WEBVTT

00:00.750 --> 00:01.290
In this video.

00:01.290 --> 00:04.140
We're going to go over a couple of ways to keep your data safe.

00:04.200 --> 00:10.230
Now, two main things you want to keep in mind are having a good password manager and also a way to

00:10.230 --> 00:12.930
encrypt your data if you need to encrypt your data.

00:13.500 --> 00:18.210
Now, Keepass is a really good way to help keep your passwords safe.

00:18.240 --> 00:25.080
It is a password manager, which means that it stores our username and passwords URLs, which is really

00:25.080 --> 00:30.990
handy because as we do in investigations, chances are we're going to have a lot of different accounts

00:31.470 --> 00:34.830
and also a lot of passwords have to remember.

00:34.920 --> 00:39.870
Now, instead of writing down, it's great to keep in a password manager because it is encrypted in

00:39.870 --> 00:45.360
this case is 256 bit a is a s rather encryption.

00:45.660 --> 00:49.110
And this works for Windows, Linux and OSX.

00:50.880 --> 00:53.940
The other thing we could use is a.

00:54.910 --> 01:03.690
A password system here like beam beam to it's a credit card sized device that actually stores your password,

01:03.690 --> 01:08.220
has biometrics in there, and also acts as a two factor authentication.

01:09.090 --> 01:13.290
Personally, I actually use both devices and I like them both a lot.

01:14.010 --> 01:18.690
However, for this, we're going to actually talk about Keepass a little bit more.

01:19.170 --> 01:20.970
So again, Keepass is free.

01:20.970 --> 01:23.460
It's really easy to install, so I'm not going to go over that.

01:23.460 --> 01:29.550
You can find it over at Keepass iSCSI dot org and download it for your particular platform.

01:30.720 --> 01:33.060
So once you have it installed.

01:34.820 --> 01:38.600
We could actually just go to database and we could set up a new database.

01:38.780 --> 01:44.180
And in this case, I'm just going to call this demo and you could add a description if you want and

01:44.180 --> 01:45.260
click continue.

01:45.710 --> 01:50.660
And here we can do the decryption time, the database format.

01:50.870 --> 01:53.780
I'm going to leave everything default, click, continue.

01:54.900 --> 01:57.540
We give that a moment and we enter a password.

02:02.240 --> 02:03.530
And click done.

02:04.230 --> 02:06.740
And it wants to save your password.

02:06.750 --> 02:11.400
I'm just going to type demo here so I know what this is and.

02:12.500 --> 02:15.020
Here we have our our database here.

02:15.050 --> 02:18.200
Now, the nice thing is we could actually set up new groups in here.

02:18.200 --> 02:19.660
I can call one O.S..

02:21.920 --> 02:23.780
And I can create another one.

02:23.780 --> 02:24.800
Say.

02:26.100 --> 02:27.000
A new group.

02:27.000 --> 02:29.010
I could do social media.

02:30.890 --> 02:32.900
So we can keep things kind of organized.

02:32.900 --> 02:37.160
Now within these groups, I can go in here and click the plus and I could put a title.

02:37.160 --> 02:39.800
I could do things like Sock puppet.

02:42.750 --> 02:44.460
Account and username.

02:44.460 --> 02:57.840
John Doe and password and a URL say https ww w gmail.com.

02:57.840 --> 03:00.930
For example, we can set an expiration date and note.

03:00.930 --> 03:07.350
So no, it's like a put down sock puppet for gmail.

03:09.030 --> 03:15.690
John Doe male age 29.

03:18.930 --> 03:23.610
Location, Seattle, etc., etc. and then we can click.

03:23.610 --> 03:24.300
Okay.

03:24.540 --> 03:26.760
Now, the nice thing about this is.

03:27.830 --> 03:34.070
Uh, password managers are great because if someone puts a keylogger on your system, keylogger designed

03:34.070 --> 03:35.500
to log the keystrokes.

03:35.510 --> 03:41.970
Now, if you use an password manager, there is no keystrokes to to record.

03:41.990 --> 03:47.930
So if I go here, I could do copy username and say, Go in here, I could do paste, it'll paste a username,

03:47.930 --> 03:48.890
I can go back in here.

03:48.890 --> 03:50.330
I could do a copy, a password.

03:51.440 --> 03:52.970
And I could do paste in.

03:52.970 --> 03:54.400
It'll copy the password.

03:54.410 --> 03:56.350
That makes things really easy.

03:56.360 --> 04:01.670
Now, if I go back in here again, I have a title, I have my username, I have my password, I have

04:01.670 --> 04:06.410
my URL, so I could even have it type in the URL if I want.

04:06.410 --> 04:07.940
So they close this.

04:08.990 --> 04:10.250
Let's go back in here.

04:10.850 --> 04:12.170
Open database.

04:13.070 --> 04:14.060
Demo.

04:20.260 --> 04:25.600
And if we right click in here, we could do auto type sequence password username.

04:26.540 --> 04:28.790
We can clone the entry and whatnot.

04:28.790 --> 04:30.200
Open the URL.

04:31.190 --> 04:32.930
It makes things really easy.

04:32.930 --> 04:39.650
And again in this is the whole thing is encrypted again we could we could put as many passwords in here,

04:39.650 --> 04:42.930
URLs that way we don't have to remember all these different things.

04:42.950 --> 04:49.850
Again, it makes it really handy and much more secure than, say, having the same password for everything,

04:49.850 --> 04:51.720
having the same username for everything.

04:51.740 --> 04:54.440
This really helps keep things kind of straight.

04:55.740 --> 04:58.740
And of course, we could always go again.

04:58.740 --> 05:02.020
I like using this device also in addition to Keepass.

05:02.040 --> 05:07.880
Again, this is a little credit card, literally a credit card sized device as biometrics to log into

05:07.890 --> 05:08.730
system.

05:08.730 --> 05:12.990
You could run it off your computer again.

05:13.050 --> 05:16.350
Of course, it is going to be more expensive than running a free program.

05:16.350 --> 05:22.110
But this is I like having this around as a two factor authentication, also having passwords on the

05:22.110 --> 05:22.710
go.

05:23.460 --> 05:26.830
Now, another thing you want to consider looking at is very crypt.

05:26.850 --> 05:29.900
Now, very crypt will actually encrypt different volumes for you.

05:29.910 --> 05:36.350
We can encrypt a USB drive, we can encrypt folders on our on our system and whatnot.

05:36.360 --> 05:40.230
And again, this is for Linux, for OSX and for Windows.

05:41.400 --> 05:48.510
So if I have a drive or a folder I really want to encrypt, say we're doing an investigation, we're

05:48.510 --> 05:52.680
collecting information, we're collecting evidence, and I want to make sure that it's secure.

05:52.710 --> 05:58.380
I'm going to use something like Vera Crypt so I can open this up and we can encrypt different volumes

05:58.380 --> 05:58.920
here.

05:59.630 --> 06:01.460
Now we can go in here.

06:01.760 --> 06:08.180
We can create a new volume encrypt file or container crypt, non system partition drive, encrypt our

06:08.180 --> 06:09.950
entire drive if we want to.

06:10.160 --> 06:12.910
I'm just going to do encrypt a file container.

06:13.100 --> 06:14.120
Click next.

06:14.940 --> 06:17.040
And we could make it hidden and we can make it stand.

06:17.040 --> 06:18.930
Or I'm just going to go through the defaults here.

06:20.040 --> 06:22.410
And never saved history.

06:22.440 --> 06:23.970
I'm going to select a file here.

06:23.970 --> 06:26.250
Let's go into our desktop.

06:26.250 --> 06:27.810
I'm going to demo them.

06:27.810 --> 06:29.250
I do test two.

06:30.740 --> 06:32.330
And that's going to create a volume.

06:32.360 --> 06:36.870
I'm going to click next, and we could select the encryption algorithm.

06:36.890 --> 06:38.630
I'm going to leave it as.

06:39.480 --> 06:46.770
And we could do the hash algorithm shall 512, whirlpool shall 2 to 56 treat bug and we'll leave it

06:46.770 --> 06:49.020
sha 512.

06:49.050 --> 06:50.040
Click next.

06:51.160 --> 06:54.370
In here, we determine how large that volume size is going to be.

06:55.020 --> 06:58.560
We can make a kilobytes, megabytes, gigabytes or even terabytes.

06:59.040 --> 07:04.560
So since it's a demo, I'm just going to make it one megabyte, click next, and we want to create a

07:04.560 --> 07:05.310
password.

07:08.730 --> 07:09.000
Okay.

07:09.210 --> 07:12.780
And I'm just going to put a bad password in here because this is a demo.

07:12.960 --> 07:14.580
And also show you this.

07:14.700 --> 07:20.940
So if we create a password that's really bad, it's going to warn us the password is too short, easy

07:20.940 --> 07:23.280
to crack using brute force techniques.

07:23.640 --> 07:26.310
They do recommend using 20 characters or more.

07:27.010 --> 07:27.850
So I'm going to click.

07:27.850 --> 07:30.790
Yes, we're still going to use this because this is a demo.

07:30.790 --> 07:37.090
But of course, if you have something else, something important, you should actually adhere to their

07:37.090 --> 07:38.320
recommendations.

07:38.890 --> 07:43.510
So you just randomly move your mouse that way it.

07:44.630 --> 07:49.340
It does the encryption we do format and IT formats a new section.

07:49.720 --> 07:50.210
Okay.

07:51.310 --> 07:55.120
So I am going to click next cancel out of here.

07:55.420 --> 07:57.700
And now we have our new volume here.

07:57.700 --> 08:04.400
So if I try to go to test two, it has no way to open it, doesn't know what this is and it's unable

08:04.400 --> 08:05.170
to open it.

08:07.190 --> 08:13.430
But if I go to to mount here or slight file, I can do mount.

08:13.850 --> 08:16.040
Actually, let's see, it's like file.

08:16.370 --> 08:17.900
We'll go to the desktop here.

08:19.500 --> 08:22.170
Let's go to our demo test, too.

08:23.160 --> 08:24.420
And now this is selected.

08:24.420 --> 08:27.960
We're going to do mount, and we're going to do our password.

08:29.790 --> 08:30.120
Click.

08:30.120 --> 08:30.750
Okay.

08:33.270 --> 08:35.840
And now this is actually unlocked.

08:35.850 --> 08:39.840
If I double click this, it'll open this up and I can put things in here.

08:39.840 --> 08:45.990
I could do a new text file, secret password, for example.

08:47.420 --> 08:49.610
And we can drop an error file in there.

08:53.220 --> 08:54.480
Important data.

08:56.010 --> 08:58.410
K and if I do, dismount.

09:01.500 --> 09:03.660
I can't get back in that folder again.

09:03.870 --> 09:10.680
Matter of fact, if I just click on Oh, it's going to ask me for the for the password again, I can

09:10.680 --> 09:11.520
click password.

09:11.520 --> 09:15.920
It'll take a little bit to decrypt it, open it up and there's our files again.

09:15.930 --> 09:23.250
So again, using things like Vera crypt, using things like Keypad, SCSI, PMU, and also two factor

09:23.250 --> 09:28.380
authentication are all great ways of helping keeping your data safe, which is always going to be important

09:28.380 --> 09:33.240
for the integrity of your investigation, especially if you're doing an investigation for a company

09:33.240 --> 09:34.350
or a person.

09:35.010 --> 09:42.210
You want to make sure that data is safe, secure, and that your client has reasonable expectations

09:42.210 --> 09:43.800
of security.

09:44.010 --> 09:47.400
So thank you for watching and I'll see you next video.