Posted by Daryl Rinaldi on Mon, Dec 28, 2009 @ 05:12 PM
The previous post told you about a cool little tool called Roboform that allows you to not have to remember a bunch of different passwords. As an IT Support company, we at GizmoFish advise our customers on IT Security best practices. Part of that discussion is often providing advice on creating passwords that are longer, more complex, and therefore more secure. Here are some tips:
1. Think pass-phrase, not pass-word. A long phrase of strung together words can be just as easy to remember but much harder to crack. Ex."TheBostonCelticsbeatLA".
2. Use an absolute minimum of 8 characters (more is better.) Using an easy to remember phrase makes it much easier to add length.
3. Replace letters with numbers or symbols in words. 1 for i or l, 0 for o, @ for a or e, 5 or $ for s are just a few examples. Ex. TheB0st0nCelt1c$be@tLA"
4. Use the first letters of the 1st line of your favorite song. Ex. There's a lady who's sure all that glitters is gold = talwsatgig. Easy to remember (sing to yourself), hard to guess.
5. Never use your name or initials in any passphrase. C'mon, how easy do you want to make it for the bad guys? Ditto your birthdate. Think that info is hard to get?
Posted by Daryl Rinaldi on Sun, Dec 27, 2009 @ 04:37 PM
I know, I know; You have too many passwords to remember so the easiest thing to do is make them all the same and all short and easy to remember - right? -- Wrong! I hope your IT Support firm has told you that while that may save you frustration it also leaves you easy prey to password guessers and crackers. Fortunately there is a better solution -- use Roboform. Roboform is a great little product that adds a toolbar to your internet browser with all of your website user names and passwords. You only have to remember 1 password -- the password to open Roboform (Please please please make THAT a complex password). Every other password is in the Roboform software. In fact even the links to the login pages for your saved websites are in the Roboform toolbar so you don't have to remember the URL or add it to your favorites.
So just click on the Roboform toolbar and select, for example, the GizmoFish Customer Login and your browser will go to the GizmoFish site that allows customers to create tickets and view and edit existing tickets, Roboform will fill in your user name and password and click the login button for you. And Roboform is smart enough to recognize if you change your password to a site and ask you if you want to update the information in Roboform. Roboform saves the information in a strongly encrypted format for security.
I must say that some people in the IT industry think that Roboform is a security problem because access to all your sites is protected by only 1 password. While we recognize that concern, in our experience people have too many sites to create and remember complex passwords for so they end up just using either the same password (or almost the same one) or very short and easy-to-remember (and thus easy to crack) passwords. We think the risk is much higher that people will use simple, easy-to-crack passwords than the risk that someone with nefarious intent will obtain your PC and crack your roboform password. With roboform you can use more complex and random passwords than you ever would if you had to remember them yourself. In fact Roboform will even generate random complex passwords for you!
Roboform is well known and respected in the industry. It was was named PC Magazine Editor's Choice, and CNET Download.com's Software of the Year.Roboform works with Internet Explorer and Mozilla. The best $29.95 you ever spent! Click on the image below to to to the Roboform home page to learn more or to purchase.
PS. And to you cynics out there -- No we do NOT resell or get a commission on Roboform. We just think it is a great product that you should know about.
Posted by Daryl Rinaldi on Sun, Dec 20, 2009 @ 12:47 PM
Did you know according to a recent study by Dell and the Poneman Institute that:
- Up to 12,000 laptops are lost or stolen in U.S. airports each week.
- Between 65 and 70 percent of lost laptops are never reclaimed.
Think any important, sensitive business data could be on those laptops? Yea, me too. OK even though I'm sure this could never happen to you (ahem) here are 4 quick tips from our friends at Sunbelt Software makers of our absolute favorite Anti-Virus/Anti-Spyware Program VIPRE, about how to protect yourself just in case...
- Computrace: If you are familiar with LoJack for your car there is one available for your laptop as well. Computrace LoJack for Laptops by Absolute Software is a software-based theft recovery service. It tracks and locates stolen computers and lets you remotely wipe all data from the hard drive.
- Passwords, Passwords, Passwords: Pretty commonsense advice here: Don't make them short and simple (Think pass-phrase, not pass-word); change them regularly, and don't share them with strangers. Be sure your laptop requires a password or a fingerprint scan to log on. We strongly suggest you automate and secure the many passwords you use with my personal #1 favorite piece of software ever: RoboForm. RoboForm encrypts and stores all your passwords for you so you only have to remember 1 password and it remembers all the rest. Cool huh?
- Be Watchful: Observe your surroundings. I don't mean to sound paranoid but there are serious thieves who specialize in stealing laptops (especially when going through airport security). Watch for those watching you. You don't have to be weird about it, just stay alert.
- Not All Wi-Fi Is Created Equal: Look for legitimate hotspots and not fall prey to some nefarious doings. It is better to pay a fee and be safe than try to log in where you don't belong. Better yet get an aircard for your PC that lets you get online using the cell phone network anywhere that gets reception -no more hunting around for a wi-fi hotspot!
Posted by Daryl Rinaldi on Tue, Dec 15, 2009 @ 12:40 PM
Scam Alert!
Be careful about scam emails offering urgent security updates from Microsoft. These emails try to trick you into downloading dangerous malware (viruses or spyware). Microsoft does NOT send unsolicited emails and they do NOT send attachments. If you have automatic updates turned on your PC will download them automatically. You won't get an email from Microsoft about it.
Your IT Support Vendor should have you well-protected with:
1. A fully-monitored anti-virus and antispyware system
2. 24/7 monitoring of your network for unusual activity
3. A fully-monitored complete backup system so that you can recover even if a virus wipes out your critical business data.
With these 3 layers of protection in place you are well-protected even if you inadvertently download something you shouldn't.