ISIQ

 

Québec government

Home | About us | Partners | Press room | Contact us | Français

• Understand identity theft
  • What is identity theft?
  • Have you been a victim of identity theft?
  • What can you do if you have been a victim of identity theft?
  • Why should you report identity theft?
  • What can you do to prevent identity theft online?
  • How does the government protect you?
• Protect your identity
  • Before connecting
  • While online
  • During your transactions
  • During your communications
• Secure your computer
  • Computer security
  • Laptop computer security
  • Shared computer security
  • Wireless network security
  • Technical support
• Follow good practices
  • Online code of conduct
  • Backup copy
  • Content management systems
  • Digital identity
  • Instant messaging
  • Online computer identity
  • Online purchases
  • Passwords
  • Reputable suppliers
  • Safe disposal
  • Social networks
• Find out about threats
  • What is a threat?
  • Computer viruses
  • Computer worm
  • Phishing
  • Rogue security software
  • Spam
  • Spyware
  • Trojan horse
• Get assistance
• Consult legislation
• Learn more
  • Other websites
  • Tools to download
  • Glossary
  • FAQ
• Take an online course
• Have some fun
  • Story in which you are the hero
  • Games and quizzes
• Participate in the 2009 campaign
  • Activity schedule
  • Contest
  • Press room
  • Partners
  • 2008 campaign

Bloggers' corner

Denis François Gravel's blog:
PRESENTability with DFG

Mario Asselin's blog:
Mario tout de go

Nelson Dumais's blog:
Technaute - Nelson Dumais

Jacques Viau, guest of Direction Informatique's blogue

Direction Informatique

Caution

If your password is too simple, a fraudster may:

• Obtain and use it to steal or destroy data
• Use it to impersonate you and access your personal information

Fraudsters use the following techniques to obtain a password:

• Social engineering: obtaining or guessing passwords based on personal information obtained about you or your family
  • for example, do not use your dog's name "Sultan"
• Dictionary attacks: using a program that tries all the words in the dictionary in several languages
  • some programs also substitute the most obvious letters, for example, an S for a Z or an A for a 4 in "m4izon" (maison)
• Brute force attacks: using a program that tries all possible combinations of characters
  •  with more than 8 characters, this method is very time-consuming and a typical fraudster is less likely to use it
• Malware: using a malware like a keylogger or a packet sniffer to catch passwords entered by the user
  • don't log into your acounts from a public computer or network, where malwares like these could be hidden without your knowledge

 

How can you protect yourself?

Create a safe password that you will remember:

• Make up a password with at least 8 characters
• Do not use any dictionary word in any language
• Avoid sequences or repetition of characters such as "123456" or "333333" or "abcdefg"
• Never use your personal information such as:
  • name or user name
  • date of birth
  • Social Insurance Number
  • pet's name
  • family’s personal information
  • etc.
• Choose a combination of lower case and upper case letters, numbers and symbols

Many types of websites require you to use passwords for which you must always ensure the safety and confidentiality:

• Change passwords by default
• Use a new complex password for each critical website (banking services, online purchases, government services, etc.) 
• Use simple passwords for less critical websites (a website's private area where you will not make any transactions)
• Do not re-use the same password
• Do not let your Internet browser manage your passwords
• Use your memory and not a paper note or unprotected file to remember your passwords
• Do not tell anyone your passwords, not even your parents or friends
• Change your passwords regularly

 

References

• Websites about passwords