NEWSLETTER FOR FEBRUARY 2007
Newsletter index for 2007 | 2006
| February 2007 Newsletter
All security ultimately starts with passwords. Whether you know it or not, everyone reading this uses passwords everyday. If you are using DSL for your Internet connection, you wouldn't be able to get on the Internet if it wasn't for your account password (tied to your primary email account and is automatically submitted via your router/modem), even this happens automatically after initial setup. And everyone should be using a password to log into your Windows account (to set password - Start/Control Panel/User Accounts). This issue is about passwords and how to fix common mistakes that have become habit and that are hard to break. With the "Common" and "Encrypted" passwords below, ask yourself "Which one is safer to use?"
Common Passwords examples (If yours is listed, this is strictly coincidental):
"Encrypted" Passwords examples:
- (you would be surprised how many use the 2 previous passwords)
Don't let the above passwords discourage you from reading further. Doing "encrypted" passwords is easier then you think!
If you are satisfied with your current password management, you do not need to read this newsletter as it will bore the socks off of you!
Passwords: Are you doing this?
For me, this issue of passwords I take to heart. I have made all or some of the same mistakes that I am going to talk about at one time or another. It wasn't until a web site got hacked into and all the login passwords and info (yes mine) was compromised that I woke up. It was then that I decided to do some research for a better solution. Here are the most common mistakes and see if any apply to you:
- Use the same password or two for all the sites that require login. Even for financial accounts! (guilty)
- Keep passwords on bits of paper in a drawer or on post-it notes around our monitor.
- Keep passwords in a notebook without any organization to it. (guilty)
- Use our name, our pets name, our other personal information in creating our password
- Using short passwords (4 to 6 characters)
If you don't fall somewhere in that list, then I applaud you! Although it has been years, I was guilty of the following; using the same password on many sites and putting everything in a notebook. Hopefully, when you are done with this newsletter you will "retool" the way you use passwords!
Back to Top
Passwords: New Approach
For me, I was pushed into doing something different. Sure, I could of just shrugged off the fact that a site that I logged into was hacked. So what! However, the more I thought about it, it was clear that I had to take a new approach. The facts were staring me in the face. Whoever hacked the site, now had personal information about me and it would not be hard to get into other sites, such as Ebay with my account information. So, what to do. I had heard about password managers and tried using several. Even though Mozilla Firefox has a password manager, it really didn't fit the bill for me. I wanted something that would make it not only easy to log in, but that could generate a strong password for me.
You see a new approach not only starts with a strong password, but it has to be one that is different from site to site. The best thing of course is to remember all passwords on all sites and recall it at a moments notice. My brain does not function like that. If yours does, you are in business and you do not need a password manager and in my book that makes you a savant (OK, only if you use different tough passwords on at least 50 accounts or more :-) and they are at least 8 characters in length). I have yet to run into someone who doesn't write passwords down somewhere, so most of you fall into my camp. It is the reason most of us pick passwords that are easy to remember so we don't have to look it up. Hence, the pet names, spouse names, birth dates, etc.
Back to Top
Passwords: Tools such as Roboform and Password Hasher
As I have mentioned in past newsletters and is a permanent link at the bottom of all newsletters is Roboform (works on both IE and Firefox). This software program runs $29.95 for one computer and $9.95 for each additional license. It is however free to use for the first 10 passcards (login info such as: site, account login id and password). I have used it for a couple of years and I have to say for me it is the best solution and is easy to use (yes even for you non-geeks out there).
I highly recommend anyone taking passwords seriously to read the article below from Wired News. After reading it, you will appreciate any password manager that you end up using and understand it's importance. From that article you will read that there is an open source program that is free. I have not used it as I use Roboform, so if any of you install it, I would like to hear from you and get your opinion. It is called Password Safe.
At a minimum I would use Mozilla's password feature. Keep in mind two things however. You need to create good passwords (read article in section below on how to do this) and you must create a master password to access passwords in Mozilla, otherwise in my opinion why bother.
There are other tools that can be found on the Internet as well as add-ons to Firefox. An example would be Password Hasher which is an add-on for Firefox.
Back to Top
Passwords: In Depth Reading
A great article of those wanting more in depth information on passwords from Wired: http://www.wired.com/news/columns/1,72458-0.html
Back to Top
If you got this far, you are taking Passwords seriously and I would like to reward you. For the first time, I am giving away a gift to a reader of this newsletter. It is a Port Replicator from Kensington that instantly turns any notebook into a desktop! Go to the Amazon link in the previous sentence to read more. Here are the rules to enter:
- There will be only one winner drawn by me (as I have only one Port Replicator)
- Prize is a Brand New never opened Kensington Portable Universal Docking Station 33055
- Drawing will be done on February 10th, 2007 from all entries submitted prior to that date with the correct answer to the question in bold below.
- Anyone can participate and it is a great gift for anyone with a laptop or planning to buy a laptop
- You must answer the following question correctly (hint: it can be found in the article by wired.com in the previous section)
According to Eric Thompson of AccessData, a typical password consists of a root plus an appendage. A root isn't necessarily a dictionary word, but it's something pronounceable.
Back to Top
Question: Read the above statement and answer this: What is an appendage?
Send your answer to me to the following email address: firstname.lastname@example.org
Note: Contest has ended!
Most keyboards come with the Windows Logo key to the left and in between the control and alt keys. Using this key in conjunction with other keys produces a shortcut to do specific things. For example to clear the desktop of windows that are open, hold the Windows Logo key and press the "D" key. Do it again and your windows populate your desktop again. Windows Logo key and the "F" key opens up the search box. To learn about other shortcuts on Windows XP, go to Windows support site
If you are using Foxytunes in your Firefox browser, did you know that you can do the same with Thunderbird? Well you can! Foxytunes for Thunderbird can be installed on current version 1.5 to 3.0a1. Follow online installation instructions.
Did you know that you can bookmark tabs into one bookmark? For example you are research car parts and have many tabs open from different sources. You can save them by clicking on Bookmarks in the file toolbar, and then "Bookmark All Tabs". Name and select where you want the bookmark stored. The next time you select that bookmark, all tabs will open at once!
Back to Top