Test 2: Account security

#1. A password is still one of the most important credentials to secure your online account. Is it more important for your security that your password is long with many characters, or is it more important that your password is complex with many different characters?

a- The length is more important than the complexity.

b- The complexity is more important than the length.

c- Mathematically, the length is more important than the complexity, but only a long and complex password is really safe.

If you answered a):

Yes, but only a long and complex password is really safe.

If you answered b):

No. Mathematically, the length is more important than the complexity, but only a long and complex password is really safe. A password should not be shorter than 12 characters and you should not use the same password for various accounts.

#2. Why is it important to use a password management system?

a- It is rather impossible for a human being today to remember all passwords, if all of them should be really secure and unique (not used for various accounts).

b- Because such a system warns a user if their account has been hacked.

c- Because online services like Facebook and Google can directly access all the passwords in plain text without any barriers, so that users do not have to type it in. This is more comfortable.

If you answered b):

No. A password management system does not warn a user, but stores passwords. Users can access the password box with a master password, and do not have to remember all their passwords, but only one.

If you answered c):

No. Although some password management systems might automatically paste in the password of a platform, the latter cannot access in plain text to your password.

#3. What is the core benefit of a two-factor authentication (2FA)?

a- It is impossible for an adversary to break into an account with 2FA, because only the user can access it.

b- An adversary is not able to hack an account by only knowing the username and password. A second kind of credential is required to successfully log in.

c- The service operating the account, for example a social network or an email provider, is not able to access the user's accounts.

If you answered a):

No. Although 2FA blocks most of the attacks, very powerful adversaries may find a way to circumvent it. For example, they already know the password and spies on a smartphone on which a code is created as the second credential. While this is a very sophisticated attack, it is possible.

If you answered c):

No. If you enable a 2FA on your account, the platform (social network, email provider) is probably still able to access it as well without letting you know it.

#4. You add to your log-in process a so-called “security question.” For example, you have to answer the question “Where was your mother born?” after you typed in your password. Is this a two-factor authentication (2FA)?

a- Yes, because you take two steps to log in, which is the idea of 2FA.

b- No, because not all users may know where their mother was born. Such a technique would not be usable for everybody.

c- No, because in both cases the credential is a knowledge-based factor. Both a password and the answer to the question can be provided by everybody who knows it. For a 2FA, you need two different kinds of factors, such as knowledge and possession.

No, two steps is not always considered a secure two-factor authentication, as it has to be two different kinds of log-in factors. For example, a knowledge-based authentication (entering a password that you know) combined with a possession-based authentication (entering a temporary code generated on your phone, which you have to possess at that moment) is a 2FA.

#5. Is it dangerous to click on a link of a sender you do not know in a message you do not expect, and if yes, why?

a- It is not dangerous. As a journalist, you sometimes have to click on links from strangers, because it can be a new source.

b- It is not dangerous. For instance, it can be to download software that is expensive, which you can pay for without providing any further details of your bank account. Only a click on a link is enough.

c- It is dangerous because the link can open a phishing website, in which you lose your credentials to criminals, or you intentionally download a spyware.

If you answered a):

Not every link is dangerous indeed. However, phishing is still one of the most common threats for journalists online – and it mostly comes with a non-trustworthy link. You should be very careful clicking on something you are not absolutely sure about.

If you answered b):

No, this is at least very, very unlikely. The click itself will probably not empty your account – but a spyware can be downloaded, with which criminals steal your bank information and make transactions.

Do you know what a strong password looks like? Do you know what two-factor authentication means? Test your knowledge!

#1. A password is still one of the most important credentials to secure your online account. Is it more important for your security that your password is long with many characters, or is it more important that your password is complex with many different characters?

#2. Why is it important to use a password management system?

#3. What is the core benefit of a two-factor authentication (2FA)?

#4. You add to your log-in process a so-called “security question.” For example, you have to answer the question “Where was your mother born?” after you typed in your password. Is this a two-factor authentication (2FA)?

#5. Is it dangerous to click on a link of a sender you do not know in a message you do not expect, and if yes, why?

Results

Test 2: Account security

Do you know what a strong password looks like? Do you know what two-factor authentication means? Test your knowledge!

#1. A password is still one of the most important credentials to secure your online account. Is it more important for your security that your password is long with many characters, or is it more important that your password is complex with many different characters?

#2. Why is it important to use a password management system?

#3. What is the core benefit of a two-factor authentication (2FA)?

#4. You add to your log-in process a so-called “security question.” For example, you have to answer the question “Where was your mother born?” after you typed in your password. Is this a two-factor authentication (2FA)?

#5. Is it dangerous to click on a link of a sender you do not know in a message you do not expect, and if yes, why?

Results

You may also like