x 10 100,000 a-Z 5 52 x 52 x 52 x 52 x 52 380,204,032 Unicode 5 113,021 x 113,021 x 113,021 x 113,021 x 113,021 1.8441478e+25

Password Style Guide

at least 8 characters long
containing at least one symbol
containging Upper & lower case letters
contain at least one number

LastPass

We have the tools let's use them better

Generating secure passwords?

Lastpass has a tool for that

Proper Password Storage

Other bits

Think about the networks you connect to

Please stop storing passwords in plain text

charles denton :"we're on the cutting edge of everything that we build, but our security is way behind"

What we're doing

A complete review of our security

If you'd like to see your lastpass password score come see me

Security – Examples – 2 Factor Auth

NoLogo

Security – Examples – 2 Factor Auth

0 0 (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/platform.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();

26-6-14-security.github.com

Security

Examples

Sony PSN - 2011

Hackers released the user database for the Playstation's store onto the internet

This included:

This affected 70 Million people

Result?

A £250000 fine for breaching the data protection act.

Apple Australia - 2014

Hackers broke into the find my device app.

They locked all users out of all their devices & demanded payment from users to regain access to their devices

This affected ALL Australian Apple USERS

Life Hack - 2014

White October's server company

Why is this relevant?

2 Factor Auth

finding a Balance between security and useability

Email

It's at the core of everything we do!

gitHub

Incuna : Who

Passwords

now some maths..........

Password Style Guide

LastPass

We have the tools let's use them better

Generating secure passwords?

Lastpass has a tool for that

Proper Password Storage

Other bits

Think about the networks you connect to

Please stop storing passwords in plain text

charles denton :"we're on the cutting edge of everything that we build, but our security is way behind"

What we're doing

A complete review of our security

If you'd like to see your lastpass password score come see me

0 0