What makes a secure password secure?

Write a thread containing a thoughtful answer to 1 question. Answer should contain at least 400 words. If necessary, you may list within your thread any concepts on which you need further clarification as well. Also, you must reply to at least 2 threads below. Each reply should contain at least 200 words. Additionally, all posts (thread and replies) should reflect professional writing, current APA standards, include at least 1 scholarly reference (e.g., peer-reviewed journal articles), and integration of at least 1 biblical principle.

Thread Question:

What makes a secure password secure?(Answer in at least 400 words)

Replies(Reply to each thread in at least 200 words EACH)

Thread #1

Explain: Data Remanence, Distributed Denial of Service, SQL Injection, Emanation

A distributed denial-of-service (DDoS) attack is an attack launched from many places at once. The objective of a DDoS attack is to incapacitate a system or service in a way that is more difficult to block than an attack originating from a single location. A DoS attack that originates from a single system is easy to block by configuring a router to drop packets from the attacking system. However, a DDoS attack can simultaneously originate from thousands of systems, making it virtually impossible to block by any normal means. However, the business impact of these attacks can be minimized through some core information security practices, including performing ongoing security assessments. In addition, solid patch management practices, email phishing testing and user awareness, and proactive network monitoring and alerting can help minimize an organization’s contribution to DDoS attacks across the internet.

Computer and network hardware devices employ high-speed electronics that can emanate electromagnetic radiation (EMR). Sometimes these emanations contain data that can be sensitive in nature. Examples of emanations are network cabling which if not terminated properly can emanate EMR. Older computer monitors and emit EMR which could contain information what is being displayed. And processor chips can emanate EMR giving information about processing data.

Data remanence refers to data that remains on a storage device. Data can remain on a device even after a user removes the data. Examples of data remanence are deleted hard drive files, formatted hard drives, and USB flash drives. Deleting files does not actually remove them, it only dereferences them. There are tools available to easily recover these files as needed in their entirety. This is critical to be reminded of if we sell old computer or laptops to someone after a hard drive has been formatted. As I remember there is what is called DOD wipes that supposedly actually wipes the drives.

A script injection otherwise known as code or SQL injections occurs when software programs do not parse input data for script commands. Crafted SQL statements can be inserted into an input field and cause the database server to execute the injected statements.

As I think about these subjects the following biblical reference comes to mind. As a Christian, I should emanate the fruits of the Spirit to those around me. If I’m focusing on God’s Word I will emanate the fruits of the Spirit. If not, I will emanate the fruits of the flesh which is sin. We should live Gal. 5: 22-23

Thread #2

Remembering Passwords at Work

Secure password: T!3c4J@q!9xD&Y4t

A secure password should be a string of keys that have absolutely no meaning and no personal context. This will make it incredibly hard for other individuals to decipher or crack a password, but having a strong secure password does nothing if an individual is able to get that information from the computer’s operating system or from applications that can store a user’s password. “MD5 and SHA-1 are the most popular functions used for storing passwords. The main problem is that they were not designed to serve such purposes.” (Boonkrong and Somboonpattanakit, 2016). If these are the most popular forms of storing passwords, it is easy to assume that different applications may use one of these two methods to store the saved passwords for their application’s users, and using this logic, we can presume that passwords are not safe when they are saved on an application. This is only one external threats associated with saving your password to applications and computers at work. Individuals working in medium to large sized business must always be cognizant that a potential threat may lie within the organization they work for. In the event that you leave your workstation and forget, or decide not to, log out, you are giving someone complete access to all applications, websites, and data that your saved credentials normally give you access to. This can mean endangering your personal information, such as bank account numbers, family data, etc., as well as endangering valuable company data that said individual may not have access to at their position. This can cause great lose for the company, and if the leak is traced back to an individual’s workstation, it could cause that individual to be demoted or lose their job. Although storing passwords in applications or in the operating system can increase the ease of logging in, the benefits of an extra few seconds of work doesn’t out way the potential cost of secret company information being leaked. By keeping user names and passwords in a secure location and physically entering passwords every time an employee logs in, it gives the company, its employees, and its stakeholders a piece-of-mind in knowing that their data and information will not be taken because of a fault that they have created. To protect company, employee, and stakeholder interests, it is imperative that all employees manually log in to each system every time they log in.

"Get 15% discount on your first 3 orders with us"
Use the following coupon

Order Now
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *