Hi. Do you remember the unit about weak passwords? It was a concern in cyber security. But do you know what you know, which is the biggest concern you have is about Password Management. There are threats that can expose the security of your password. You can think you have your password store in a sacred place and you've seen this kind of threats for example, shoulder surfing. Your password can get exposed on the internet. If you see even the disclosure of your password, there are many ways of doing so is another risk you have to face when Password Management is in place, okay? The last one is whenever you reuse the credential in several services, so be careful we will go in deep. Shoulder surfing I said, it is very important to understand that whenever you are typing your password or putting a pattern in your mobile phone, got you, you can be in a dangerous situation because someone can be watching you from behind or even they can have a camera that is recording everything you are typing in the keyboard or the pattern. Even thermal cameras, thermographic ones whenever you put up in cold for example in a path, you can see every key is getting colder because it was the first typed thing, so be careful with these kind of attacks. Okay Roman, my turn. Okay. This is a real threat that it's not very important threat, but the good news are that we should only apply common sense to protect ourself. Thus apply always common sense, is when for example, you go to withdraw money within an ATM machine. You had your typing or even you look back to search for someone spying you. Here is the same. When you use your mobile phone or you use a computer or a laptop, always apply common sense. Always try to hide your typing, okay? I think that would be enough. Right. Okay. I can bet this guy will be back soon. I have another opportunity. As you remember, we talked about the disclosure of the passwords. Let us go for this. Typical disclosure of passwords is whenever you put a Post-It on your workspace, and it's very dangerous because many times this password as you will see later, is reused in other services, but don't expose your credential with a Post-It or even don't attend someone that is calling through a telephone call, asking for the password, the typical I'm the sysadmin. You have a problem with your mailbox, please give me your password so I can access and solve this nasty problem you are having, okay? Oh no, he's back. Excuse me Roman. Yeah. Okay. This is an important threat but again, we just can apply common sense. You have never reveal your password. Never. But if the sysadmin is calling? You have never reveal your password. Never. But I. Never reveal your password. Never, okay? So just relax, think about the context, think about the situation and never reveal your password. So yeah, don't cheat people. I see, I see. Okay. I have the last opportunity of getting your credential. Remember reusing the password, password sharing amongst services. It's very important. If you register, for example your account in Yahoo, in 2007, you may use for example these very secret password 1-2-3 4-5-6, remember from the Post-It and then some years later, you use the exactly the same password for Amazon, Linkedln, Gmail or wherever the service you are using. If Yahoo get hacked, it is having problem because your password, your original one, it is exposed in Internet and whenever it is exposed to the internet and you reused it in Amazon, someone can get into your account and buy things. For example, buy me a car with your very secret password remember. Very interesting in Yahoo hacked, they were leaked around three billion, three billion credentials on Internet. Just imagine all the services that these passwords were re-used, okay? This fantastic service have pwned is where all the credentials and passwords are dumped, whenever a service in Internet is hacked. For example, Linkedln, Yahoo they were hacked. They retrieve all the passwords and they put in a huge database. If you came here and type your email address in the white box and check, you will verify if your account was hacked in any service and you can see that the credential is there, so is fantastic. Please, use it. Please, stop attacking Roman. Get away, and we are going to talk only about threat protections. So in order to protect from these threat, we can apply the conclusion of the Weak Password Unit. Remember, in this unit we saw that we should install a password manager. With a password manager, we can create a lot of different password for any of the services we are signing and even this password can be strong enough. So remember, install a password manager and you can protect not only about weak password, but also about saving passwords, and just to have some recommendations of that unit remember, be careful when you type a password. Just hide a little, okay? Or check that no one is spying you. Never reveal your password, even to the sysadmin, even to the boss of your company. Never reveal your password, it's not enough to fix everything, and finally create a new password for each of the service you are using. You can use a password manager for that, okay? That's enough for this unit. See you on next units.
