LIVE WEBINAR: Password Management: Working with and keeping track of all your passwords

THIS EVENT IS NO LONGER LIVE.
Have too many passwords? Trying to keep track of them? Are your passwords secure? What is 2 factor authentication? This session covers some tips for password management, selecting effective passwords and provides an overview of what 2-factor authentication is and how it can benefit you.

To participate in the seminar and be able to ask questions, you will have to have a Google Account (gmail address). We've even made a short video on setting up a gmail account if you don't have one: https://www.youtube.com/watch?v=hjRPR... - and another video about how our events work once they're running: https://www.youtube.com/watch?v=VlvgF...

Find and follow us at:
http://www.oakbaycomputers.ca
https://www.twitter.com/oakbaycomputers/
https://www.facebook.com/oakbaycomput...

---

Closed Caption:

hi
my name's Ian welcome
in our on pat
I'm not
will run about 45 minutes this evening
and they'll be available for playback at
any time so if you get lost her key got
questions
on your welcome to play it back it'll be
available on YouTube the exact same link
he came to
will be the same like the complete back
at so
today is going to be working with and
keeping track of all your passwords
and most our lives without passwords for
all different servicing into
reason passwords on a daily basis so and
then go through if you are
election passwords to is gonna be
password
contracted something I mentioned before
and I'm gonna keep mentioning probably
hear me keep mentioning in most my
presentations is two factor
authentication
you believe
it so
on the screen and this is why we go
mint this is our bad guy and there is
lotsa
the bad guys out there and summer
automated some the more people I'm so
you do want to
ensure that you keep a good password and
keep your system secure and do
everything you can to ensure people are
getting into it
whether it's your banking whether it's
your email whether it's your Facebook
your Twitter account
all those have ways and ensuring that
you maintain the security that you need
to for those
so
one of the things that sorta stems from
pasture management
is the protection your account
protecting from the bad guy so
this is an old old photo but it's still
very relevant today
and this is the email that probably most
if not all of us have seen where it
comes from pay power from your bank
um I know we find it funny when it comes
from another bank saying my counsel
been compromised and I don't even
banquet that bank so this one's from Pay
Pal honest to you going we need to
verify your account unauthorized
transactions happened
there to verify your account and when
you click their they're gonna show you a
login screen that looks a lot like Pay
Pal login screen
and you're gonna felonies and password
and then I'll go thank you we verified
that you're legitimate and your pad your
transaction was fine and
all's good meanwhile they got a copy
your password now so they can go and
Pay Pal which is probably going to a
credit card or bank account and start
moving money around
their goal is to start doing that before
you notice before you shut it down
and they get money mood they withdraw
cash and they're off and running
following that email of twenty
sometimes you do believe them to be
legitimate so
one other ways to check them is if you
do end up accidentally or intentionally
clicking on the links
look at the URL up to the top and in
this case
its a very different URL from Facebook
P find the dot
up and work backwards LCCI axe xx
and that's definitely not Facebook so
check the URL make sure the pager going
to anything here long into
is the right URL the other way you can
do it as you can just type the URL and
yourself type in the web address so
if you get any
thing your account's been compromised
instead a quick in like just taken Pay
Pal dot com
and that'll take you right to pay pal
and when you log in
they should have an alert that pops up
on the screen if your account was
actually compromised
on much like the same if you got a
question about your bank it
owns and says hi this is
to verify you
number the best thing to do is to send
any call you back you hang up
you flip your card over you read the
numb phone number on the back you call
them
and then you verify the information
because you know you're talking to the
right person
soap all these reasons and all these
things lead-up to use lighting that
password making sure that you're
managing those passwords
and marking them down as much as
possible so
under the selection area
we all know that we wanna complex
password
longer require stronger on
having
station in the password a lot in the
sites that we've used
do have those requirements you will see
those requirements happening
and today I was looking at some these
computer and they were setting up an
Apple ID and it's got a little pop up in
it says you have to have a capital you
have to have a lower case
so what other sites will drive you to
use those I like to go to the extent the
site does
allow so the site allows up to 16 or 24
characters I like to go up to that
extent and put a fair bit a
random complex into my passwords and
that's when they come back to pasture
management and how do you manage that
so this is an example of something the
passwords that are
the most popular passwords right now on
password is still a popular password
1234 56
I'm quality the top broke your keyboard
monkey which I'm not quite sure why that
comes up as a pop your password
arm ABC 123 all these sorts of passwords
are common passwords
these are well known these are
automatically try to somebody's trying
to break into your account
these are probably the first 10 pastors
and they're gonna try
popular passwords are this month and
they're gonna try them so
eliminate yourself from the probability
and just dumb luck
and make sure that your passwords are
not these passwords some the basics
about password management
never reveal your password to anyone
that's kinda the given
onto your password like your pet
their bank account or credit card if you
do write your password down
and keep it hidden keep it far from your
computer look at the probability of your
passwords
and how many password you got and how
many are
where you're keeping and if you are
gonna write them down
write them down on something that is
somewhat secure so
one of the things that i've seen
is the notebook that's on the shelf next
to the computer onto the computer or
phone
all the passwords in them
those work those actually worked fairly
well
in a sense that they're not out at
Starbucks
Mon your computer at Starbucks you don't
take that notebook with you
hopefully you don't put that notebook in
the same bag as your computer or your
laptop when you're traveling
that's where you're going to get
yourself into a bit of trouble because
it's got all the information in it
but at home you got locks on their doors
may be an alarm system so there is a
layer security
now I know some people are gonna watch
this video playback can go no no no
that's bad
but if you look at it from the other
perspective by brain the passwords down
in that way you're putting a password
that is more complex
into a system and is hopefully different
than your other passwords
see you actually creating more security
on the internet but yes he got less
security
in physical person I'm not recommending
in an office that you do this and have
your
of as passwords and no booking your top
right drawer because that's probably the
first place and he's gonna look at the
break-in
on but having your pastors written down
if you are increasing complexity by
doing it definitely can
direction but along those lines that's
why I'm gonna come back to power
management
that's going to be part 2 and making
sure that you are managing those
passwords and keeping track them in
different ways you can do it
testing change your password regularly
conventional wisdom is once every three
months the should be changing your
password
that's great
the reality is most people don't and I
don't believe the next flight is going
to talk about the frequency the people
change their passwords
so do change your passwords if you
believe something's been compromised
immediately change your password
if you believe you type the password
into something
that you shouldn't have if you think you
got caught with a fake pay power
fake facebook login and you're not sure
paid and Facebook to comment click
Change Password make sure you lock it
out immediately
and be doubtful links asking for logins
and passwords or personal information
you're not turn this is what I said
earlier you're not sure type the URL in
yourself before you enter the
information don't just click the link
type the URL in your cell then fill in
the information see if something comes
up about your password or about a
vulnerability
logging off most computers that I work
on I can sit down tape in facebook in
the person's Facebook appears on the
screen I can take ten gmail dot com in
their email appears on the screen
a home computer is a little different
than an office computer
a shared home computer is a little
different than a personal home computer
a shared home computer are sorry a
personal home computer
with your own password on is a little
different than at shared home computers
kitchen logging off ensures that your
account is locked out and it'll require
the next person to fill in the password
so hopefully if you got multiple people
using the computer you log off the next
person when they go to Facebook they
aren't in your Facebook
when they start messaging and hopes
they're in the wrong account or
something worse
but making sure that their logged
you're logged out will lock your
countdown
most sites if you want to change a
password will require you to enter your
old password
so it's not too much longer billion the
sensor somebody locking you out of your
account
it will require some form that
indication and
watch out for malware and this is kinda
they enlarge topic and this is something
that you need to be aware of
logging in on I'm trusted computers
has a higher risk up now where most
public places like libraries have
computers that actually reset themselves
to clean
every time somebody logged out every X
number of minutes or hours
so when you are sitting down at the
computer its almost like a new computer
whereas if you're going into a location
where there's a shared hotel computer
and it's a small hotel that's not a
chain
and there's no swipe a credit card to
log into this computer into your room
number into very and
public shared basic computer
definitely be aware that when you're
like me and
and I generally don't recommend logging
into those computers
if you've got an iPad or a tablet or a
phone or laptop with you and you can get
on wifi Rainier
hot nearby hotspot you're going to be
much more secure than using that shared
computers
definitely keep that in mind so
the currents that and I think this is
about a year old so this is probably
higher now
is the average person on the Internet
has 25 online accounts
so that's going to arrange everything
from your banking sites
to your Facebook jeanette
test Instagram your second gmail that
old hotmail account that you never use
anymore
on those 25 sites the average person
only has 6.5 passwords
and two-thirds abusers only have one or
two passwords
so you can see where this is going
get the person's first password you got
probably most to their passwords are the
ability to login to most other sites
hopefully people have at least some
different passwords for their financial
sites and even in a worse
this reason the same
eat at least the financial say passwords
are separate from your Facebook in your
Gmail
so the current wisdom in this came out
from Intel security and Teller the guys
that make the chips that go on your
computer
and complexity is last in length
so if you have an a character password
plaques
a twenty come care
it's just a string of random words
strung together lead length is going to
win
over the complexity and create doubt
much more security
if somebody's trying to crack the
password in this case
its 35 however many million
in years to crack this password
making sure that you got the come the
lengthen their throw little bit a
complex the in there for good measure
but definitely make sure that you got
the length in the password so
this question came up I'm just now from
somebody that's watching
is a hotspot safe
um such as Starbucks hit my safe answer
to that is yes and no
in a sense a hot spot is safe
in that Starbucks does not want to have
a reputation
out having insecure hot spots same as
hotel wireless
way
and on a site that is a me
our site and most states
secured
male banking and you go on a public
connection
yes that connection can be monitored you
don't know if somebody is monitoring the
wireless traffic
if you're in a small stand alone hotel
sniffing the traffic that's going
through the internet you don't know if
that's happening
what you do now is when you've got a
padlock and we've all known that padlock
for the last ten or twelve years that
we've gotta watch for that little
padlock on the log in to the bank
when you got that padlocked their you do
have a layer of encryption
cell will pick a big bank and say World
Bank
if you could log into the Royal Bank dot
com website and that payback is there
what they're gonna see if they're going
to Sea World Bank dot com and that's it
they may know you're on a banking site
but they're not gonna be able to see the
traffic that's going through their
that padlock was
they could actually we build all the
screens that were gone
I'm screen by screen and take that
reassemble it so in a sense
yes there is security by using a pup
because you're using a device that is
trusted you're using your own device so
you know you got the physical security
and that device
whereas what I was saying before if
you're using
a shared computer yes you can go to
Royal Bank dot com you can see that
passed
land that padlock but have
already compromised the computer and is
capturing your username and password as
you're taking it
so they may just grab your username and
password they don't care that its World
Bank dot com they see you take your time
and dot com they don't even need to
watch what's happening because they're
just grabbing your password is a goes by
yes you are going to get a fair bit more
security by go onto
a public hot spots such as Starbucks
I'm and Western Canada there's shot open
if you got a shock connection you can
jump on those and
tell us has
popping up those are public hot spots
there about 10 percent
coverage compared to shower right now
and
me you can jump on those if you do you
get the padlock on the screen and you go
to a place and what's your wifi password
you have to enter a password and there's
some for me WPA security there's another
layer encryption on their cellars
lasts capability for people
random people to sniff the data there's
still a lot of ways for people to see if
data and grabbed eight as it goes by
but at the very least making sure that
you got that
you trust the device you're using you
gotta fair degree of trust in the
connection
and you should be okay but deathly make
sure you got that power market you're
going in a public hotspot
the only other thing I'll say on that is
if you want to go to
the next layer above is you can actually
create what's called a VPN connection
and that completely encrypt everything
leading a computer
right down to the website your typing in
and
you can net setup BP ends all over the
place there's different VPN services
to
in an area that's questionable but you
got your iPad you can actually a VPN on
its when he turned it on
doesn't matter what there's nothing they
can't do anything with
I that BP and talk is probably in
discussion in another itself so I'm not
gonna do Heavy D DPN top but
yes you can Blair on but in a general
sense
public hotspot our state as long as
you're going to encrypt it cites
so
men jumped from selecting a password
because we've all seen the selection and
we've all had a drill into us
over and over into password management
and this is where
you've got your little book a password a
lot of people
I will see have the book a password or
the file folder Password
going to password manager
your passwords to the next level so
on the Internet you can get password
management programs Password Manager
software
programs that run on Mac and Windows you
can get them that run on Chrome OS
he got a Chromebook iPad's I last
iPhones Blackberries and runs Windows
Phone
there is literally password management
software for
any and every device that you could
possibly get this isn't going to be a
heavy duty review
are every
management software because there are
literally thousands
other them arm I'm not going to go into
all of them
I touched on three and I'm I'm gonna
take one other man go more in depth
just give a little bit information on it
how the tools are used
how they work one thing I will say with
password management is
you do get what you pay for some other
programs run for forty nine dollars
some the programs run for fifteen
dollars a year for subscription
some other Murphree and then you can
upgrade from our features for
subscription
so deftly keep it in mind when you're
selecting a pass for management program
if it's and I'll asap and it's free
you got mean really know we course
there's nothing to go for
I'm so definitely keep that in mind and
the other thing to do when selecting a
passing mention program if you go this
route is
make sure it works on all your devices
so if you've got
a the Windows laptop an Android tablet
and you want the pastor management on
both and you're gonna be synchronizing
make sure it works on both of your
devices make sure you can
have the same
first appear on both them and that
secure and safe so
those in the big things to look at so
wanna the password management tools
is called last pass
that's in the news and not
once last
Press they had somebody break in and
steal some the password hash files
and they didn't actually steal the
passwords themselves the way last passes
bill
and the way the good ones build
themselves is the encrypt the files in
the password on your computer
so when the passwords are stored on
their systems
if somebody steals it they're really
just stealing garbage
thats a hopeful best-case scenario
that's the direction that we'd like them
to go and we believe that they go
and all evidence is pointing out that
they go that way last passes Mac Windows
also around on I lattice and I believe
they have an Android app
and it allows you to store all your
passwords I'm gonna quit
quickly go through the 311 then I'm
gonna go bit more in doubt as to how
they work
but it allows you to store your password
so that you can have that complexity
there
you can go to a website that asks for
your password you can have the software
filling in for you and it kind of works
in a sense like a janitor's keychain
janitor has one big key chain that has
access the building so
that is the token if you lose that your
kind about a block
but with that your granted access
everywhere so if you're
not with your key
guess I keychain that bad so what you do
is at night you put it in a drawer and
you turn the key new lock back key chain
so that's where you have your master
password you have a single password
overarching all your passwords that
keeps all these passwords secure
what this does is this finals you down
to having one Password having just that
single password
so you can put the complexity into it
the only have to memorize that one
password now
so last passes one app
dashed line is another one very similar
to last past
both of these ops and both are these
services have web sites that get you set
up
they synchronize through the cloud they
got absence on your computer that link
in your web browser
and their fully cloud managed cell
that's one thing to think about and keep
in mind the advantage that
is if your computer is stolen and your
passwords are encrypted on there they're
really not stealing your password lest
so you can take your computer with you
and take your password
list with you and you're not at risk for
losing it because if your password list
is only on your computer
and somebody was to steal that computer
only on your iPhone some used to steal
it
your password assist gone you're gonna
have
quite a long process proving who you are
questions about your mother's maiden
name and what street you grew up on
so we don't want your password list to
be stolen so that's where
their is an advantage in there is
western in store your passwords
in the cloud but going back to slide to
last past
in the case have them being hacked her
compromise
affirmation getting out there that's one
of the consequences are keeping
information in the cloud you're at the
mercy and you are trusting
knows that built the service to ensure
that their building at
arm effectively and securely
and properly cell in a sense nationally
in last passer to have the big ones that
are out there
definitely keep them in mind number
a year the pros and cons between them
when you start comparing password
managers you'll see on the screen
there's a password now says where they
rate your passwords and they tell you
how secure your passwords are arm
or if they're very unsafe if he did 1234
they probably put up a red X or stop
using the program if you get a pass for
that simple
and they tell you how many are weak
passwords or sites that have been
compromised bill actually alert
is compromised so that you know that you
gotta change those passwords or reuse
passwords
to use that one two three four and six
sites in this case I'll tell you they're
using a
so there are some advantages to these
programs
the third one that i'm gonna talk about
an actual gonna demo is called 1password
and you probably heard me mention that
earlier where you get that one pass for
and that's really where they got their
name from
1password is a password management tool
that manages your passwords generate
passwords
um also it allows you to have
credit card information saved in there
identities so
we've all seen those sites where you
wanna buy something and ask you to fill
out your address your name your street
address your postal code all that
information
with what
can have your identity information
filled in there and you clearly choose
I want my home address or work address
teaches the identity for as appropriate
it fills out with fairly decent accuracy
it all sometimes get a little bit wrong
but it fills out most in the password
information
are most in the identity information see
you're not spending all your time
filling out all the forms makes credit
card purchasing online way too easy
you can type a keystroke until their
credit card for him so
if you do like Amazon are you do like
shopping online it is a
to all that
easier I'm it also has a service called
watchtower where they alert you if
there's a compromise site
will tell you what's been compromised
and what to change
and there was a vulnerability and I
believe it was SSH keys
are not SSH keys sorry SSL which was the
encryption
are called heart lied about a year ago
and
that your web browser padlock and they
came up with a list of sites that
had that problem and were updated see me
what to change
so I'm gonna jump over to a little bit
of a dam on
this screen and I mean
do 1password give you an idea up
runs so when you're in
1password and P do you figure out
heard the purposes of today's doubts
1,2,3,4,5,6,7 you see it on screen a
little bit later
yeah it's one two three four five six
it's a demo account
so 1password I've already installed you
can get it from the App Store
you can download it you can buy from
their service I personally use 1password
because I control the synchronization
it's a way to synchronize
is between your iPad in your desktop
computer Mac or Windows
it looks the same I'm Des Moines on a
Mac but either way
it's gonna look the same and it allows
you to synchronize
and store all the information you need
so if you got a club card for
a calling store where they give us. a
digit customer number seem quite point
to be only go there once a year
you can store it in one pass for Tony
get this story just pulled up on your
iPhone get a number you don't need
carry additional cards that are in that
you need in your wallet and more
so that's one little perk with this
program as well as you can synchronize
data like that
in a basic sense you can store your
password
so in here I can go in and I can fill
out my
gmail password and my password is
asdf yes I know its a bad password
and I'm gonna say that so that's my
gmail password
it's not Foley handy because
doesn't know my gmail user name it
doesn't know my gmail account
there's a lot of other parts with it
that are missing
so what I'm gonna do is
I'm gonna go to gmail dot com
and we're gonna sign in with a different
account
with 1password what it does is it
actually watches your account and watch
as your science
so I'm gonna make up an account
and it probably actually many is my real
count
and I'm gonna take
third that is wrong but what one
password will do
is that allow you to save that password
so I can actually go in and I can save a
new login
and I can call it Google so when I push
save
sure that and this is a high-level demo
this is an every little incurred
intricacy that i'm gonna go through but
to give me an idea
what this does now is next time I go to
gmail I can choose Google
it knows my username it knows my
password
so all I have to do is hit the Google
account
and its gonna say in this case the
password you entered was incorrect
but if I enter my crack password and
saved it its gonna
let me log in with that much in the same
way
I was to go to hotmail dot com
and enter my hotmail dot com address
which that is not
when I hit sign in it actually gonna
come up and
one password is gonna ask me to save my
password so it's gonna say microsoft
because it actually Microsoft login
and I can name and go unit hotmail dot
com
and say that actually and then go back
and show you one more thing
must do
I didn't use 1password what you'll see
quite often and this applies and Mac
this applies in Windows Internet
Explorer a lot of your web browsers have
a built-in password managers well will
there
where they will try and save the
password management 48 yes it's secure
it is secure is your computer is but
keep in mind
that it's keeping all those passwords on
your computer
only in that one web browser 1password
dash Lane last pass they work among
multiple web browser so if you're
somebody that has chrome has Firefox and
switches between
P dot Mac and Windows if you've got an
iPad or Android tablet
this is where the password management
tools really start to shine as they have
that ability to synchronize among
multiple devices
and also if they're just
keep in mind that if you lose your
computer
password was
all that complexity that you're putting
in
is basically done wanted the
other advantages to all these password
management tools is
we all know and as I said earlier length
is greater the complexity so
in here if I was to sign up for a
hotmail account
I could put a password and I put in some
random characters and see if it stops me
and
I am halfway across that's probably
about 15 it still hasn't stopped me
so with one Password
I can use their password generator and
it's just like baking there's a recipe
so I'm gonna make the password 40
characters long
where six digits
and 10 or 12 symbols
if you're looking at this full screen
you'll probably be able to see the
entire thing
and that password I can't pronounce
I had no idea what it is but I can hit
fail
and 1password ok your pastor can be long
and 16 characters so microsoft does have
a llama
all that's fine so I'm gonna go out
I'm gonna go back to pass through
bring it down to 16 so it allows me to
utilize the maximum capability on the
system
so I got 16 random characters now there
we go
so when I go through and hit submit at
the bottom
not gonna create the account right now
missus don't wanna go on for ever
when I had some it one password is going
to come up and say
you want me to save your password
perfect hate yes
it saves your password you don't have to
worry about it its
got it in there the great thing with all
these
is a synchronized through something so
one Password you can synchronize 32
the cloud you can't synchronize through
Dropbox
you can synchronize from your computer
to your iPad directly
see aren't even going through the cloud
so there's a whole variety of ways for
you can save and synchronize these
passwords
so
I'm jumping back to one Password and
you'll see that it's got that Google
account that I saved earlier
it's got the Microsoft password that I
saved for hotmail earlier
it's got the sign up password so this is
where I was creating those passwords
and testing in the first one failed in a
sec
was in there if you need to use the
password elsewhere
you can click on them you can copy and
paste them and you don't have to write
them down you don't have to type in all
those
characters so you can probably start see
some the band is about having a password
management tool
so look at them weigh the pros and cons
and when you're selecting a password
management tool just keep that in mind
and then jump over to my iPad now
which I've got a synchronized copy of
one password on
and provide my synchronization works and
this is where I said you actually see my
password
their ego it's sinking
so as long that plays nice and
looks like it has there we go so there's
my Google and my Microsoft passwords
so this is the part that I love about
the password synchronization
is it's got the ability to get all your
devices in sync all your passwords in
saint and on the iPad
you can actually have it auto fill in
forms free so if you go to hotmail dot
com in a web browser
you can click a little button it'll ask
you for your $1 password to your master
password
and it'll fill in that password for you
um
note just about talking about these not
sponsored by any of these services
on the only difference is one password
is one that I've used for quite a while
I'm so I do stand behind it as a product
arm
it is about forty to fifty dollars
US to purchase it's cheaper to purchase
it directly from the 1password site and
buy it from the Apple Store Apple takes
a 30 percent cut
so they've taken that into account with
their Apple Store pricing so
buy it directly what to get one or the
other ones there's absolutely nothing
against them they're just ones that I
haven't used as their lead so therefore
I wanted to do a demo on one that I'd
used there early and could
out with these you can store credit
cards as I mentioned
self I add a new credit card I could add
my visa
cardholder name will make up a name and
will put in a number
there's that three digit pin on the back
that you always get asked for
on a website and then your expiry date
and will expire that already in January
so when I hit save it got my visa stored
in there
yes that looks like a visa number but
it's not and if I'm on a web site that
asks for a visa
I can just go up here credit cards
choose Beazer
in this case actually put my January 15
birthday cuz it
thought it was going out a visa who is
asking for credit card number
I would just do that and I'll fill in
the credit card number for me don't need
to go find your wallet
so handy but deadly depending on how you
look at it
so
what I'm gonna do now as I'm gonna jump
into a new section
that takes housewares to a whole new
level and its two factor authentication
so the service that I've used in the
service that really seems to be taking
off
it's a service call
cater and but it does it's an app to you
can get for
Android for blood
for I'll ass iPad's iPhones
it's a free service you don't have to
pay Google anything to use that
and what it does is it allows you to
have a second late
word so for most people a password
is something you know your password you
know your password
two factor authentication is something
you know it's something you have
you know your password but you have a
device
and devices your iPhone um some people
in corporate may have had a token
it's about the size I'll and some
by the size of your thumb it's a
keychain at some cases
and it puts a six digit code up there
that changes randomly
that is your second factor
authentication so
even if somebody gets your password even
if you tell someone your password
without that second factor they can't
get into your account
so what I did as I went out and found
a website that actually list sites that
support
patience so to fairly long list it's
probably about 40 pages long
but couple the high points things like
Dropbox lot of people use Dropbox
it supports SMS authentication it also
supports software
software would be good look and cater so
in the case in Dropbox when you look
wanna have to both and care they will
text message you a six digit code year
old
text the SMS ur texting function your
phone comes in handy
your phone is now that second device so
when you login with your username and
password
even if somebody gets your password they
can't do anything without that second
factor
so they either tax it here you go on
your phone lookup Google authenticator
and get the second factor
Google Drive Evernote banking
a lot of the US banks I haven't seen
many the Canadian banks
supporting HSBC which I know is in
Canada supports it thru her
that's what I was saying more about the
keychain one that a lot of people with
seen corporate
World Bank supports it through hardware
tokens I believe TD does as well
this is great but it's very much
corporate it's not
not a the home consumer regular
I'm type access that we've got yet so
if it's something you want deathly tweet
your bank it is something that I believe
is gonna come in
very handy because when your account is
compromised
hopefully your phone isn't compromised
at the same time where they haven't
stolen your phone
I'm gonna jump down to social
because that's where I see a lot of
people having issues having accounts
compromised
cell Facebook supports texting
offer implantation which is through the
Facebook app
Google Plus LinkedIn I'm
Instagram doesn't read it doesn't I'm
word press does so there's there's a lot
of sites that are starting to get them
there's more and more coming online
every day
but definitely
it two factor authentication so
in the case until they call it to step
it and cation to step 2 factor
pretty much the same thing it adds a
second layer security to
pretty well any account that you apply
it on so
to implement two-factor authentication
you're gonna download it now
called Google authenticator or
you're gonna set up the service to link
it to your phone by text message in the
service will just say do you want text
message or you want to love and care if
those are the ones that it supports
once you sign up in the service and this
is something you would do
inside Gmail or inside Hotmail or inside
Facebook
you would sign up and it would put up
one and those two-dimensional barcodes
that look like a computer just spewed up
some garbage
you hold up your phone to it the phone
takes a picture a bit and knows exactly
what the service
thing want to take that picture
your phone now has this 6-digit code
rotating on the screen about every 30
seconds a new codes gonna
here so even if you give somebody your
password and you get in at six digit
code
in 29 seconds it's gone doesn't matter
if they've got your password
while this is not a
recommended solution you could if you
use two factor authentication you could
have a very simple
and the same password fall for your
site's I don't in any way recommend
doing it because hopefully you're
probably considering putting a password
manager and
so you can
passwords at
actor indications so if that one pass
rate does get compromise that single
site if you do you have
her a Pay Pal phishing scheme and you
fill it out only that one side has been
compromised
and with the tooth
Asian they're not really getting any
further so
this is a screenshot Google using
two-step verification
in this case this franchise demo ing
text messaging so when you log and
they're gonna send you a six digit PIN
code
and you would enter that six digit PIN
code hit verify
and your and and your account is now
proven as to who you are so
this is a way where you could use
what I was talking about earlier with
that hotel shared computer
here but you do have two factor
authentication you've added that layer
because
click Log Out that 60
uncompromised is useless because a new
six digit code
is going to be coming right away
so definitely consider two factor
authentication
it's something that you can implemented
most sites will give you a recovery key
and if all else fails if my phone fell
in the toilet and I really need to get
in
or my phone got erased in all my Google
Earth and caters
got lost keep track in those recovery
key stadium somewhere like I said that
paper book
keep it away from your computer put in a
file that's not called passwords
call it meals I bake for my dog
something that's obscure that you can
say that password somewhere else
say that master recovery
last thing you want is having that
recovery key get out there
as my cane and if all else fails second
authentication toter
to Sac to staffers to
so I hope that gives you a little bit of
insight
so when you're looking at it make sure
you select a strong password
make sure you got a way to manage your
passwords
and death
supports it consider two factor
authentication we're gonna see more and
more sites supporting it
probably in the coming weeks months and
deftly in the coming years
it's definitely becoming something that
is common
and getting to be more more common
everyday so
as it comes out keep your eyes open
look at two-step verification and less
any other questions
in the next short while and then wrap up
the presentation there
thank you for watching like this video
be bad appreciate if you hit the thumbs
up down below
if you wanna see more of these you can
definitely subscribe
below the video once we finalize it and
push it up to YouTube it'll be up there
in final form probably in about 15
minutes
there'll be an
or visit us at obey compete
a and you can do send us any suggestions
for future videos if you want to take
any the topics today
or another topic more in-depth we love
to hear from you so it's completely
community-driven whatever you'd like the
topics to be
send them our way and we hope you
subscribe and we hope you follow us on
Facebook and Twitter
and thanks for watching we appreciate
you joining us this evening