The Digital Campfire: Constructing a digital fortress

(BlogDH) Digital Campfire

The Digital Campfire is a collection of stories about technology. The protagonists are (fictional) Brown students. The problems they face, however, are very real— a stolen phone, a hacked account, an accidentally deleted folder. How do our intrepid heroes deal with these digital hiccups? Read the column to find out. 

It was 2 p.m. and the sun was blazing. Sam had just finished with classes for the day and was heading back towards Keeney Quad. As he walked along the path, he whistled tunelessly to himself. While Sam appeared outwardly relaxed, his brain was churning furiously. His mind was consumed by a single thought, one that sprang from a deep primeval urge that millions of years of evolution hadn’t managed to eradicate. “How do I save myself?” he wondered.

Sam replayed the day’s events in his mind. David, the college soccer team’s captain, had been more restless than usual during Math class. When Sam saw him furtively slip into the SciLi, he instinctively followed him. David hated libraries as much as Napoleon detested Moscow; only a dire emergency could make him go there. Sam found him haphazardly browsing through the ‘Computers and Technology’ section in a dark corner of the library. When confronted David told him everything, glad to find a sympathetic listener. “Someone f***ing hacked into my Facebook account,” he said. Sam understood immediately, like any other teenager he found it an horrible intrusion. In fact it was nothing short of an invasion into a digital shrine. And this shrine, according to David, was now being defiled by status updates that were either prurient or ludicrous and messages to friends that were simply nasty. The hacker had even posted a status praising Chelsea FC David fumed, for him this was the last straw. Worried sick, he had hoped to combat this cyber sorcery by finding a book on computer security. But the library didn’t have any. Hacker – 1 : David – 0. He cracked his knuckles, as was his habit when angry, and walked out of the SciLi.

Sam was worried. Not only for his friend, but also for himself. Seeing David’s predicament, Sam was even more desperate to buttress his digital security. But how could he do that? Suddenly, he had an idea. He took out his laptop and powered it on. The blue LED pulsed soothingly. Sam found his agitated mind becoming calmer already. He directed the browser to The Blog.

The Blog was the equivalent of a technological Jeeves, it could solve all (well almost all) of your problems. Sam had just remembered a blog post he had read long ago. He found the article. To a cryptographer the article would have seemed obvious, but most teenagers are not even half as digitally literate. Here’s what the article said:

While choosing passwords for accounts remember:

  1. To make them unique. Repeat no password. This way if someone obtains the password to one of your accounts they at least can’t access the others.

  1. Each password should be at least 8-10 characters long. It should have upper and lower case letters, numbers and special characters (if permitted).

  1. The password shouldn’t be a word found in the dictionary as this is the basis of ‘brute force’ attacks and ideally should be randomly generated.

The conditions listed above are non-trivial to meet. However, you can you use software to handle them for you. In such software all the passwords are stored in an encrypted database and you need a Master Password to access them. The Master Password is similar to the ‘master key’ that opens all hotel rooms (you obviously don’t want to lose the master password!).  One such great free and open source software is KeePass.

KeePass database-1

An added advantage of KeePass is that it allows you to randomly generate passwords that fulfill all the conditions of a strong password.

Password Generator_021

In the recovery options, be sure to feed in your mobile number. The recovery message will then be sent to your phone which will hopefully be with you (a stolen phone and hacked account in a single day would be harsh punishment, rivaling stepping on the Pembroke seal).

Despite your best efforts, a skilled hacker may still gain access to your account. However, your efforts should certainly safeguard you from the amateurish attempts of your friends(?)/enemies. You can now breathe more easily in your newly constructed digital fortress.

The next day Sam passed by David in the Ratty and slipped him a piece of paper with the Web address of The Blog. That very night David changed all of his passwords from the name of his dog to something slightly more classified. He downloaded KeePassX (since he was using a Mac) and used it to randomly generate passwords according to the given criteria. He also chose a strong master password. The entire incident left him a little wiser and a bit more digitally literate. He then returned to the tedious task of calling up friends to explain that ‘those damn messages’ weren’t sent by him.

Leave a Reply