WEBVTT
Kind: captions
Language: en

00:00:12.160 --> 00:00:18.080
hello and welcome back to this cyber security 
awareness course in this video we're going to  

00:00:18.080 --> 00:00:23.600
talk about some safety measurements regarding 
your account safety we all have social media  

00:00:23.600 --> 00:00:29.440
and internet accounts and it is very critical 
to keep all of them secure the first point i  

00:00:29.440 --> 00:00:35.920
want to discuss is that using the same password 
is a wrong attitude let's imagine the scenario  

00:00:35.920 --> 00:00:41.360
say for example that you've got a twitter account 
and you are using the same password for this  

00:00:41.360 --> 00:00:48.080
twitter account on facebook instagram and other 
applications if your twitter account got hacked  

00:00:48.640 --> 00:00:54.480
then all of these other accounts will eventually 
get hacked as well because they all have the  

00:00:54.480 --> 00:01:01.040
same password so it is a wrong attitude now some 
people might tell me well if i'm not going to use  

00:01:01.040 --> 00:01:06.320
the same password for everything then i might end 
up forgetting all of these passwords that i have  

00:01:07.280 --> 00:01:13.520
well we have a solution for that you can store 
your password but in the previous video we've  

00:01:13.520 --> 00:01:20.080
mentioned that if you store your credentials on 
text files or doc files hackers can actually view  

00:01:20.080 --> 00:01:26.160
that and we've demonstrated how they can do that 
so a solution for that would be using a password  

00:01:26.160 --> 00:01:33.520
vault so what is a password fault a password vault 
is basically a software which you can store your  

00:01:33.520 --> 00:01:40.560
passwords and they would all be fully encrypted 
and nobody would get access to them except for you  

00:01:41.600 --> 00:01:47.680
so i've got two examples of password vaults over 
here the first one is lastpass and the second one  

00:01:47.680 --> 00:01:55.440
is my key and in the end of this video we're going 
to demonstrate how they work now the third point  

00:01:55.440 --> 00:02:02.560
is make sure you change your password every now 
and then for example if you got hacked and you  

00:02:02.560 --> 00:02:07.840
have no idea that you got hacked and you change 
your password then you would be on the safe side  

00:02:09.280 --> 00:02:15.520
don't use your account to sign up with untrusted 
websites because these untrusted websites could  

00:02:15.520 --> 00:02:20.240
end up giving away your credentials or 
sometimes trying to hack your account  

00:02:21.760 --> 00:02:25.840
two-factor authorication prevents 
attempts of brute forcing so what is  

00:02:25.840 --> 00:02:31.760
two-factor authorization it is basically a way 
to authorizate log-in attempts to your account  

00:02:31.760 --> 00:02:38.000
and we've got two types of authentication 
we've got sms authorication in which the server  

00:02:38.560 --> 00:02:45.200
of this website sends a code to your phone 
telling you that this code is used to log  

00:02:45.200 --> 00:02:51.840
in to your account after you've given away your 
password and the second one is an authoricator app  

00:02:52.560 --> 00:02:57.760
and an authenticator app is an app that you 
install on your phone and it would have a  

00:02:57.760 --> 00:03:03.840
code in which you can access your account when 
you try to log in after providing your password  

00:03:04.720 --> 00:03:11.680
however it is better to use an authoricator app 
rather than sms authentication because recently  

00:03:11.680 --> 00:03:17.520
there's been a vulnerability in sms authentication 
in which we're going to be explaining right now so  

00:03:17.520 --> 00:03:25.680
for example over here say that we've got a user 
and this user used authonication to a server  

00:03:25.680 --> 00:03:31.040
giving away their phone number which is one two 
three for example now whenever they try to log in  

00:03:31.040 --> 00:03:38.800
to this server the server would send a message to 
this user's phone number saying that your code is  

00:03:38.800 --> 00:03:48.240
abc for example so what hackers do is that they 
tell the server to redirect the message from 123  

00:03:48.800 --> 00:03:57.760
to 456 and the server would do so now because 
of this it is better to use an authoricator app  

00:03:58.880 --> 00:04:04.960
now an example of an authoricator app is google 
fondicator the way it works is pretty simple  

00:04:04.960 --> 00:04:10.960
you just set up two-factor authonication on the 
website that you want and it would give you a qr  

00:04:10.960 --> 00:04:17.680
code to scan so you open up google authoricator 
you scan the qr code and it would send you  

00:04:17.680 --> 00:04:23.840
to the screen on the right now over here we've 
got the code in which you're going to be providing  

00:04:23.840 --> 00:04:31.360
whenever you try to log in and we've got a timer 
after this timer's up the code would change and  

00:04:31.360 --> 00:04:36.000
over here we've got the website name so we 
would tell you for example that we have this  

00:04:36.000 --> 00:04:42.000
particular code for this particular website say 
for example that it was facebook now let us see a  

00:04:42.000 --> 00:04:48.400
demonstration about lastpass and my key all right 
so we're on this windows environment right now  

00:04:48.960 --> 00:04:54.880
and we're on the lastpass website now the way you 
download it is really really simple you just hit  

00:04:54.880 --> 00:04:59.520
on the button in which you're going to be using 
this software for example i'm going to be using  

00:04:59.520 --> 00:05:05.600
this for personal use and it will take you to this 
page where you can just click on start a trial  

00:05:05.600 --> 00:05:11.360
this will give you a 30-day trial and it will 
walk you through the download process and then  

00:05:11.360 --> 00:05:16.480
it will take you to this extension page over 
here where you can just install the extension  

00:05:16.480 --> 00:05:23.840
on your browser whether it was uh google chrome 
or firefox or even edge and the cool thing about  

00:05:23.840 --> 00:05:30.560
this is that it works on both ios and android 
as well so for my key the download process is  

00:05:30.560 --> 00:05:36.160
easy as well you just click on get started and 
it will walk you through the download process  

00:05:36.160 --> 00:05:41.120
but i'm not going to go through that because i 
already have both of these software installed  

00:05:41.840 --> 00:05:47.680
now one thing about lastpass is that it is 
installed as an extension on your browser so the  

00:05:47.680 --> 00:05:53.840
way to access it is by going to your extensions 
clicking on it and then clicking on open my vault  

00:05:55.440 --> 00:06:01.600
and it will take you to your password fold now the 
way to use it is very very simple you just hit on  

00:06:01.600 --> 00:06:08.240
the add button over here and you choose what item 
you're going to be adding a password a secure note  

00:06:08.240 --> 00:06:14.960
an address payment card or even a bank account 
you can browse for more items over here like  

00:06:14.960 --> 00:06:22.640
driver's license passport social security number 
it is very very awesome to have such a software  

00:06:22.640 --> 00:06:29.600
now for example select password it's going to 
tell you to enter a url for example i'm going to  

00:06:29.600 --> 00:06:38.160
be storing a password for paypal and then we can 
just choose a folder for example paypal passwords

00:06:41.200 --> 00:06:49.120
and a username for example test and the site's 
password the password that you use to access  

00:06:49.120 --> 00:06:56.160
paypal for example we can just type some password 
over here and right here we can see that it tells  

00:06:56.160 --> 00:07:03.040
us the strength of this password so if we were 
to put a complicated password take a look at this  

00:07:04.320 --> 00:07:10.320
it would tell you that you've chosen a very very 
good password now over here we can add some notes  

00:07:10.880 --> 00:07:18.480
and if we just hit on this advanced settings 
option we can require the master password which is  

00:07:18.480 --> 00:07:26.160
the password that you used to sign up with 
lastpass and we can just hit the auto login button  

00:07:26.160 --> 00:07:32.000
or disable the autofill button these options 
are not really important not as much as these  

00:07:32.000 --> 00:07:39.360
options so we can just hit on save over here 
and as we can see we've got our paypal password  

00:07:39.360 --> 00:07:46.000
saved so if we were to hit on launch it would 
actually take us to paypal login and it would  

00:07:46.560 --> 00:07:52.640
allow us to put the password without having 
to enter that now this is really really useful  

00:07:52.640 --> 00:08:00.400
when it comes to something called key logging 
what hackers do is that they use a keylogger to  

00:08:00.400 --> 00:08:07.280
know what buttons you're pushing on your keyboard 
so if we are using this option on lastpass  

00:08:07.280 --> 00:08:14.160
to auto put the password on the website it would 
be very very good because for example if you  

00:08:14.160 --> 00:08:20.080
are hacked if you have a malware on your device 
hackers won't be able to know what you're typing  

00:08:20.640 --> 00:08:25.840
because it just auto put the password 
and you didn't have to type it in  

00:08:26.960 --> 00:08:33.120
now if we were to look at my key over here the 
process is the same you just click on add password  

00:08:33.120 --> 00:08:38.800
you put every single detail about your password 
your nickname for example the username the  

00:08:38.800 --> 00:08:44.960
password the website that you're going to be using 
this password on and you choose your profile over  

00:08:44.960 --> 00:08:51.040
here i've set it to personal you can just add some 
tags over here but that's not really important so  

00:08:51.040 --> 00:08:55.440
the process is really really easy let's go ahead 
and take a look at what we can do so we can just  

00:08:55.440 --> 00:09:04.560
for example type a nickname over here a username 
a password say i want this to be on facebook.com  

00:09:06.560 --> 00:09:14.480
and then we might as well just click on save 
over here and it would save my password and  

00:09:14.480 --> 00:09:19.680
it would tell you that this password is used for 
facebook.com and as we can see over here we've got  

00:09:19.680 --> 00:09:27.680
this facebook banner over here now the cool thing 
about my key is that it enables an extension on  

00:09:27.680 --> 00:09:34.160
your browser as well so if we just go to your 
browser store and search for my key you'll be  

00:09:34.160 --> 00:09:40.880
able to find it and it's not really different 
from the desktop application because it has  

00:09:40.880 --> 00:09:46.080
all the options over here as we can see we've got 
the payment cards secure notes identities and all  

00:09:46.080 --> 00:09:51.840
the options that were in the application and we 
can see over here that we've got the password that  

00:09:51.840 --> 00:09:58.960
we created so using the extension we can just go 
ahead and launch facebook the same way that we did  

00:09:58.960 --> 00:10:03.680
with lastpass and we can just click 
on this and it would just autofill  

00:10:03.680 --> 00:10:08.960
the credentials but since these are fake 
credentials facebook is not going to open  

00:10:08.960 --> 00:10:14.640
up now this is it for this video i hope that 
you liked it and i'll see you in the next video