Operating Online - Security Measures Flashcards
What can you do to stop someone accidently using your online accounts?
- Log out / sign out
- Set a password/PIN
- Disable/don’t enable automatic payments
- Don’t save payment/account details
Can you name 3 characterisitcs of a strong password?
More than 5 characters long
- Mix of numbers and letters
- Mix of UPPERCASE and lowercase and letters
- Inlcudes special characters (e.g. @ * % $)
- Not a common word (e.g. chocolate, school)
- Not a word linked to the person (e.g. their name, date of birth, pet’s name)
Is ‘hello’ a strong password?
No. It is a weak password because it is a common word
Is ‘joH967*” as strong password?
Yes. Because is: More than 5 characters long
- Mix of numbers and letters
- Mix of UPPERCASE and lowercase and letters
- Inlcudes special characters (e.g. @ * % $)
Which one of these is the strongest password
A a$5w0aq56
B Alex1977
C Pa55word
D password
A a$5w0aq56
What is this image an example of?
CAPTCHA Test (which is a Challenge Response Test)
What is the purpose of a challenge response test?
The user is ‘challenged’ by a website to authenticate themselves. This will:
- improve security
- prevent spam
- ensures the user is a human and not a robot
- Only humans can interpret a challenge test, not a robot because robots cannot read
Can you name at least 3 differnet types of challenge response tests that a website might ask you when logging in?
- Memorable phrase.
- Choose numbers from a memorable date
- PIN code / passcode / user ID
- Choose a memorable image
- Choose a memorable sound
- Biometric data (fingerprint etc)
- CAPTCHA test
Why do some websites ask you to enter your password twice?
To verify that your he password was typed in correctly the first time
What is a disadvantage of a web browser remembering you password?
- Could be a security risk because it could allow others to access your details/account
How might a website save your details using a browser?
Infomration could be saved in a cookie
What is a cookie?
A cookies are small text files that are sent to your computer from certain website.
What do cookies from website do?
Cookies saves information about you, your behaiour, preferences and transactions
When & why should you not use ‘remember my details’ when logging on to a website?
- You should not select ‘remember my details’ when you are using a shared computer.
- If the computer remembers your details that someone else could use the computer and log into your accounts
How does this challenge response question improve security?
- It prevents a website logging key presses
- Only some of the PIN is requested / numbers requested from the PIN change
- The asterisks prevent the PIN number being viewed
Why do websites use passwords?
- To ensure that it is you carrying out the action
- To stop other people from pretending to be you
Can you explain 2 reasons why websites send you an email to accivate your account?
- To check that your are real & so to prevent automatic sign ups
- To prevent fraud by verifying your identity
- To verify the your email address so that you can be contacted if username / password is lost / forgotten
Can you name at least 2 ways you know that a websie is secure?
- URL begins ‘https’ (not http)
- Colour of address bar (usually green)
- Padlock symbol
Can you list 3 things you must do to keep your password secure
- Don’t write it down
- Change it regularly
- Don’t tell anyone your password
- Don’t allow anyone to watch you type it in
- Avoid allowing browsers (on shared/public PCs) to remember the password
- Use different passwords for different sites
- Encrypt passwords
How do criminals use viruses to steal your personal details?
Viruses, such as trojans, can record all your key presses and then send this to the criminals. This way they can record all your personal details by recording what keys on the keyboard you press when you are asked to type in a password or credit card details etc.
Can you name at least 2 ways to protect yourself against viruses?
- install and run an antivirus programme
- Do not open attachements from people you do not know, or look suspicious
- only download from trustworthy / reputable web sites
- Install a firewall to prevent unathorised programmes from accessing your network / computer
