Today I got placed in a IT company and without mr.david this would not have been possible. My deepest gratitude to you from the bottom of my heart.All your courses are amazing and the way you explain the concepts makes it even more amazing people like you should live forever.......❤ Big fan from India❣️
@@YourDad-ho5ml start with cs50 Hardware, C and data structures playlist after that choose a domain like AI, Cybersecurity, cloud or anything u like (before this u should explore all the branches of computer science )then try to study it an year attend hackathons college level competitions
Great general knowledge on keeping my accounts secure. Almost done through lecture 4 and am grateful for all the free information! However I’m hoping cs50 will continue with this series and provide more structured information that directly relates to skills required to following a cyberops career. None the less we do already have Googles Cert for that, just wish it had cs50’s style and energy that really engages you!
- Threats to accounts and defences - Authentication - verifying/proving claimed identity - Authorisation - what allowed access the authenticated principal has - username - uniquely identifies user in the digital world publicly - password - uniquely verifies user (claimed identity) - dictionary attack - trying multiple actual words to impersonate a valid user by a bad actor - brute force attack - trying all possible combinations of characters/letters for short passwords which have lower possible combinations thus lower security - the goal is to have a long enough password for possiblitities that exceed average lifespan but not too long to lose usability via forgetfulness - NIST password policies (types of policies)
How I like to think of the password possibilities is how many different numbers are there to the power of how much numbers are required to open up the system
i have 2 questions about security, that i hope everyone here able to answer: 1. Is it better to use offline password managers, browser extension app password manager, or standalone software on pc/mobile, or even built-in password manager from the browser? 2. Should auto login features be avoided for non-tech savvy person that doesn't really aware about cybersecurity?
jeez, how fast is that computer. I am running a 4090 and i9 and it is still going. Do I need to change properties or something so that the IDE uses more resources? I see my CPU is at 20%
at 1:00:35 if the only credentials like user name and password is compromised then the adversory can access end number of accounts via sign in with same credentials so will not that be at risk ?
one interesting thing happened few days ago , my 3 google accounts got hacked but other 1 not fun thing is other 1 was my main account and password was reveresd version of other accounts passwords , may I skipped something to know ????
Mr. David if you don't mind, I'd like to ask a question about using biometric as password. Say if one of my passwords are compromised (e.g: thumbprint, facial recognition, or voice recognition), how do I prevent further damage from the event? (Because we can't change our face or fingerprints as easy as a text based or knowledge based password.)
Best you can probably do is switch away from using that particular factor, especially voice! Cf. uwaterloo.ca/news/media/how-secure-are-voice-authentication-systems-really .
One question regarding trying 10000 attempts to login to mobile through hacking, won’t the phone necessarily resist countless attempts to continue further after few failed attempts ? In such case how it’s possible hack in seconds trying 10000 combinations
But doesen`t many 4 digit log in systems have a stop/freeze mode when puting the wrong code more than 3 times or something? Meaning they only have 3 attempts to put in the correct code?
How about I am trying 94 different places and they are divided in to 10 more and central tracking of all through it. Is it quantam approach, please correct me if I am thinking something else...
This is called a distributed network attack. It's a type of password cracking that uses multiple systems to brute force a password. I've also seen pen testers use multiple IoT devices like raspberry pi's or machines with multiple GPUs to crack passwords. Usually instead of a bruteforce attack though hackers use common password lists. Sometimes hackers also gather wordlists from websites and use them to crack passwords.
@@byrospyro4432 instead of using multiple system, can we use a quantum state trying all possibilities from one central tracking from that quantum state and stop our algorithm if either of it works.
It takes about 7 minutes for my computer to finish printing all 72 million combinations of four alphabets (lowercase and uppercase) - is your computer like really fast or mine too slow? :’)
Just a question about password managers out of curiosity. Doesn't it enable a single point failure? If someone gets into your password manager wouldn't they have everything. Then wouldn't it only be like a less than minute until everything is gone? If not then how do they prevent a single point failure?
Yup! Though the presumption is that it's a lot easier to keep one, primary account safe than N different ones. And even that centralized risk is hopefully a net positive over using many insecure passwords!
1:56 ‘Can I quickly use your bathroom upstairs [and rummage through your bedroom to find your jewellery in the vanity desk’s drawers]? 😏’. What kind of cyberattack would that be?