WEBVTT 00:00:00.040 --> 00:00:08.000 when you really stop and think about it we live in a depressingly insecure 00:00:04.640 --> 00:00:09.679 unsecure both of them probably world 00:00:08.000 --> 00:00:16.279 chances are the only thing standing between your stuff and a bad guy are 00:00:13.320 --> 00:00:19.920 some very shatter Windows you're only a few feet from hitting another car head 00:00:18.039 --> 00:00:25.320 on when you drive down the street and your private conversations and finances 00:00:22.560 --> 00:00:30.119 are kept safe online by a short string of characters I mean I'm not trying to 00:00:28.119 --> 00:00:35.360 make you feel afraid or paranoid or anything but what I am trying to do is 00:00:32.559 --> 00:00:40.520 highlight the importance of password security many people are unaware that 00:00:38.320 --> 00:00:45.760 simply putting a password on something does not make it all that safe 00:00:43.680 --> 00:00:51.039 especially as lots of commonly used passwords are about as secure as a 00:00:47.960 --> 00:00:55.280 screen door in a hurricane I mean 00:00:51.039 --> 00:00:56.800 obviously passwords like quiry 1 2 3 4 00:00:55.280 --> 00:01:02.079 and the name of your favorite sports team are horrible choices because 00:00:59.000 --> 00:01:04.960 they're incredibly easy to guess but if 00:01:02.079 --> 00:01:10.880 you pick something that's obscure and difficult for someone who doesn't know 00:01:06.360 --> 00:01:14.200 you well to Divine does that necessarily 00:01:10.880 --> 00:01:17.320 even mean that safe well that all 00:01:14.200 --> 00:01:20.640 depends on the way passwords are stored 00:01:17.320 --> 00:01:22.479 secure websites hash your password 00:01:20.640 --> 00:01:28.400 meaning that it is passed through an algorithm that is extremely difficult to 00:01:25.520 --> 00:01:33.880 reverse with the output being what's stored on the server the problem though 00:01:31.360 --> 00:01:39.240 is that because many sites use the same algorithm such as the one in the 00:01:35.880 --> 00:01:42.920 commonly used sha series an attacker can 00:01:39.240 --> 00:01:45.079 run lots of common Andor short passwords 00:01:42.920 --> 00:01:51.200 through the hash quickly and then compare that to Hash password stored on 00:01:47.840 --> 00:01:53.799 a server to see if any of them match and 00:01:51.200 --> 00:01:59.280 even though this can be prevented using a technique called salting which adds a 00:01:56.680 --> 00:02:06.000 random numerical string to your password before running it through a hash many 00:02:02.479 --> 00:02:08.440 secure websites don't bother salting 00:02:06.000 --> 00:02:12.920 meaning it can actually be quite easy for an attacker to guess your password 00:02:10.520 --> 00:02:18.280 with Brute Force which means simply trying as many passwords as they can 00:02:15.239 --> 00:02:20.480 until one works in fact most eight 00:02:18.280 --> 00:02:25.599 character passwords can be cracked in only a couple of days using this method 00:02:22.959 --> 00:02:30.720 with a reasonably powerful modern PC fortunately though the solution is 00:02:28.480 --> 00:02:35.760 actually quite simple you use longer passwords having a pseudo random 00:02:33.280 --> 00:02:40.440 password with just 12 characters instead of eight means it could take thousands 00:02:38.680 --> 00:02:45.440 of years for someone to brute force your password instead of a couple days and if 00:02:43.519 --> 00:02:50.000 they eventually do succeed you'll probably be too dead to care of course 00:02:48.440 --> 00:02:55.800 you also want to make sure that your longer password doesn't incorporate 00:02:52.720 --> 00:02:57.840 other common password mistakes even a 00:02:55.800 --> 00:03:03.120 long password made up of shorter dictionary words or containing repeated 00:03:00.480 --> 00:03:08.799 strings of characters can be vulnerable due to those individual elements being 00:03:05.959 --> 00:03:13.480 easier to guess so while length is probably the most important variable the 00:03:11.560 --> 00:03:20.040 best thing to do is to use long passwords made up of random characters 00:03:16.440 --> 00:03:22.040 including symbols but Luke I guess the 00:03:20.040 --> 00:03:27.519 script was written for him how am I going to remember a huge password with a 00:03:24.239 --> 00:03:29.360 bunch of pound signs and colons in it 00:03:27.519 --> 00:03:34.920 well there are quite a few password manag out there that not only store and 00:03:32.400 --> 00:03:39.920 autofill your passwords but also generate pseudo random passwords quickly 00:03:37.879 --> 00:03:44.319 so you can use a different one for every site just make sure that whichever 00:03:42.319 --> 00:03:50.519 password manager that you're using stores all your passwords with heavy 00:03:46.840 --> 00:03:52.280 encryption including salting and yes 00:03:50.519 --> 00:03:57.159 there is a reason I keep saying pseudo random by the way instead of random 00:03:54.959 --> 00:04:02.480 software random number generators that pump out random passwords can never be 00:03:59.840 --> 00:04:07.519 truly random as they work by performing operations on a small initial number 00:04:04.920 --> 00:04:12.200 called a seed which introduces slight bias for certain characters of course 00:04:10.439 --> 00:04:16.320 for the purposes of creating a secure password this bias is negligible for 00:04:14.480 --> 00:04:20.280 most users so don't worry about that too much because after all in a universe 00:04:18.639 --> 00:04:28.800 where every action has some kind of a consequence can anything be truly 00:04:23.639 --> 00:04:30.320 random whoo speaking of wo audible.com 00:04:28.800 --> 00:04:36.000 is the leading provider of audiobooks with more than 00:04:32.199 --> 00:04:38.960 180,000 I mean imagine that for a second 00:04:36.000 --> 00:04:44.320 180,000 downloadable titles across all types of literature including fiction 00:04:40.919 --> 00:04:46.120 non-fiction and well I mean that pretty 00:04:44.320 --> 00:04:50.600 much covers it it's either about a real event or it's not or maybe it's 00:04:48.160 --> 00:04:55.680 somewhere in between audiobooks are great to listen to when you are I don't 00:04:52.440 --> 00:04:57.320 know stuck in traffic on the subway um I 00:04:55.680 --> 00:05:02.039 even had one of our viewers say that he listens while on his forklift at work 00:04:59.720 --> 00:05:06.520 please don't do that there are plenty of other great options like working out at 00:05:04.080 --> 00:05:10.560 the gym forklift drivers please have some awareness around you and for our 00:05:08.560 --> 00:05:15.360 audience members audible is offering a free 30-day trial just head over to 00:05:13.160 --> 00:05:20.240 audible.com tequ we've got that Linked In the video description and browse the 00:05:16.960 --> 00:05:22.639 over 180,000 audio programs I guess 00:05:20.240 --> 00:05:27.759 that's in there twice good job Colton download one title for free and start 00:05:25.759 --> 00:05:31.600 listening it's that easy to try out the service they got all kinds of great 00:05:29.280 --> 00:05:34.919 stuff including if you haven't had enough Star Wars and like you watch the 00:05:33.720 --> 00:05:40.639 movie like six months ago and you're like when's more Star Wars coming you can check out Star Wars bloodline New 00:05:38.280 --> 00:05:45.160 Republic by Claudia gray which takes place before episode 7 it might give you 00:05:42.960 --> 00:05:48.039 a little bit of insight into like some of the stuff that happened where you're 00:05:46.479 --> 00:05:52.319 like who are these people why do they know each other what are they 00:05:50.000 --> 00:05:56.720 saying so check it out and get a 30-day free trial at 00:05:53.840 --> 00:06:00.240 audible.com tequ thanks for watching guys if you like this video boom if you 00:05:58.680 --> 00:06:03.680 disliked it boom boom if you want to check out our other channels boom if you 00:06:02.039 --> 00:06:10.360 want to comment with a video suggestion boom and if you want to subscribe and follow come on 00:06:07.360 --> 00:06:14.240 subscribe or 00:06:10.360 --> 00:06:14.240 follow yes