Password Security

Passwords are a major problem in today’s society when it comes to security. Companies try to be smart and make it difficult for perpetrators by introducing a company policy that says that you have to change your password very often because it will be difficult for the perpetrator to get a password that holds then.

That’s what they think …

The problem is we humans are unlucky overall when there will be loads of different passwords randomly in our heads.
So forcing users to change passwords often will only lead to passwords becoming weaker and easier for the perpetrator to crack them.

For example, a password is Company20201 and next time they need to change then the risk is that they will change it very simple for them like Company20202 and so on because they have to do that too often.

Another trick for figuring out anyone’s password is a corporate name, siblings, children, pets, where the person lives. These points should be avoided.

Suggestions are to have some type of password manager there are several out there. Such as, which is very popular in the private sector. Then you can use some kind of password manager, for example, to generate the password.
There many sites like that out there.

So the passwords become very difficult but at the same time, you have for example KeePass so you don’t need to keep track of them or remember them all.

Check if your account has been breached
List of the most common passwords

Security two-factor authentication

There are many users out there that have never heard of two-factor authentication but why?
Nowadays with all cyber attacking, Hacking, Spamming, Spoofing, ransomware and much more out there.

People should be more careful, and the company should take extra thought around security.
There are two big problems one is money for some that would we big investment and that might not be worth it according to too them. The other problem is that Security is strong as its weakest link and that is a big problem almost everywhere which means mankind is the week link.

So what are the benefits of two-factor authentication?
The advantage is that we need to get in from old secret usernames and passwords because this is a major weakness to infinitely many different systems.

Two-factor authentication means is an extra layer of security. So username and password are not enough anymore. Without including Google Authenticator, Microsoft Authenticator or other Authenticator from trusted companies using RFC 6238

Statistics have shown that this remedy can reduce those affected by more than 90% there are many.
Imagine your Banks, Trading, authorities, etc who handle money or sensitive information.

But security is usually an expensive expense until a problem arises, but then it can be too late. Take for example a Norwegian company for the cost ransomware attack over 57m dollars it is a lot of money.
It can grow quickly when something goes wrong.

So they should start thinking about it, because rather pay extra for raising security not just two-factor authentication, because if I go wrong I then there is a risk that it will be expensive and many people can lose their job on this.

Find my BitLocker recovery key

If you don’t know your BitLocker key but you have your BitLocker recovery key, you can use that recovery key to unlock your drive. The BitLocker recovery key is a 32-digit number stored on your computer. Here’s how to find your recovery key.

  • Places to look for your BitLocker recovery key
    • On a printout, you saved: Look in places you keep important papers.
    • On a USB flash drive: Plug the USB flash drive into your locked PC and follow the instructions. If you saved the key as a text file on the flash drive, use a different computer to read the text file.
    • In your Microsoft account: Sign in on another computer or phone to see Bitlocker recovery keys. 
    • In your Azure Active Directory account: For work PCs where you sign in with an Azure Active Directory account, to get your recovery key, see the device info for your Microsoft Azure account.
    • In your on-prem Active Directory, where organization have done this is how to configure then you can get it from Active Directory. Contact IT support if you not part of it.

if you have problems logging in and don’t know your recovery key
try this it might work.

Synology DiskStation Protection

Lately, many Synology exposed online have been hacked to have their content encrypted.
It’s very hard to protect against that.

But this is some things you should look in too.

  1. Make sure you have very hard and difficult password, which is not used anywhere else.
    Need help with create a difficult password – passwordsgenerator
  2. Make it harder for someone to access your Synology
    Go in to Control Panel on you DiskStation

Then go to Security, here you can setup if someone tries too many time within time period, IP address will be blocked.

There from you can pick if the IP should be blocked period of time or forever.