Tag Archives: password

How LastPass is Handling a Security Breach the Right Way

I’m just as tired as you are of reading about security breaches, data being stolen and hackers sitting smugly behind their screens. Unfortunately, we’re not going to see a dip in the number of these crimes any time soon. The state of security within many companies is frankly deplorable. Corporations we have trusted for years are suddenly finding themselves in the number one spot on everyone’s “list.” Often, though, it’s not the actual breach of information that disturbs us – it’s the way a company handles the problem which gets our knickers in a knot. Just take a look at Sony…

Sony knew there was an issue several days before telling anyone, an oversight which is now causing them much more grief than the actual dilemma of stolen data. Let’s face it: we all know that hackers are out there stealing everything they can get their hands on. We hate them, right? We rant, curse and scream on a daily basis about the prevalence of online theft. But what we loathe even more than the bad guys are the companies who aren’t honest with us – and who aren’t very speedy at telling us they have a problem.

Earlier today, password manager LastPass openly admitted that they had possibly suffered a breach of data – nearly as fast as they discovered it. In order to maintain the safety of their customers, the business quickly disabled master passwords, forcing users to log in via offline mode. Everyone was then prompted to change their master password in order to resume normal operations. This was done as a precaution, folks. Yes, it likely inconvenienced you for a moment or two. However, isn’t taking that step just in case better than finding out later that some idiot now has control of your bank and credit card accounts?

This company absolutely handled the matter the right way. They aren’t even sure at this point that anything was taken at all. They simply found a possible problem, reported it to you immediately and took preventative steps to help you stay secure. What more could you ask for? Please don’t answer that by asking for impenetrable security. That’s never going to happen, y’all.

Nothing is perfect, not even security. The response from the LastPass team is daggone close, though.

How to Unmask Starred-Out Passwords


Add to iTunes | Add to YouTube | Add to Google | RSS Feed

You know how websites star out your password when you type it in? Did you know there’s a simple way to unmask those characters so you can see what it was you just typed? Matthew is here to show you how, using some simple JavaScript.

If you paste the following simple JavaScript into your address bar after the starred password has been filled in, the password will be revealed automagically!

Java Script: javascript: alert(document.getElementById(‘Passwd’).type=’text’);

What other neat little tips and tricks do you know of that could help out those who may not have as much know-how?

Thanks, Matt, for an excellent and informative screencast again this week.

Does Your Password Suck?


Add to iTunes | Add to YouTube | Add to Google | RSS Feed

The New York Times on Sunday stated that a strong password isn’t the strongest security. We should instead be focused on the malware/keyloggers that invade systems and can steal ANY password, weak or strong. Should we continue our focus on “strong” passwords which some jobs make you change every few months, or should our focus be more on computer security, getting to the root of the problem?

If you have malware or keyloggers on your system, your information will be stolen no matter how strong your password. Instead of focusing so much energy on strong passwords, you need to make sure that you protect your entire computer system. That’s what the NY Times article says to us, at least.

Do you pay much attention to password security, or do you focus your energy on overall computer security?

Lamarr wasn’t able to send us a video last week, since he was worn out from traveling. He wanted to make it up to all of you this week by doing a video today and one on Thursday! Now that is dedication, folks. Thanks, Lamarr, for all of your support.

Want to embed this video on your own site, blog, or forum? Use this code or download the video:

Layers of Computer Protection

Computer security people advocate layers of protection. There is no single software program that gives absolute protection. The Internet criminals and hackers simply respond too quickly, and are too sophisticated to be stopped by any one method.

One of the layers of protection that people seem to neglect is encryption. There seems to be a common misconception that encryption is something that is complicated and geeky. It really is not. It can be easy, and it offers an additional layer of security.

The crime of Identity Theft is growing. Two essential pieces of information necessary is to match your name to your social security number. It can lead to a host of problems financially. And if the Identity Theft is used for medical services, it can lead to deadly consequences. This is just a reality of the Internet – and a danger – as more and more medical services move to electronic record keeping for health providers. The key is simply preparation.

For your safety and security, SafeBit offers easy encryption:

SafeBit Disk Encryption is the perfect electronic vault you need for your privacy. It features military strength on-the-fly encryption, by creating virtual disk drives, where you can hide files and folders, keep them encrypted all them time, but still work with these files just like you work with normal files. SafeBit is the last line of defense if your current security system fails against viruses, trojans or hacker attacks.

This is a very special offer for our readers. The SafeBit people are offering our readers a generous forty percent (40%) discount off their regular price. This is a remarkable saving on an award winning software program.

This offer expires on January 6, 2010.

Here is just one last reminder for the people on laptops. If you are using different wi-fi connections regularly or plugging in to unfamiliar Internet connections, there is the risk of keyloggers. For example, the keylogger would record your name and password when you enter a site like PayPal. That would be comparable to handing over the log-in data to your online account. SafeBit has a virtual keyboard. It will give protection against such keylogger programs, and password-stealing malware. This is terrific for travelers, or for those people who are on the go with their laptops and netbooks. The virtual keyboard feature alone is worth the generous price of this program.

Thanks to the SafeBit people for offering this program to our readers at this price point.

Twitter Bans More Than 370 Passwords

Having a secure password for anything and everything is a no-brainer. Sadly, though, many people still aren’t very careful with what they use. When you choose a password, you really do have to be careful. If someone hacks your Twitter account, it’s true they won’t have access to your sensitive data (such as your social security number). However, they can wreak havoc on your reputation by posting some really awful things if they wanted to.

To help protect against this, Twitter has hard-coded 370 password no-noes into their registration page. This is a set of words that are definitely not secure, and Twitter won’t allow you to use them during sign up. If you want to see the list, simply view the source code of the registration page. Do a search for the words: twttr.BANNED_PASSWORDS, and you’ll see them all listed.

You really should make use of a secure password generator, such as the one that you can add to Firefox. Don’t take the chance that someone will inadvertently guess what you’ve used. Protect your reputation as much as you do your personal information.

Check out the newest apps and software in our downloads center today!

Identity Theft Protection

There are items in the news every day about identity theft. The obvious consequence is an unexpected financial disaster. However, it can be worse. There can be crimes committed under a stolen identity and warrants issued for the person who has had his/her identity used. And yet, it can be worse.

Identity theft can be a matter of health and well being. Along with identity theft being a rapidly expanding crime, stolen medical services are increasing. That means that someone uses a stolen identity to obtain medical care. Besides the obvious financial consequences, it can be deadly to the person who has had his/her identity used.

Once a identity is used for medical services, there will be an electronic record. The modern day goal is to have that medical record available to any physician who is treating that person. That means national access. Imagine the health consequences if the electronic medical records are wrong because someone has stolen and used an identity. The consequences can be disastrous.

A common means of identity theft is through your computer and through your passwords. A breach of your password (or passwords) just creates a myriad of problems. To maintain the security of passwords for our readers, Identity Protector with Password Manager from Large Software is recommended.

Wait. Before you say that you don’t need any password manager, here is one of the reasons why we are recommending this program. For the sake of an example, there are some websites that you might visit regularly. Let’s use PayPal. Imagine the damage that an identity thief can do with your PayPal data.
You think that you are careful and savvy but the hackers / criminals who spoof websites such as PayPal are experts at what they do. And regardless of how careful you are, there are times when you are rushed or tired or distracted. Identity thieves bank on these lapses. And some of the phishing websites are identical to the genuine sites. At a quick glance, it becomes impossible to tell the difference from spoofed sites and the genuine sites. Gone are the days of sloppy coding and spelling errors.

What an excellent password manager should do is protect you from phishing sites. The password manager should NOT release your personal data if the site is not legitimate and has been spoofed.

Identity Protector with Password Manager from Large Software does just that. It secures your logins, hides your keystrokes and encrypts your passwords. Password Manager protects your identity and is a significant extra layer of security from phishing attempts. It is a guard from identity theft.

Large Software is giving our visitors a special offer. Until November 4, 2009, Large Software is offering a ten dollar ($10.00) discount on Identity Protector with Password Manager. This is a third off of their regular price and an exceptional price for this outstanding security product.

Password Manager operates with ALL programs and web browsers, including Internet Explorer and Mozilla Firefox…. With the security issues with browsers, it is simply too risky to allow a browser to hold your confidential password information. Phishing, spoofing and other identity theft methods are becoming much more sophisticated in separating you from your password information. Protect yourself.

At this point, you might say that identity theft isn’t going to happen to you. The recent data from Australia says one in five people are identity theft victims. And don’t say that you are not worried about this because you have no money to steal. You have a reputation. And you have a health record to protect.

Protect Your Data From Prying Eyes

There are some things that you want to keep private. It may be financial information, sensitive data like your passwords, proprietary information, or other such confidential material. You simply don’t want friends, colleagues, roommates, family, or repair people to have access to that information. Not only is that information private, but you want to secure that sensitive data from identity theft. And sadly, sometimes identity theft is perpetrated by someone you know.

Invisible Secrets 4 not only encrypts your data and files for safe keeping or for secure transfer across the Net, it also hides them in places that on the surface appear totally innocent, such as picture or sound files, or Web pages. These types of files are a perfect disguise for sensitive information. Using our file encryption software nobody, not even your wife, boss, or a hacker would realize that your important papers or letters are stored in your last holiday pictures, or that you use your personal Web page to exchange messages or secret documents. With Invisible Secrets 4 file encryption software, you may encrypt and hide files directly from Windows Explorer, and then automatically transfer them by e-mail or via the Internet.

We have Invisible Secrets 4 available to our readers at a 40% discount.

Invisible Secrets 4 works on Windows NT / 2000 / XP and Vista. This generous offer ends October 22nd, 2009.

Cisco Systems uses this program. The Drug Enforcement Administration (USA) uses this program. The Exchange Bank uses this program. McCain Foods Limited uses this program. Privacy and security are important to these companies and institutions – it is essential to computer protection. This is a preventative measure that individual computer users have to recognize because there is so much information on just one hard drive.

This program should be standard on every machine. With business laptops, government laptops, and personal laptops going missing every day, this security program should be on every portable machine, as well as desktop. This would be an enormous savings for sensitive information that is breached and the subsequent nightmare of paying for identity theft protection. It’s simple and it’s effective.

If you need large multiples of this program, please let us know. We will try to negotiate a good price for those companies that might need many copies for laptops holding those confidential files. For the individual user, think of the files, emails, pictures, passwords, and other bits of information that you don’t want people to access. That is exactly why we want this privacy/security program for our readers… and our thanks to the Invisible Secrets people for this kind offer.

10 Tips to Keep Your Notebook Safe When Traveling

These days, we geeks don’t travel anywhere without our laptops. It’s a given that we need to have them on us! How would we survive?! Thankfully, Seth sent in the following tips to help us keep them safe while we are on the road.

    • Pad The Laptop: Make sure the laptop bag or carrying case you transport your laptop in provides adequate padding. As you move about the airport or shove the laptop under the seat in front of you or into the overhead storage compartment, the laptop can be jarred and jostled quite a bit.
    • Keep It On You: It is not uncommon for someone to set their luggage down while standing in line for a muffin, or to sit down while waiting for a flight. With all luggage, it is important to keep an eye on it and ensure nobody tampers with it or steals it. Because of their size and value though, laptops make prime targets and a thief can snatch the laptop bag and keep walking while you are unaware with your back turned. You should keep the laptop bag on your shoulder or keep it in sight at all times.
    • Back Up Data: Perform a backup of all critical or sensitive data before departing. Just in case your laptop does become damaged or lost, you don’t want to also lose your important files and information. You can buy a new laptop, but it is much harder to replace lost data.
    • Encrypt Your Data: Just in case your laptop should fall into unauthorized hands, you should make sure your hard drive is encrypted. Laptops with Windows Vista Enterprise or Ultimate come equipped with BitLocker drive encryption. If you aren’t using one of these versions of Windows Vista, and your company has not implemented any other sort of enterprise-wide encryption solution, you can use an open source solution such as TrueCrypt to protect your data.
    • Document Identifying Information: In case your laptop does end up lost or stolen, you should be able to provide detailed information about the make, model, serial number and any other identifying information. You may need the information to file a claim with the airline or your insurance company, or to provide law enforcement.

Use Strong Passwords: Follow the advice in Passwords and How to Make Them to make sure that your passwords can not be easily guessed or cracked if your laptop falls into the wrong hands. An excellent program for helping to secure and manage your passwords is Password Vault, which works for both Windows and Mac OS X.

  • Use a BIOS Password: Protecting your laptop with an operating system login and password is a good idea, but there are ways to circumvent that protection and gain access to the data still. For better protection, you should enable password protection at the BIOS level so that the laptop can not even be turned on without the correct password.
  • Implement Remote Data Protection: Another step you can take to make sure your data does not fall into the wrong hands is to look into products that will allow you to remotely destroy or erase the data on your laptop if it is lost or stolen. These products generally require that the unauthorized user connect to the Internet first in order for them to do their work though, so they are not a guarantee.
  • Use Portable Storage: To make sure you have the business critical PowerPoint presentation or Excel spreadsheet that you need to show your business partners in order to seal the multi-million dollar deal (or whatever other important files and documents might be on your laptp) you should carry a copy on a USB thumb drive or some other type of portable storage that you can carry separate from the laptop in case it becomes lost or stolen.
  • Just Leave The Laptop At Home: When it comes to all of the hassles and all of the issues that can arise from traveling with your laptop, you should also consider whether you really need to take it. You can carry your data or files on portable storage such as a CD, DVD or USB drive, or you can just email or FTP the data ahead of you. Then, you can borrow a desktop or laptop system once you are safely on the ground and at the office site you are visiting.

 

Do You Have a Problem with PayPal?


Add to iTunes | Add to YouTube | Add to Google | RSS Feed

On my birthday, $450 worth of iTunes gift certificates were transferred from my account to someone else’s, on account of my account being compromised. I logged into my PayPal and sent in a report. My request for my money to be returned was denied by PayPal. Mesiox sent in some tips for all of us, to hopefully help us keep our PayPal accounts safe.

  1. The first thing, it all starts with a clean computer system. A computer system with viruses or keyloggers may be the cause unauthorized people to be inside of your PayPal account. Use security programs on your computer.
  2. Make sure the site you are in is the verified PayPal site, and not a Phishing site. You can check this out by checking the domain name in the browsers url bar. You should see PayPal’s actual site address, and not something else.
  3. Don’t keep large amounts of money in your PayPal account, because people can easily send your money to other accounts in a blink of an eye if they gain access to it. Instead of keeping it on PayPal, keep it inside your bank account.
  4. Check your Paypal history on a daily basis. This way, you can stop money from being transfered if you see it happening when and where it shouldn’t be.
  5. This may be common sense, but use a strong password! Use a mixture of lowercase, uppercase, symbols, and numbers. Make it harder for a hacker to guess to begin with! Reading this post by Chris may help.
  6. When you’re buying something with PayPal, be sure to check that the site you are on is secure. Do this by checking the url bar. The site should contain “HTTPS”. This will help you determine if the site is fraudulent or not. You can also do research on Google about certain sellers that you may not be sure of.
  7. Shop with well-known companies who have established a good reputation.

My biggest piece of advice to you if something does happen, is to be vocal about it. Tell your story. The more times and places you tell it… the more people will hear and pass it along.

[rsslist:http://shop.tagjag.com/products/shopping]

Want to embed this video on your own site, blog, or forum? Use this code or download the video:

How Do You Remember Your Passwords?


Add to iTunes | Add to YouTube | Add to Google | RSS Feed

We’ve talked about passwords before, and how to make them secure. You should also never use the same password in more than one location at the same time. If you’re like me, you have tons of passwords, for several different places. So how do you keep track of them, and remember them all? Writing them down on paper isn’t the best way to keep them secure. It definitely isn’t secure to keep them in a text file on your computer!

SuperGenPass allows you to remember just one password (your “master password”), which is used to generate unique, complex passwords for the Web sites you visit. SuperGenPass is a bookmarklet, so there’s no software to install. It works right from your Web browser and integrates with login forms. SuperGenPass never stores or transmits your passwords, so it’s easy and safe to use on multiple computers, even while traveling. It’s also completely free.

It doesn’t get any easier and safer than that. I recommend you check this site out. If you have other programs, websites or ways of keeping your passwords secure, let me know about them.

Want to embed this video on your own site, blog, or forum? Use this code: