Results 1 to 4 of 4
  1. #1
    Senior Member
    Join Date
    Oct 2008
    Location
    Auckland
    Posts
    453

    Default CERT Campaign re Passwords

    Can I assume that many of you received this email today?
    I think it is productive.


    Kia Ora,
    This month, CERT NZ is launching a bold, new campaign to help people better protect their online accounts by using passphrases a random phrase, or mix, of four or more words.

    Recent research* has shown that New Zealanders aged 18 35 arent strong on using secure passwords but are very receptive to the idea of using passphrases as an easy way to create and remember an account login.
    The major challenge with this audience is that they are served a large amount of advertising, so we needed to come up with a unique campaign that would have impact to help educate them on an easy way to safeguard their accounts, starting off with the most at risk: email, bank, and social media.
    How the campaign will be delivered
    Big Password Energy will feature on digital billboards, and posters across main centres and regional areas where advertising space is available. CERT NZ will also actively promote across our social media platforms.
    How you can support the campaign
    We encourage everyone to get behind the campaign by sharing the campaign posts from CERT NZs social media channels. If you would like assets to share directly, let us know. We will be able to share a sneak peek of the campaign creative next week.
    All social media posts and advertising will link to a CERT NZ campaign page which will be live from 18 July at CERT.govt.nz. We will share the URL for this page when the campaign launches.
    *This research project looks at the New Zealanders cyber security attitudes, behaviours and motivations. These findings will be publicly available in August. If you would like more information into the audience we are targeting, just let us know.

    Save the Date: Cyber Smart Week, 10 16 October 2022
    Were in the planning phase of the CERT NZs cornerstone awareness event, Cyber Smart Week.
    Well keep you updated as we progress and ask that you save the date for 10-16 October 2022 as wed love to have you onboard again as we work together to help New Zealanders improve their online security.
    The campaign will carry on the bright, fun, and accessible creative approach from previous years and be designed to consider all audiences.
    Ngā mihi,
    The team at CERT NZ

  2. #2
    Senior Member 1101's Avatar
    Join Date
    Jan 2008
    Posts
    7,825

    Default Re: CERT Campaign re Passwords

    They seem to have an old fashioned view of password security.

    Even a 10 character pass of just letters can be cracked in 4 minutes
    And having overly long or complex passwords means people just write it down I tape it to the monitor (not good in business environments) .
    I often see passwords written down & stuck to monitors .

    Ive worked for a company who had too complex pass requirements . A pass that couldnt be remembered & had to be changed every 6 weeks. So everyone just wrote the pass on a bit of paper stuck to the monitor .

    Then you have the issue of staff re-using that same password for many other things , and of course that leads to hacking issues .

  3. #3
    Senior Member piroska's Avatar
    Join Date
    Dec 2017
    Location
    Pet Cemetery
    Posts
    4,120

    Default Re: CERT Campaign re Passwords

    And most sites dictate what you have to use anyway.
    At least 8 characters inc a number, a capital and a special character.
    Ugh.

    Of course most people then do
    Password!
    Ex-pctek

  4. #4
    Senior Member 1101's Avatar
    Join Date
    Jan 2008
    Posts
    7,825

    Default Re: CERT Campaign re Passwords

    Relying on passwords ONLY is relying on outdated thinking.
    Really should be looking at 2fa more than trying to 'fix' passwords

    Heres what MS recommend
    https://docs.microsoft.com/en-us/mic...o365-worldwide

    and what MS dont recommend is interesting
    Password expiration requirements do more harm than good, because these requirements make users select predictable passwords

    Password length requirements (greater than about 10 characters) can result in user behavior that is predictable and undesirable.

    Password complexity requirements reduce key space and cause users to act in predictable ways, doing more harm than good
    Most people use similar patterns, for example, a capital letter in the first position, a symbol in the last, and a number in the last 2. Cybercriminals know this so they run their dictionary attacks using the most common substitutions, "$" for "s", "@" for "a

Similar Threads

  1. New cert rules and sbs2011 and iis/owa
    By FAB in forum PressF1
    Replies: 1
    Last Post: 02-03-2013, 09:55 AM
  2. The new Bus advertising campaign..
    By Empathy. in forum PC World Chat
    Replies: 7
    Last Post: 13-07-2011, 03:26 PM
  3. Can any one help (Cert 4)
    By Tarantula in forum PC World Chat
    Replies: 1
    Last Post: 29-06-2006, 01:13 AM
  4. Replies: 1
    Last Post: 21-05-2002, 09:06 AM
  5. Replies: 1
    Last Post: 29-05-2001, 10:23 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •