Call 480 233 9095

Archive for category: Computer Tips

Steps To Protect Against Russian Hacker’s

/in /by

If the reports are accurate, a Russian gang may have pulled off the largest known hack of private internet information ever.

Hold Security of Milwaukee claims to have discovered a global compromise of over 1.2 billion usernames and passwords from roughly 420,000 websites, including 500 million email addresses.

The websites range from Fortune 500 companies, to household names and lots of very small sites, so you should assume that your credentials have been sold to other hackers already.

The good news is that with that many accounts being stolen, the chances of your accounts being the first to be exploited are pretty low.  That means you have time to change all your passwords before a criminal attempts to use the stolen credentials.

This, once again, underscores the importance of not using the same password on all your online accounts.  Hackers will automatically try using your username and password on every major website because they know that so many of you still make this huge mistake.

Since at this point, there is no way to know for sure if your credentials have been stolen, you should assume that they have and act accordingly.

In any case, this is a great wake-up call that you should use to strengthen your password protection by doing the following:

1. Change all your passwords and make sure that every online account has its own password – To make this more manageable, consider using a password manager. Here is some advice on easy to use password managers:  http://virtualgeorge.com/easy-use-password-management

2. Longer, easy to remember passwords are more secure than short complicated passwords – aim for at least 15 characters, but make it easy to remember. Example: I Hate Passwords! is much more secure than A8y@q7P1 and much easier to remember.

3. Make sure your e-mail account has a very strong password – your e-mail account is the gateway to all your other accounts.  Remember, that when you forget a password, the reset message gets sent to your e-mail account making it really easy for the bad guys to take over if they get in.

4. Make sure you have a passcode setup on your mobile devices – mobile devices are more easily lost or stolen and if you don’t have a passcode to keep strangers out, they have direct access to your e-mail account.

5. Do a search of all your old e-mails for the word ‘password’ and delete any messages that provide information on what accounts you do have.  If a hacker does gain access to your e-mail account, they will immediately search for clues of the accounts you do have so they can quickly exploit them.

6. Turn on 2-factor or 2-step authentication – virtually every sensitive online account you have has this feature, but you must turn it on (go to Settings).  When activated, your smartphone becomes part of your security fence.  Whenever a site detects that you’re signing in from a new computer or device, it sends a special code via text message to your phone to verify that it’s you.  This way, even if a hacker acquires your username and password, they won’t be able to get in without your phone in their hands.

Passwords are the gateway to your digital life and with every breach they become more vulnerable, so don’t take this lightly.

Easy To Use Password Management

/in /by

The ongoing challenge of balancing security with ease of use continues to get more complex with each new online account you sign up for and too many of us gravitate to the ease of use side.

Using the same password for all of your online accounts makes it easy for you but is extremely unsecure because a single breach can expose all your accounts.

Most of us have been trained to create complex passwords using capital letters, special characters and numbers which tend to be secure but really hard to remember.

As a quick primer on the basics of online security, creating long passwords of 15 characters or more for each account and turning on 2-factor authentication when it’s available are essential steps for protecting yourself these days.

The answer to the question “How can I remember all of those complicated passwords” is you can’t unless you have an extraordinary memory.

The best way to have a complex but different password for each online account is use one of the many password management tools on the market so you only need to remember one complex password.

Most of the powerful options are pay services, but one called LastPass offers a pretty comprehensive system for free.

LastPass is a browser-based password management system that‘s both powerful and pretty easy to use and it’s compatible with Windows, Mac and Linux computers.

Once you install the primary program and created an account with LastPass, an add-on is installed in all of your browsers so it’s easy to use the system.

As you log into your various accounts, LastPass will ask you if you want to save it to your vault for future use.

Once it’s been saved in your secured vault, you can simply click the link to open a browser window that will take you to your desired site and login for you from any computer or device that has Internet access.

This means a slight adjustment to your online behavior as the vault essentially becomes your starting point for all your online accounts (setting the LastPass sign in screen as your start page helps).

To be clear, LastPass is an encrypted cloud-based service, which means that all your passwords are stored on their servers and they did have a data breach back in 2011.

The breach was limited and the small amount of data that was stolen was fully encrypted, meaning that whoever ended up with the information would have had to spend an enormous amount of time to actually make use of it.

As a result of the breach, LastPass incorporated many new layers of security that I’m personally comfortable with enough to trust them with my passwords, but you have to make that decision for yourself.

One downside to LastPass: if you want to use it on an iPhone or Android smartphone, you’ll have to pay $12 per year as the browser on the phones won’t work (iPad and Microsoft Surface RT apps are free).

There are a number of additional features such as password generators, form fillers, a virtual on-screen keyboard to thwart hidden ‘key loggers’ and support for installing it on a USB drive if you use a lot of public computers that are untrustworthy.

If LastPass doesn’t fit your needs, some alternatives include Google Chrome’s password manager, the open source KeePass and RoboForm.