Profile cover photo
Profile photo
Just Rite Design and Productions
1 follower
1 follower
About
Posts

Post has attachment
Photo
Add a comment...

Post has attachment
Photo
Add a comment...

Post has attachment
Photo
Add a comment...

Post has attachment

Passwords Part 4 “The Weakest Link"

The security in passwords is that no one else knows what they are. This security is diminished when you leave clues as to what those passwords might be. The weakest point in your password system will be your email. Especially if you are in the habit of keeping emails long past their prime. This is the case with more than 90% of the internet world. If in my case there were emails on my hacked account that had account retrieval information on them then I would have opened the door to two things.

1. What accounts I have online and
2. What my password is or a clue to what my “password system” might be. Let’s look at these and see why you should be worried.

Just recently one of my sub email accounts was hacked and my hosting company called me (even before the barrage of sever error emails arrived) to tell me that there was an unusual amount of emails going out from this account and that they had changed my password for me. I immediately changed my password but for my "Primary" account. Those two accounts had the EXACT same password. I made sure it was different and wiped the beads of sweat forming on my forehead. Here is why I was worried and you should be too.

I, from time to time, have to go to a site that I have not visited for a long while. I forget the password like most of us do and say $#*&%!! (there’s a password right there). Now I have to do the "I forgot" dance that has an email going out to me with some way to "Change/Reset, Answer Questions, or (the worst) Retrieve or view my password.

ANSWER QUESTIONS: This usually happens at the website when you click on the “forget” link. So you will rarely have to worry about this type of email. And although the security level is much higher the questions will usually be personal enough that someone might be able to figure the answer. My advice is to answer the question with a password or answer it incorrectly or with a funny answer so that you remember it easier. If there is a set of questions rotate your answers so that you’re answering the next question.

RETRIEVE: The worst is if you retrieve a password because you are having it sent to you directly. That's fine if you are the only one viewing your email. If not, anyone else that sees the email will see my password and the "jig is up". So if you see this type of email coming from a website. Make sure you delete it right away. Ummm and hopefully I don’t need to tell but you should be dumping the trash too. Frequently!

CHANGE/RESET: A little higher on the security scale is changing your password. If someone is looking at your email they do not get a sense of your password regiment. Especially if you are creating great passwords. The challenge here is that they get will get an idea of where your other accounts are online. And if other emails with delicate information are sitting around your inbox then you have a problem again.

Now there are different types of resets out there. There is the one where you are issued a random password that resembles our new grandmascookies password. If you get this emailed to you should login right away (which you are probably going to do anyway) and then change it RIGHT THEN! Do not wait. You could go ahead and use this new password if it is up to the basic rules we went over. But no matter if you do make sure that you erase the email.

The next type lets you set your own password on a landing page directly on the site. This is good too but make sure you delete the email to remove traces back to the site. Some of these will have a “time out” setting that makes you go and start over if you do not get your password changed within a certain period of time. That is awesome because the link will not be valid later if someone stumbles onto your email. Yes you should still delete the email!

I believe Google has probably the best password resets process in use today. You can set your account to send you a quick text message with a code you type in the page. You can’t beat that security unless your hacked by your neighbor and he comes over to “borrow” your phone.

Well that is all I have on passwords for now. Follow the basics we discussed and remember to clean out your emails.
Add a comment...

Part 3: Creating a separate password for every site…

Ok let’s pretend that you have one passphrase that you are using for every site you log onto. Maybe it looks something like this:

grandmascookies

Earlier wisdom would say that you have created a long enough password but today that is not enough. Especially if you are using it on every site you go to. So let’s apply our basic rules and see what we get.

9r@nDm@$(0oK13s

This looks long but you can use smaller words and remember that you will get used to it the more you use it.

Now lets insert what site we are logging into. EBay for starters.

9r@nDm@$/3B@Y/(0oK13s

9r@nDm@$/i7/(0oK13s … iTunes

9r@nDm@$/F8/(0oK13s … FaceBook

The key is to remember your basic rules and apply them to your inserted site name too. You can change this to put the site name in where ever you want but I like two key words with the site in the middle. And it does not matter if you know that I like that, because you don’t know what rules I have put in place. That is the beauty of getting into a workflow with your passwords. It looks daunting to type but make it your own. Your accounts and information are really important. So we don't need anyone rifling around in them.

There is one more piece to the puzzle we must discuss as it is the key point to your overall online security habits.
We will talk about that tomorrow.
Add a comment...

Passwords Part 2 … Today we will talk about how to create powerful passwords that will not be hard to remember.
Here are some simple ideas that may not be super strong but are a great start for those who have been using their birthday or their wife’s/husband’s name or, according to a prominent password company, one of the top three passwords of 2013 are “123456,” “password” and “12345678.” Good grief!!!
And the worst part is that those three passwords have not changed since the year before except that “123456” over took “password” to become #1.

Let’s change that right now.

#1 Pick a sentence and reduce it to first letters of each word only: “What goes up must come down” becomes “WgUmCd”. Alternating the case is a great method also.

#2 Replace letters with numbers: “faster” becomes “f4s73r”. This should be longer but you get the idea.

#3 Reverse spell words: “management” becomes “tnemeganam”.

These by themselves are not very strong but if you combine them together you get a medium strength one:
The Quick Brown Fox Jumped Over The Lazy Dog
TQBFJOTLD or TqBfJoTlD or 7q8fJ071D or D170Jf8q7.
Pick your level of comfort.

That seems simple so what’s missing for an even stronger password? Let’s add some other changes.

#4 For you typists out there, with a password that only consists of letters to begin with, try moving your Home Row up or down one and shift up anything that falls outside on the missing row. For example if you moved your home row up you would be typing into the numbers row and negating what was on your bottom row. If a password needs a letter from the bottom row you would use it but using your Shift key. Likewise, if you move your home row down you would use capitals from the top row.
You can also type with your regular home row but one key to the right or left. This combined with the three other ideas above will make a great password.

Ok great you have a password that is strong now how do you use it everywhere on the net and keep it different for each site?

We will look at that tomorrow.
Add a comment...

Passwords Part 2 … Today we will talk about how to create powerful passwords that will not be hard to remember.
Here are some simple ideas that may not be super strong but are a great start for those who have been using their birthday or their wife’s/husband’s name or, according to a prominent password company, one of the top three passwords of 2013 are “123456,” “password” and “12345678.” Good grief!!!
And the worst part is that those three passwords have not changed since the year before except that “123456” over took “password” to become #1.

Let’s change that right now. 

#1 Pick a sentence and reduce it to first letters of each word only: “What goes up must come down” becomes “WgUmCd”. Alternating the case is a great method also.

#2 Replace letters with numbers: “faster” becomes “f4s73r”. This should be longer but you get the idea.

#3 Reverse spell words: “management” becomes “tnemeganam”.

These by themselves are not very strong but if you combine them together you get a medium strength one: 
The Quick Brown Fox Jumped Over The Lazy Dog 
TQBFJOTLD or TqBfJoTlD or 7q8fJ071D or D170Jf8q7. 
Pick your level of comfort.

That seems simple so what’s missing for an even stronger password? Let’s add some other changes.

#4 For you typists out there, with a password that only consists of letters to begin with, try moving your Home Row up or down one and shift up anything that falls outside on the missing row. For example if you moved your home row up you would be typing into the numbers row and negating what was on your bottom row. If a password needs a letter from the bottom row you would use it but using your Shift key. Likewise, if you move your home row down you would use capitals from the top row. 
You can also type with your regular home row but one key to the right or left. This combined with the three other ideas above will make a great password.

Ok great you have a password that is strong now how do you use it everywhere on the net and keep it different for each site? 

We will look at that tomorrow.
Add a comment...

Post has attachment
Starting in about passwords:
I will be taking a bit of time to hopefully help many of you start taking control of your passwords.
We all travel this world wide web with a whole lot of naivete. There are a bunch of internet dangers that we take for granted on a day by day basis. One of these dangers is passwords. My problem use to be how I was going to remember the myriad of sites that need a password and what that password was going to be. Ah Ha! I would use one great awesome powerful password for everything. Nobody could break it so I should be safe everywhere I go. Perfect. Well not so much ... If you google the topic you find that there are companies getting hacked a lot these days. Comcast, Target, Kickstarter, even Pintrest. I mean who hacks Pintrest? It turns out they’re not interested in your favorite dessert you pinned last night but (surprise) your account information.

Your information is valuable. We all know that. But if a hacker can see what email address you use at Pintrest and see your password or obtain your password and that password is used on every other site you go to then they have the key to every account you use online. Let the "Havoc" commence. Even if you use a slightly different password for different sites, once someone has a way of gaining access to something like your email address they can start a campaign of "I forgot my password" around the net.

So it is an important to start with a great password! OK how do you make an awesome password that would take a year to crack but not an hour to remember? 

Check in tomorrow and we will have some great tips on how to create great passwords and how they can be different for every site you go to.
Photo
Add a comment...

Post has attachment
Client Project Portfolio
PhotoPhotoPhotoPhotoPhoto
Client Projects (14 photos)
15 Photos - View album
Add a comment...
Wait while more posts are being loaded