Best Practices for Minimizing Your Digital Security Risk

By Hackett, Kara | The Quill, July 1, 2013 | Go to article overview

Best Practices for Minimizing Your Digital Security Risk


Hackett, Kara, The Quill


For the ñrst five years Steve Doig spoke at Investigative Reporters and Editors conferences, he talked to a half-empty room of chairs about keeping sources and secrets safe.

But at the recent June conference, more than 80 people packed into his presentation room and fought for 50 seats, finding room on the floor when the chairs were full.

Since Edward Snowden unveiled the National Security Agency's massive surveillance system in early June, reporters have questioned what digital threats lurk beyond their ability to anticipate or even understand. Doig said paranoia drove them to his lecture, and it's paranoia that will set them free. Even though most reporters won't have to worry about the NSA coming after their information, all reporters should adopt a healthy skepticism about their digital safety and learn basic measures to protect their information and sources.

Then on the rare occasion they need to shelter a confidential source, they'll be prepared.

"It's a matter of creative paranoia," Doig said. "A heightened sense about the possibility of surveillance is what you need to be ready when those rare situations come up."

LOW RISK: DIGITAL SECURITY MEASURES ALL REPORTERS SHOULD TAKE

Everyone wïih a computer is vulnerable lo hackers, crackers and aiiackers. Here are basic security precautions to help keep you and your sources safe.

PRACTICE HEALTHY PASSWORD HYGIENE

Reporters should build their digital defense on a firm foundation of strong passwords.

Dan Goodin, IT security editor at Ars Technica, calls passwords the basic building blocks of security posture.

"It doesn't matter how sound your antivirus program is or how careful you are about not visiting attack websites," Goodin said. "If the password you choose to protect your email account is easily cracked, all of your secrets are going to be spilled."

In his August 2012 article, "Why passwords have never been weaker - and crackers have never been stronger," Goodin proved a good password is hard to find.

When you're creating a new account, there's usually a meter that will rate your password choice and tell you how strong it is. But Goodin said the reliability of password meters is all over the map, and he's seen amateur crackers break so-called "strong" passwords in a matter of seconds.

"The problem is these meters use an unreliable metric for measuring the strength of a password and don't take account of the real world techniques used in password cracking," Goodin said.

Password meters rate passwords on the assumption that attackers are always going to use what's called a bruteforce attack on your account, cycling through every possible character combination to find a match. If the password is 10 characters, the brute-force attack will try every combination from 10 A's to 10 Z's, which can take years to accomplish, Goodin said.

So instead of using brute-force, most crackers cycle through word lists of the most commonly used passwords - a faster, more successful process password meters don't take into account.

To prove just how easy cracking can be, Ars Technica's deputy editor and a newbie to password cracking, Nate Anderson, took on a project in March to decipher 16,000 hashed passcodes using only free tools and the resources of the Internet. Within a few hours, Goodin reported that Anderson had deciphered almost half of them.

So if you want to protect your passwords from seasoned crackers, Ars Technica recommends using passwords with a minimum of 11 characters that don't form a pattern and do contain upper- and lowercase letters as well as numbers.

Goodin said it's best to create unique passwords for each of your accounts through what's called a password manager, or a single master password, that unlocks all of your other passwords.

The password manager beats the system because it's a random combination of numbers and characters that can only be cracked using a brute-force attack. …

The rest of this article is only available to active members of Questia

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
One moment ...
Default project is now your active project.
Project items
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

(Einhorn, 1992, p. 25)

(Einhorn 25)

(Einhorn 25)

1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

Note: primary sources have slightly different requirements for citation. Please see these guidelines for more information.

Cited article

Best Practices for Minimizing Your Digital Security Risk
Settings

Settings

Typeface
Text size Smaller Larger Reset View mode
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

Help
Full screen
Items saved from this article
  • Highlights & Notes
  • Citations
Some of your highlights are legacy items.

Highlights saved before July 30, 2012 will not be displayed on their respective source pages.

You can easily re-create the highlights by opening the book page or article, selecting the text, and clicking “Highlight.”

matching results for page

    Questia reader help

    How to highlight and cite specific passages

    1. Click or tap the first word you want to select.
    2. Click or tap the last word you want to select, and you’ll see everything in between get selected.
    3. You’ll then get a menu of options like creating a highlight or a citation from that passage of text.

    OK, got it!

    Cited passage

    Style
    Citations are available only to our active members.
    Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn, 1992, p. 25).

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences."1

    1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

    Cited passage

    Thanks for trying Questia!

    Please continue trying out our research tools, but please note, full functionality is available only to our active members.

    Your work will be lost once you leave this Web page.

    Buy instant access to save your work.

    Already a member? Log in now.

    Search by... Author
    Show... All Results Primary Sources Peer-reviewed

    Oops!

    An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.