Monday, October 29, 2018

When it Comes to Passwords, Complexity is Key

Every time you open a new account or are forced to change your password, you’ve probably been prompted to make sure that your password is a strong one. These days strong is not enough. A complex password is what you need.

Attackers have easy access to programs that can attempt to “brute force” guess your password. If passwords are not complex enough, this can take seconds. You have undoubtedly heard that your password should contain at least one uppercase letter and number and be at least eight characters long. That is OIT’s standard for our state workforce, but this may not be enough. Special Agent Scott Augenbaum (Ret). of the FBI’s Cyber Crime unit devised an easy way to make sure that you have complex passwords.

A helpful practice is to use a sequence that makes sense to you for your passwords:

  • You pick one number and one special character (like *2).
  • Then you use that combination at the front and end of your password *2xxx*2.
  • You can use a sentence that describes the account you use, but only using the first letter of each word.

This way, you can create complex passwords, and all you need to remember is your number and special character and a simple phrase. Here’s a couple of examples of how it would work.

For an Amazon account, you could use ‘Love to shop at Amazon’ as the phrase + your number/special character combination, so the password would be *2Lts@A*2. If someone were to see this written down, it would not make much sense.

For Bank of America, you could use ‘This is my Bank of America account’ *2TimboaA*2 or ‘Love to bank at Bank of America’: *2Ltb@boA*2

Note: some sites or apps like Bank of America will only accept certain special characters. If they do not accept your default of * for this example, make sure to note that you have used a different one for that site.

This method will also ensure that you are not using the same password for multiple accounts. As you know, this is dangerous because if an attacker can find your one password, she or he could have access to more than one of your accounts.

If this method isn’t for you, you can also use password creating/storing apps like LastPass or One Password. The important thing to remember these days is that strong doesn’t necessarily mean secure, complex is the key for password security.

Today's blog comes from Chelsey Vance, OIT Risk and Compliance, Senior Risk Analyst.

Thursday, October 4, 2018

Trailblazing Southwest Colorado

Today's blog comes from Anthony (Tony) Neal-Graves, the executive director of the Colorado Broadband Office. Tony is responsible for driving the state’s broadband strategy and utilizing public and private sector relationships in communities across the state to support broadband expansion.

Did you know that some of the most beautiful stands of aspen trees can be seen in southwest Colorado as they turn in September?

As part of our goal within the Broadband Office to engage, encourage, and support local communities in their efforts to ensure residents and businesses have access to high speed broadband, I spent several days in the area hosted by Miriam Gillow-Wiles of the Southwest Colorado Council of Governments (SWCCOG). In many ways southwest Colorado is an original trailblazer in the development of broadband infrastructure through the Southwest Colorado Access Network (SCAN) project. In 2011, middle mile infrastructure was deployed with funding from DOLA to connect anchor institutions across all counties within the COG. As a result, the school districts, county, and municipal facilities have high quality access.

I visited Pagosa Springs to meet with town and the county administrator. They are working together along with neighboring Hindsdale County to finalize a broadband strategic plan in the next month. This was my second time in Pagosa Springs and it is great to see the steady progress. I also met with stakeholders in Durango, Silverton, and Cortez as well as officials from La Plata, Montezuma, and San Juan Counties. It is exciting to see the engagement across all these communities to solve their infrastructure needs with the support from the private sector and state government.

One of the highlights was my stop at Osprey, a global supplier of backpacks headquartered in Cortez. During my visit, it is clear that Osprey could not maintain its presence in Cortez without the access that they have to
reliable broadband services. It is also clear that there is a strong collaboration between Osprey and the city of Cortez to provide reliable services as well as recruit other businesses to the town.

Every community understands the need for high quality broadband and the impact it has on all aspects of life from education, to healthcare, to public safety, to economic development.  The strong commitment to bring high-speed broadband to towns throughout Colorado makes my job one of the best!