Managing Passwords Trivia Quiz

Answer: A very long list of random words combined with symbols

The longer and more complicated a password, the less likely it is to be hacked. Security advisors suggest using a very long list of random words strung together. The longer the password, the less likely it will be hacked. Remember that "#&5%@>$" is no more difficult than "pancake" for a computer program to decipher, and most hackers don't try to figure out passwords on their own.

Instead, they use software to try to steal passwords.

Answer: "123456" and "password"

Despite warnings from cyber security experts, many people continue to choose these easy-to-hack passwords. If passwords are hacked, criminals can gain access to banks, social media accounts, business accounts, and steal identities.

Answer: False

Passwords should never be used more than once across your accounts. If hackers gain access to one password, they can often gain access to other accounts if you do. So, even though it is a pain to remember all of them, you should have a different password for each account.

Answer: Brute force attack

It is called a brute force attack because of the enormity of the job. It is impossible to do manually, so hackers create specialized tools that process the checks for passwords millions of times per second. Longer passwords are recommended because shorter passwords mean that the brute force attack will be quicker.

Answer: A system of confirming the user with a combination of two different factors

Two-factor authentication is used when a system requires the user to present two of the following: something they know, something they have, or something they are. A good example is a bank withdrawal from an ATM. The user must present a bank card (something they have) AND a password (something they know) in order to gain access to the accounts.

The "something they are" factors can include a fingerprint, an iris scan, or voice recognition.

Answer: Phishing senior executives

Phishing is a term that is used for the fraudulent attempt to gain access to passwords, usernames, and other sensitive electronic information. In the case of "whaling", senior executives are targeted for business passwords. Individuals in these phishing attempts typically send in official-looking email with attachments such as customer complaints or subpoenas that request the sensitive information. Executives are asked to respond with information that allows the phisher to gain access to sensitive material.

Answer: A series of nonsense words strung together

A passphrase is often easier to remember, while being more secure than passwords. Phrases such as "it cost $7 for to smoke the tuna fish tires at the amusement park in Cleveland" (with no spaces) makes a nice long string of seemingly random letters, numbers, and characters that will satisfy most password systems.

They can even be created to work at the site where they will be used. E.g., for home computers, "Jesse liked to rattle the snake 18 times when he arrived home each night". For bank accounts, "The revolving door at the bank turned 78 times when Mr Pickles ate a pastrami sandwich". For work accounts "Fireworks were allowed at work if Ms Jayne ran 28 times around the path at Fireman Jacobs Park".

Answer: Your email password

If you think that anyone has accessed your password, change your email password immediately. Many times, e-crooks use email to unlawfully access personal information such as passwords, home addresses, and telephone numbers.

As soon as you change your email password, go to all financial and shopping sites that you use and change passwords across all accounts. In the financial and shopping accounts, check for any unauthorized use such as withdrawals that you didn't make, or purchases that you didn't complete. Check that your shipping/billing addresses are correct on all sites. E-crooks will often fraudulently purchase items on others' accounts, then sell items to raise money for themselves. This is extremely difficult to correct, so if you find any unauthorized changes or uses, contact the financial institution or shopping site immediately to get any help that they can offer to solve the problem. Be sure to change all passwords on your financial and shopping accounts there even if no unauthorized activity is found, and further monitor those sites for unwanted activity.

Finally, change all other passwords on social media, entertainment, and all other accounts that you have. If one account was compromised, it is good practice to change all your passwords, then schedule password updates every few months. Of course, it goes without saying that all passwords should be unique to each site.

Answer: No

When using these security questions, you should choose a different answer all the time. You should also make sure that the answer to the question is just as difficult as your password. If you choose one that is familiar to everyone you know, that is not terribly secure.

Answer: Authenticator sites

Authenticator sites, like Google Authenticator, generate new numbers every minute or two as a "second password". The number code is sent via text and both it and your password are required to get into your account. It is an extra step, but does allow you to have confidence that your passwords are a bit more secure.