Tyler S. Miller

Posts Tagged ‘passwords’

Stir the Nation – Episode 14

In this episode, we talk about: Boy Scouts, Hannah Montana, Obtaining an Eagle Scout, Gmail Hacking, Passwords, Change, Motivation, Roy Rant: Charities.


Direct Download: Stir the Nation – Episode 14

Stories: $800 Apple, Operation Jack (PLEASE VOTE!), Hacked Chrome.

Advertise with us: http://stirthenation.com/sponsor/

Call us: 443-494-9797
Official Website: http://stirthenation.com
Email us: info@stirthenation.com

Monday, July 12th, 2010 at 2:12 pm
Stir the Nation | , , , , , , ,
1 Comment »

Living with Passwords – Review

I talk a lot on this blog about password security and strength…and let me touch a little more on it again.

Passwords should be over 16 characters with lower case and upper case characters and include numbers and symbols.

This is NOT a secure password: mydogsnameisbill

If you cannot tell, it says “my dogs name is bill” but it’s just put into one word.  Please do not use passwords like this, instead do this.

This is a secure password: MyD0g’sN4m3is8ill

Now, it is still the same non secure password as listed above, but some added characters and numbers make it secure.  According to Microsoft’s Password Checker, the non secure password has a rating of Weak, while the same password altered has a rating of Best.

This password introduction is in fact leading to something more….Symantec, the makers of Norton AntiVirus posted a blog article called “Living with Passwords”.

The blog author’s intro is as follows:

I recently ran a survey on password management.  You can see my original blog and even take the survey yourself here.   At best, I thought 20 or so of you would take the time to fill out the survey…and that would include most of my close relatives.  However, instead we got more than 400 responses in a few short days (not even including my relatives).  So, thank you to all who took the time to complete the survey.  I’ve posted the results below.

I want to comment on some of the results.  It may be a stretch to draw too many definitive conclusions from the data, but it will be fun nonetheless.  If anyone wants to comment, correct or vehemently disagree with any of my conclusions please feel free to do so.

Let’s get started!

I am not going to include the entire post here, but I want to bring more press to it because I find it very interesting.

I do want to touch on a few key points, however.

6. How do you remember your passwords? Mark all that apply.
My browser keeps track of my password 101 23%
Post-it note or typed list near my computer 33 7%
Word document on my computer 47 11%
Memory 263 59%
Password management software 145 33%
Other, please specify 49 11%

Almost 80 percent of us have six or more password protected accounts, yet almost 60 percent of us are also using our memory to keep track of them.  I have to confess that after memory failed me repeatedly, I moved to a password manager.  Memory is still my main method, but the password manager is a critical back-up as my cranial hard drive seems to fail me constantly.  Speaking of hard drive failures, how many of you password management software users back that up?  I lost a hard drive last year and spared myself a lot of pain by having the database of my password manager backed up.

2. How do you choose passwords for these sites?
They are all the same password 37 8%
I have just a few passwords that I alternate for all my accounts 199 45%
I have a few duplicate passwords, but mostly they are unique 130 29%
I have a different password for each account 80 18%
Total 446 100%

According to the results of question 2, only eight percent of respondents use the same password everywhere.  This was an encouraging result and again proves that our readers are pretty darn smart. I fall into the 28 percent that have a few duplicate passwords.  Maybe it’s pure laziness on my part, but it’s certainly convenient for my faulty memory, and those three extra mouse clicks to create an entry in the password manager can tire me out.  But seriously, I’m working my way out of the habit.  I hope the other 28 percent of you are as well.  As a first step, do what I do and at least evaluate the risk involved before you use a duplicate password.  Ask yourself, Is there a risk to my money, data or identity if I use a duplicate password here?  How many accounts will I be putting at risk if I lose this password?  No doubt you have accounts where a stolen password really wouldn’t matter, but the number of those accounts may be less than you think.  A year ago, many people probably thought they could afford to lose their login and password on Facebook.  Then their “friends” started asking for plane fare to get home from London.

For more on this post, please visit the source and read on.  Passwords are what is keeping your identity safe on the web…please choose wisely.

Original Symantec Blog Post: Living with Passwords

Sunday, March 28th, 2010 at 2:10 pm
Everything |
1 Comment »

Business Network Security

A recent trip out of state to a hotel made me wonder if anyone these days is being security focused.  Watch this video to see how insecure business networks actually are.

Monday, March 22nd, 2010 at 11:52 am
Videos | , , , , , ,
Leave A Comment »

TrueCrypt Review

You may think that your data is safe when you use a password to protect your user account, but in reality, that is a horrible line of defense against hackers.  If the hacker has physical access to your machine, he can easily bypass your login and get to your information anyway.  Bookmarks, documents, pictures, financial data can all be accessed if you do not protect it properly.

In this post, I am going to tell you about TrueCrypt…a free and open source program to protect your data from prying eyes.  As said, TrueCrypt is free and to me, easy to use.  Let’s talk about how TrueCrypt works.  You can do one of two things with TrueCrypt initially.  One of the things is creating a file container to drop documents into.  This encrypted container is mounted like a normal drive in Windows and shows up in My Computer.  The other thing you can do is encrypt half or all of your operating system.  When you boot to Windows, you are prompted for a password and if the password is incorrect, the system will not boot.  Either way your data is safe and only the person with the password can access it.

I will do a video post on how to set up TrueCrypt on systems, but I just wanted to release this brief overview before I dive into the video.  The video will be released in a few days and if you want to try TrueCrypt, go check it out.  Just don’t start encrypting your operating system without consulting the documentation.

Do you use TrueCrypt?  And what do you use the program for…meaning file container or operating system encryption?

Video will be comings soon.

Thanks for visiting.

Wednesday, March 10th, 2010 at 1:48 pm
Everything | , , , , , ,
Leave A Comment »

Microsoft Defeats Botnets

Microsoft has taken a stand and won a court approval to bring down 277 domains that operate botnets.  These 277 domains are said to be able to control over 90,000 computers over the Internet.  What is botnet?  This diagram was written in the BBC News article, and explains it very well.

Credit: BBC News

Basically your computer has been compromised by some type of malware you installed or downloaded without knowing it.  The hacker on the other end can group together many computers and start spamming other people through your computer and Internet connection.  There are over 90,000 computers infected…which means one of them could be yours.  I recommend reinstalling your operating system, or running an anti-virus program and making sure your system is clean.  If your machine has been compromised…change all passwords to everything including Facebook, online banking, email, etc.

It’s good Microsoft is taking a stand on this and trying to combat the spammers and hackers in the world.  And its good that the courts are backing them on this operation and hopefully something even better will come of this.

Friday, February 26th, 2010 at 11:49 am
Everything | , , , , , , ,
Leave A Comment »

School Webcams – FBI Involved

Here is an updated story from CNET on the case involving the school district that had been accused of using remote webcam technology to spy on students at home.  CNET Article.

Quotes from the article:

The district said in a statement that the “security feature was installed to help locate a laptop in the event it was reported lost, missing or stolen so that the laptop could be returned to the student.” The district further explained that “upon a report of a suspected lost, stolen or missing laptop, the feature was activated by the district’s security and technology departments. The tracking-security feature was limited to taking a still image of the operator and the operator’s screen.” The district claims it has “not used the tracking feature or Webcam for any other purpose or in any other manner whatsoever.”

Subsequently, district Superintendent of Schools Christopher W. McGinley sent a letter to parents saying that the security tracking feature is being disabled and that there will be “a thorough review of the existing policies for student laptop use” and a “review of security procedures to help safeguard the protection of privacy, including a review of the instances in which the security software was activated.”

In the mean time, the Associated Press is reporting that the FBI is investigating the district and “will explore whether Lower Merion School District officials broke any federal wiretap or computer-intrusion laws,” according to an unnamed official who spoke to the AP.

Your continued thoughts on this?

Should software this powerful be installed on students laptops?

Saturday, February 20th, 2010 at 1:14 pm
Everything | , , , , , , , , ,
Leave A Comment »

Passwords

The Internet is crawling with people trying to steal your identity and one line of defense is creating secure passwords.  A recent post on www.eu.com shows how insecure the average persons password really is.  Here is the diagram:

The best way to have very secure passwords is to randomly generate them.  I use PCTool’s free service, located here: http://www.pctools.com/guides/password/

The most common used passwords are: 1. 123456, 2. 12345, 3. 123456789, 4. Password, 5. iloveyou, 6. princess, 7. rockyou, 8. 1234567, 9. 12345678, 10. abc123

These passwords are horrible and the first thing tried when trying to break an account of any type.  Random passwords are the best option, as shown above.  You really need a mix of characters, numbers and symbols.  Most people resort to their pet names, SSN, house address, phone number, license place number, and the list goes on and on.  That is not the best practice for security!

Also, you should have different passwords for every site you use.  If you have the same password on your Gmail, Facebook, Blog, Twitter and MySpace, then if someone guesses that one password, they have access to all of your online life.  Creating a different password for every site is most secure.  To make things easy to remember, create a “master password” and add the site name to the end of it.  For example, my master password may be “Tyl3r5m1LL3r.C0m” and if I wanted to use that same password on Facebook, I would add the following: “Tyl3r5m1LL3r.C0mFacebook”.  That is a very secure password.

Give these practices a try, and let me know if you have trouble creating passwords.  I have a lot of password experience in both creating and securing them.

Is your password secure?  You might want to check!

Friday, February 19th, 2010 at 3:46 pm
Everything | , , , , , ,
Leave A Comment »