Shagmiser Journal

A running diary of Internet Marketing tips and hints, some of the projects I'm involved in, and useful thoughts (I hope) about how to put some extra change in your pocket.

Wednesday, June 17, 2015

Is Last Pass the Best Password Helper / Tracker / Vault Protector?

LastPass

Five Best Password Managers
LastPass is clearly the juggernaut here, and for good reason. The service was one of the first well-rounded password managers available, and one of the first that really made it easy to store all of your passwords either online and synced with other computers and devices, or locally on one device. In short, LastPass remembers your passwords so you don't have to, and makes it easy to audit your passwords, use stronger passwords in general, and even automatically change a password for you if a service has been hacked or compromised. LastPass supports two-factor authentication for your password vault using Google Authenticator, USB devices (using a method we've outlined before), or a YubiKey, The service picked up a much-needed update a year or so ago to streamline the UI and make it easier to use, and sports a number of additional features like credit monitoring, secure password and document storage (and sharing), notifications when a site you have an account with has been hacked, tools to autofill forms and streamline online shopping, and more. LastPass supports Windows, OS X, Linux, Android, iOS, Windows Phone, and Blackberry, and has plugins for Chrome, Firefox, Safari, Opera, and Internet Explorer. It's free to download and use, but if you want its best features and the mobile apps, you'll need to upgrade to LastPass Premium, at $12/yr.
How to Audit and Update Your Passwords After a Service Gets Hacked
When something like a password database compromise happens, it's a good time to reassess your… Read more
LastPass' nomination thread was huge, with many of you showing your support for the app because it's made securing your online life easier in some shape or form. Many of you explained that you use LastPass so you don't use the same password on every site (which you absolutely shouldn't do), or so you don't have to write down passwords and risk losing them in a disaster, misplacing them, or accidentally letting someone else get a hold of them. Many of you praised LastPass' own security for keeping your data safe, and for—that one time they thought they may have been hacked—promptly locking everyone's data down, making sure they were in the clear, and encouraging users to take additional steps to protect themselves. If you want to learn more about LastPass, they stopped by to tell us the story behind the app not too long ago, and you can read their nomination thread here.
Posted by Dick Hale at 10:03 AM No comments:

Monday, March 31, 2014

Russell Brunson's ClickFunnel Video Prelaunch

Russell is about to launch a new all encompassing project ClickFunnels. Watch the video to see what all the fuss is about!


Post by ClickFunnels.
Posted by Dick Hale at 7:45 PM No comments:

Saturday, January 04, 2014

Bona Fide Graphics Firesale



"Grab these awesome graphics for your website!"

I've just launched my first ever Graphics Firesale:
http://www.bonafidegraphicsfiresale.com


My partner and his team spent the better part of the past year creating this package for you, and I'm really proud of the end result.

When you see the quality of these graphics, you'll understand why I'm very excited about it.

I should also mention... the price will make you happy too :-)

I'd be honored if you would check this out today:
http://www.bonafidegraphicsfiresale.com

It will be online for just a few weeks at this price, so don't delay.

Have a great day!
R. David
Posted by Dick Hale at 5:30 PM No comments:

Friday, June 07, 2013

Jeanne and the Z Group Visit Brookgreen Gardens

Jeanne and the Z Group Visit Brookgreen Gardens
Posted by Dick Hale at 5:58 PM No comments:

Tuesday, November 13, 2012

How to Devise Passwords That Drive Hackers Away

This is a reprint of an article posted by Nicole Perlroth in the New York Times, Business Day, Personal Touch section. I thought it important enough yo re-post it in my blog.

If you'd like to read the original article, click the following link:

http://www.nytimes.com/2012/11/08/technology/personaltech/how-to-devise-passwords-that-drive-hackers-away.html?ref=personaltechemail&nl=technology&emc=edit_ct_20121108&_r=1&

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

How to Devise Passwords That Drive Hackers Away

By NICOLE PERLROTH
Published: November 7, 2012
Not long after I began writing about cybersecurity, I became a paranoid caricature of my former self. It’s hard to maintain peace of mind when hackers remind me every day, all day, just how easy it is to steal my personal data.

Within weeks, I set up unique, complex passwords for every Web site, enabled two-step authentication for my e-mail accounts, and even covered up my computer’s Web camera with a piece of masking tape — a precaution that invited ridicule from friends and co-workers who suggested it was time to get my head checked.

But recent episodes offered vindication. I removed the webcam tape — after a friend convinced me that it was a little much — only to see its light turn green a few days later, suggesting someone was in my computer and watching. More recently, I received a text message from Google with the two-step verification code for my Gmail account. That’s the string of numbers Google sends after you correctly enter the password to your Gmail account, and it serves as a second password. (Do sign up for it.) The only problem was that I was not trying to get into my Gmail account. I was nowhere near a computer. Apparently, somebody else was.
It is absurdly easy to get hacked. All it takes is clicking on one malicious link or attachment. Companies’ computer systems are attacked every day by hackers looking for passwords to sell on auctionlike black market sites where a single password can fetch $20. Hackers regularly exploit tools like John the Ripper, a free password-cracking program that use lists of commonly used passwords from breached sites and can test millions of passwords per second. 

Chances are, most people will get hacked at some point in their lifetime. The best they can do is delay the inevitable by avoiding suspicious links, even from friends, and manage their passwords. Unfortunately, good password hygiene is like flossing — you know it’s important, but it takes effort. How do you possibly come up with different, hard-to-crack passwords for every single news, social network, e-commerce, banking, corporate and e-mail account and still remember them all? 

To answer that question, I called two of the most (justifiably) paranoid people I know, Jeremiah Grossman and Paul Kocher, to find out how they keep their information safe. Mr. Grossman was the first hacker to demonstrate how easily somebody can break into a computer’s webcam and microphone through a Web browser. He is now chief technology officer at WhiteHat Security, an Internet and network security firm, where he is frequently targeted by cybercriminals. Mr. Kocher, a well-known cryptographer, gained notice for clever hacks on security systems. He now runs Cryptography Research, a security firm that specializes in keeping systems hacker-resistant. Here were their tips: 

FORGET THE DICTIONARY If your password can be found in a dictionary, you might as well not have one. “The worst passwords are dictionary words or a small number of insertions or changes to words that are in the dictionary,” said Mr. Kocher. Hackers will often test passwords from a dictionary or aggregated from breaches. If your password is not in that set, hackers will typically move on. 

NEVER USE THE SAME PASSWORD TWICE People tend to use the same password across multiple sites, a fact hackers regularly exploit. While cracking into someone’s professional profile on LinkedIn might not have dire consequences, hackers will use that password to crack into, say, someone’s e-mail, bank, or brokerage account where more valuable financial and personal data is stored. 

COME UP WITH A PASSPHRASE The longer your password, the longer it will take to crack. A password should ideally be 14 characters or more in length if you want to make it uncrackable by an attacker in less than 24 hours. Because longer passwords tend to be harder to remember, consider a passphrase, such as a favorite movie quote, song lyric, or poem, and string together only the first one or two letters of each word in the sentence. 

OR JUST JAM ON YOUR KEYBOARD For sensitive accounts, Mr. Grossman says that instead of a passphrase, he will randomly jam on his keyboard, intermittently hitting the Shift and Alt keys, and copy the result into a text file which he stores on an encrypted, password-protected USB drive. “That way, if someone puts a gun to my head and demands to know my password, I can honestly say I don’t know it.” 

STORE YOUR PASSWORDS SECURELY Do not store your passwords in your in-box or on your desktop. If malware infects your computer, you’re toast. Mr. Grossman stores his password file on an encrypted USB drive for which he has a long, complex password that he has memorized. He copies and pastes those passwords into accounts so that, in the event an attacker installs keystroke logging software on his computer, they cannot record the keystrokes to his password. Mr. Kocher takes a more old-fashioned approach: He keeps password hints, not the actual passwords, on a scrap of paper in his wallet. “I try to keep my most sensitive information off the Internet completely,” Mr. Kocher said. 

A PASSWORD MANAGER? MAYBE Password-protection software lets you store all your usernames and passwords in one place. Some programs will even create strong passwords for you and automatically log you in to sites as long as you provide one master password. LastPass, SplashData and AgileBits offer password management software for Windows, Macs and mobile devices. But consider yourself warned: Mr. Kocher said he did not use the software because even with encryption, it still lived on the computer itself. “If someone steals my computer, I’ve lost my passwords.” Mr. Grossman said he did not trust the software because he didn’t write it. Indeed, at a security conference in Amsterdam earlier this year, hackers demonstrated how easily the cryptography used by many popular mobile password managers could be cracked. 

IGNORE SECURITY QUESTIONS There is a limited set of answers to questions like “What is your favorite color?” and most answers to questions like “What middle school did you attend?” can be found on the Internet. Hackers use that information to reset your password and take control of your account. Earlier this year, a hacker claimed he was able to crack into Mitt Romney’s Hotmail and Dropbox accounts using the name of his favorite pet. A better approach would be to enter a password hint that has nothing to do with the question itself. For example, if the security question asks for the name of the hospital in which you were born, your answer might be: “Your favorite song lyric.” 

USE DIFFERENT BROWSERS Mr. Grossman makes a point of using different Web browsers for different activities. “Pick one browser for ‘promiscuous’ browsing: online forums, news sites, blogs — anything you don’t consider important,” he said. “When you’re online banking or checking e-mail, fire up a secondary Web browser, then shut it down.” That way, if your browser catches an infection when you accidentally stumble on an X-rated site, your bank account is not necessarily compromised. As for which browser to use for which activities, a study last year by Accuvant Labs of Web browsers — including Mozilla Firefox, Google Chrome and Microsoft Internet Explorer — found that Chrome was the least susceptible to attacks. 

SHARE CAUTIOUSLY “You are your e-mail address and your password,” Mr. Kocher emphasized. Whenever possible, he will not register for online accounts using his real e-mail address. Instead he will use “throwaway” e-mail addresses, like those offered by 10minutemail.com. Users register and confirm an online account, which self-destructs 10 minutes later. Mr. Grossman said he often warned people to treat anything they typed or shared online as public record.
“At some point, you will get hacked — it’s only a matter of time,” warned Mr. Grossman. “If that’s unacceptable to you, don’t put it online.”
Posted by Dick Hale at 4:29 PM No comments:
Older Posts Home
Subscribe to: Posts (Atom)

Wanna Really Get in Shape?

  • Home Get Fit Hub

My Blog List

  • Pray for Surf - We're @thebeach
    8 years ago
  • R. David Hale's Blog

The Legal Forms Generator

Website Legal Forms Generator

The Shagmiser's Important Links

  • 00. Bona Fide Graphics Firesale
  • 01. FREE Internet Marketing Library
  • 02. PLR Empire Profits
  • 03. WP Redirect Bot
  • 04. Tailwind Trading
  • 05. Trade Pro
  • 06. The Internet Retirement System
  • 08. Simple List Building Blueprint Course
  • 09. The Truly Raw Food Diet
  • 10. The Digital Shores Connection
  • 12. The Shagmiser's Main Site
  • 20. Over 100 Business Specific Articles about the Internet
  • 25. Site Sell - SBI - 5 Pillar Program

Pray for Surf - We're @thebeach

Loading...

About Me

My photo
Dick Hale
I am an Internet Marketer Advisor (IMA)and Consultant. I am retired, work from home, and supplement my meager retirement income with IM projects earning me passive (recurring) income through automated, "set and forget" systems.
View my complete profile

Sign Up Form for the Shagmiser Blog

Blog Archive

  • ▼  2015 (1)
    • ▼  June (1)
      • Is Last Pass the Best Password Helper / Tracker / ...
  • ►  2014 (2)
    • ►  March (1)
    • ►  January (1)
  • ►  2013 (1)
    • ►  June (1)
  • ►  2012 (3)
    • ►  November (1)
    • ►  March (1)
    • ►  January (1)
  • ►  2011 (8)
    • ►  June (1)
    • ►  May (1)
    • ►  March (1)
    • ►  February (3)
    • ►  January (2)
  • ►  2010 (17)
    • ►  December (2)
    • ►  November (2)
    • ►  October (2)
    • ►  August (2)
    • ►  July (1)
    • ►  May (2)
    • ►  April (1)
    • ►  March (1)
    • ►  February (2)
    • ►  January (2)
  • ►  2009 (26)
    • ►  December (2)
    • ►  November (1)
    • ►  October (2)
    • ►  September (2)
    • ►  August (1)
    • ►  July (3)
    • ►  June (3)
    • ►  May (1)
    • ►  April (4)
    • ►  March (3)
    • ►  February (1)
    • ►  January (3)
  • ►  2008 (33)
    • ►  December (1)
    • ►  November (1)
    • ►  October (3)
    • ►  September (3)
    • ►  August (5)
    • ►  June (4)
    • ►  May (2)
    • ►  April (3)
    • ►  March (6)
    • ►  February (1)
    • ►  January (4)
  • ►  2007 (20)
    • ►  December (2)
    • ►  November (5)
    • ►  October (11)
    • ►  September (1)
    • ►  July (1)
Simple theme. Powered by Blogger.