Password security is something that is obviously important, yet I'm surprised that even though this is common knowledge, a lot of people don't take enough precautions when it comes to protecting their passwords. In this post I'm hoping to provide some tips that will make it easier to protect your important passwords.
Everyone knows the common places to find passwords; under the keyboard, on a Post-It stuck to the monitor, under the desk blotter, in the desk drawer, and my personal favorite, the list of passwords taped to the front of the laptop (I mean, really, what's the point of putting a password on your laptop if you're going to tape it to the front of it?)
The same people who have "ASK FOR ID" emblazoned on the back of their credit card and who would never even consider writing their ATM pin number on the back of their ATM card don't seem to hesitate a moment when it comes to keeping a list of passwords in their wallet.
My first piece of advice is to come up with one password that is a combination of numbers, letters, and symbols that is next to impossible to guess. Even better, come up with a "passphrase", a passage from a book, an obscure quote, or any phrase that is longer than the traditional password. Passwords and passphrases should be as obscure as possible in general, and if you can come up with one really good password/phrase that you are sure to remember, then you can secure the rest of your passwords easily.
What you need to do is set up an encrypted password database application, if you're a Mac user you already have one (the Keychain) and all that you need to do is set up your password/passphrase on your Mac, open the Keychain, and use the "Secure Notes" section to track your passwords. If you have a PC, you can download several applications that will encrypt files. The one I recommend is Oubliette (the project is no more, but the program is still there for download). Simply install the program and create a new file that is encrypted with your password/phrase. Store all your passwords in this file and you don't have to worry about either losing them or having prying eyes obtain them.
Most modern cell phones also come with a "password keeper" application that stores your passwords in an encrypted database, while this can be convenient, unless you have a tried and true method to back up your cell phone and restore this database if the phone is lost, it's probably not the best place to keep your passwords.
By keeping your passwords in an encrypted file you have the convenience of having them handy and all in one place without the possibility that anyone who wanders into your office can read them off your desk.
Tuesday, June 23, 2009
Monday, June 22, 2009
Optimize Your WiFi
There are a lot of settings in the modern wireless router that most people just ignore. I've mentioned MAC address filtering in a prior article, and today I'd like to discuss the channel setting.
You can think about the channel setting on your router much like a channel setting on an old analog television set or radio. In WiFi you have channels (ranging from 1 to 11), and just like when you are driving a long distance and you get an overlap when you are in between radio stations, if your WiFi is on a channel that is the same or close to a nearby hotspot or router, you will get the same interference that a radio will, receiving two stations at once or switching back and forth between the two. This can affect your bandwidth and connectivity.
So how do you know what channel is best for your WiFi network? Generally you can assume that if there are other wireless networks nearby that you'll need to change this from the default setting. One way to find out what channel is best is to use a free product like NetStumbler (for PC) or iStumbler (for the Mac). Running these will show you the nearby networks and what channels they are on. You will want to choose a channel as far away from the ones that show up on the stumbler as possible, so if you see a lot of folks on channel 6, setting yours to 1 or 11 is a good bet. If there are a lot of people on channels 1 and 2, then go to channel 11.
By setting your WiFi to the right channel you can dramatically improve your network reliability and often times this will resolve "mystery" issues with your wireless network.
You can think about the channel setting on your router much like a channel setting on an old analog television set or radio. In WiFi you have channels (ranging from 1 to 11), and just like when you are driving a long distance and you get an overlap when you are in between radio stations, if your WiFi is on a channel that is the same or close to a nearby hotspot or router, you will get the same interference that a radio will, receiving two stations at once or switching back and forth between the two. This can affect your bandwidth and connectivity.
So how do you know what channel is best for your WiFi network? Generally you can assume that if there are other wireless networks nearby that you'll need to change this from the default setting. One way to find out what channel is best is to use a free product like NetStumbler (for PC) or iStumbler (for the Mac). Running these will show you the nearby networks and what channels they are on. You will want to choose a channel as far away from the ones that show up on the stumbler as possible, so if you see a lot of folks on channel 6, setting yours to 1 or 11 is a good bet. If there are a lot of people on channels 1 and 2, then go to channel 11.
By setting your WiFi to the right channel you can dramatically improve your network reliability and often times this will resolve "mystery" issues with your wireless network.
Friday, June 19, 2009
Beware Fake Twitter Email!
There are a lot of reports of a mass-email worm going around pretending to be a Twitter invite. Articles on this can be found here, here, and here. This has been going on for some time now, and the fact that it hasn't been eradicated yet means that you should be extra cautious in your Internet browsing.
The only real way to protect yourself from this worm is to either not use the web browser version of Twitter (using a client loaded on your computer instead) or by disabling java on your browser (which will affect other, non-Twitter, sites). If you must use Twitter, I'd recommend accessing it via an application on your phone or installing a client (like Tweetdeck) and avoiding using your browser for Twitter access.
As more and more of these social networking sites become popular, it will be very important for the companies and/or individuals who run these sites to be proactive about addressing security issues before their users become infected. This current worm is an example of how important it is to be aware that you can't rely on the services you use to protect you from viruses, worms, and malware, you need to be proactive and careful no matter what system you are accessing.
Lastly, I always tell everyone that I discuss email security with that if you receive an email and you weren't expecting it, don't open it. If it was legitimate you can always contact the sender and ask them to re-send it. Email is not a secure application and there is no way to tell if the person an email appears to be from is actually the party that sent it. When it comes to email, it is always better safe than sorry.
The only real way to protect yourself from this worm is to either not use the web browser version of Twitter (using a client loaded on your computer instead) or by disabling java on your browser (which will affect other, non-Twitter, sites). If you must use Twitter, I'd recommend accessing it via an application on your phone or installing a client (like Tweetdeck) and avoiding using your browser for Twitter access.
As more and more of these social networking sites become popular, it will be very important for the companies and/or individuals who run these sites to be proactive about addressing security issues before their users become infected. This current worm is an example of how important it is to be aware that you can't rely on the services you use to protect you from viruses, worms, and malware, you need to be proactive and careful no matter what system you are accessing.
Lastly, I always tell everyone that I discuss email security with that if you receive an email and you weren't expecting it, don't open it. If it was legitimate you can always contact the sender and ask them to re-send it. Email is not a secure application and there is no way to tell if the person an email appears to be from is actually the party that sent it. When it comes to email, it is always better safe than sorry.
Thursday, June 18, 2009
'Golden Cash' botnet-leasing network uncovered | Security - CNET News
'Golden Cash' botnet-leasing network uncovered | Security - CNET News
I'm often asked (usually after cleaning up a worm or virus) what motivates people to write malicious computer code. Back in the day, writing a computer virus was akin to graffiti; the author did it to gain notoriety and the respect of his peers. However in recent years it has become big business, and this CNET article does a great job of explaining the motivation behind the modern virus writer.
Gaining control of your computer is big business, and this is why it is so important to take the security of your computer and network seriously. Change those default passwords and read up on these other articles to make sure that your network is safe.
I'm often asked (usually after cleaning up a worm or virus) what motivates people to write malicious computer code. Back in the day, writing a computer virus was akin to graffiti; the author did it to gain notoriety and the respect of his peers. However in recent years it has become big business, and this CNET article does a great job of explaining the motivation behind the modern virus writer.
Gaining control of your computer is big business, and this is why it is so important to take the security of your computer and network seriously. Change those default passwords and read up on these other articles to make sure that your network is safe.
Wednesday, June 17, 2009
Google considers request to boost privacy | Security - CNET News
Google considers request to boost privacy | Security - CNET News
The above article on CNET is a good reminder that setting up encryption on your Gmail account is something that you have to do manually or in your settings, it is not on by default.
When you connect to Gmail be sure to either use the secure URL https://www.gmail.com (instead of http://www.gmail.com, note the https), or go into your options and select "Always use https".
It is important to encrypt your email connection, especially when you are on a wireless network. You don't want strangers (or worse) reading your email off the network!
The above article on CNET is a good reminder that setting up encryption on your Gmail account is something that you have to do manually or in your settings, it is not on by default.
When you connect to Gmail be sure to either use the secure URL https://www.gmail.com (instead of http://www.gmail.com, note the https), or go into your options and select "Always use https".
It is important to encrypt your email connection, especially when you are on a wireless network. You don't want strangers (or worse) reading your email off the network!
Thursday, June 11, 2009
Microsoft Updates and Adobe Acrobat Vulnerability
On tuesday we saw Microsoft release several patches to their Operating Systems, and Adobe has released a patch to address a critical vulnerability in its Acrobat Reader program.
With these critical updates needing to be applied, it might be a good time to check and make sure that all your programs are up to date. On a windows machine Windows Update or Microsoft Update will do the trick, and if you used the default settings on your installation of Adobe Reader, it should automatically update as well. If you're on a Mac, you can run the software update from the Apple menu and pull down the new Safari version.
Remember, it's always a good idea to set your computer to auto-update and leave it on overnight every Tuesday... this ensures that you get updates as they come out.
With these critical updates needing to be applied, it might be a good time to check and make sure that all your programs are up to date. On a windows machine Windows Update or Microsoft Update will do the trick, and if you used the default settings on your installation of Adobe Reader, it should automatically update as well. If you're on a Mac, you can run the software update from the Apple menu and pull down the new Safari version.
Remember, it's always a good idea to set your computer to auto-update and leave it on overnight every Tuesday... this ensures that you get updates as they come out.
Tuesday, June 9, 2009
Microsoft Outlook 2007 Update
Microsoft released a new patch today that can have some unexpected consequences on installation. After applying this mandatory patch your Outlook may experience a long delay the first time that it opens as it updates your email archive files.
Microsoft really needs to do a better job in letting their users know about things like this ahead of time. Depending on how many archives you have and how big they are opening Outlook after this patch can take upwards of half an hour... very inconvenient if you were just expecting a quick reboot, ans surely a pain if you expected to start up a patched computer in the morning and get to work.
If you haven't applied the update yet, I recommend setting aside some time to do it and then opening Outlook and letting it run overnight to avoid staring at a "Preparing Outlook for first use" message for half an hour.
Microsoft really needs to do a better job in letting their users know about things like this ahead of time. Depending on how many archives you have and how big they are opening Outlook after this patch can take upwards of half an hour... very inconvenient if you were just expecting a quick reboot, ans surely a pain if you expected to start up a patched computer in the morning and get to work.
If you haven't applied the update yet, I recommend setting aside some time to do it and then opening Outlook and letting it run overnight to avoid staring at a "Preparing Outlook for first use" message for half an hour.
Subscribe to:
Posts (Atom)
Posts
