Tag Archives: online security

Create and Store Strong Passwords

05/03/2020 Tracey Dowdy 38 Comments

By Tracey Dowdy

By now we all understand the absolute importance of strong passwords to protect our personal data. Post-it notes get lost, hard copies kept in diaries and planners can be compromised, and smartphone memos and notes are also at risk.

The trick is to create and remember unique passwords for all your accounts. According to LogMeIn, which makes the LastPass password manager, it’s not uncommon for users to have 85 passwords for all your accounts, from banking to streaming to social media, making it impossible for the average individual to remember them all without help.

And although password security isn’t an iron-clad guarantee that your data will never be compromised or hacked, it certainly minimizes your risk. These tips will help you create, manage, and store secure passwords.

Write them down. That may seem counterintuitive, but if you have a safe, firebox, or file cabinet that can be locked, you can go old-school and write it down. Just be sure you limit the number of people who know you’ve written them down and where you store them.

Use a Password Manager. The best passwords are longer than eight characters, are hard to guess and comprised of a variety of characters, numbers and special symbols. The problem is those same features that make them hard to guess also make them hard to remember especially if you’re smart enough to use unique passwords for each account. Password managers like Dashlane, 1Password, and LastPass create secure, complex passwords and store them in an encrypted database.

Monitor whether your passwords have been compromised. Mozilla’s Firefox Monitor, Have I Been Pwned, and Google’s Password Checkup can show you which – if any – of your email addresses and passwords have been compromised in a data breach.

Avoid using birthdays, anniversaries, and other common passwords. Passwords like password, 123456, qwerty, or your birthday, anniversary, child, spouse or pet’s name are among the most common and easily guessed. If you’re using one or any of these, stop reading and go change it now!

The bigger the better. Eight characters are generally the suggested length for secure passwords but don’t be afraid to use more. The challenge, of course, becomes trying to remember those long, complicated characters, but that’s why password managers come in handy.

Don’t repeat your passwords. One of the biggest and most common mistakes we make, even with complex passwords, is repeating them across accounts. Don’t do it. Once they’ve guessed it for one, hackers will attempt to access other accounts leaving your data vulnerable.

Use two-factor authentication (2FA) Along with a complex, secure password, you should also use two-step verification (2FA) for an additional layer of protection so even if hackers guess your password, there’s an additional layer of protection. When you use 2FA, once the password is entered, you’ll be sent a one-time code – usually via text – so that only you can access the account. Without entering that code, the account remains locked.

Use an authentication app like Authy, Google Authenticator or Microsoft Authenticator instead of text messaging in 2FA. Once you’re set-up, you can choose to register your device or browser so you don’t need to keep verifying it each time you sign in.

By the way, a survey by the UK’s National Cyber Security Centre (NCSC), analyzed passwords belonging to accounts worldwide that had been breached. They also discovered that codes using names, sports teams and swear words are more popular than you might think.

The top 10 most common passwords were:

123456
123456789
qwerty
password
111111
12345678
abc123
1234567
Password1
12345

So, if you’re “protecting” yourself with any of those, it’s not a matter of “if” you’ll be hacked but “when.”

Tracey Dowdy is a freelance writer based just outside Washington DC. After years working for non-profits and charities, she now freelances, edits and researches on subjects ranging from family and education to history and trends in technology. Follow Tracey on Twitter.

Tech Trends/Lifestyle, Online Safety, How To, home

Secure Your Amazon Account

04/03/2020 Tracey Dowdy 303 Comments

By Tracey Dowdy

My debit card was recently compromised. Fortunately, seeing a charge for $500 worth of alcohol out of state was a red flag and I was able to correct the security breach before any additional charges were made. It made me hyper-aware of how easily our bank accounts and personal information could be accessed by individuals with criminal intent.

It’s not just skimmers at gas pumps, or ghost ATM’s and fake fronts, sometimes we do the leg work for the criminals by leaving our personal information vulnerable online. Think about how many online accounts you have with your credit card or other banking information stored. Your Amazon account may be the granddaddy of them all – not only is your address, shopping habits, preferences, and debit or credit card tied to the account, if you’ve shipped items or gifted services to friends and family, their address is available too. There’s no time like now to ensure your information – and theirs – is protected.

Start by making sure that the information linked to your Amazon account is up to date. Sign in to your account, click on Login & security and confirm your email address and phone number are accurate. If a hacker were to attempt accessing your account or try to change your security settings, Amazon will send you an email to confirm you are the one making the changes, and having a phone number linked to your account acts as a backup method to receive one-time passcodes.

Second, make sure you have a secure password, one that is unique to Amazon and not used across multiple platforms. Use a random password generator from a reputable site like Norton or choose from this list from CNET. Once you’ve come up with a new, secure password, go to Edit next to the password field under Login & Security. Enter your current password, copy and paste the new one, and then click Save changes.

You should also use two-step verification for an additional layer of protection. Password managers not only store your assigned password, but they also store the one-time passwords – OTP – that two-step verification uses. Once you turn it on, after entering your password, you’ll receive a text (or see it in an app – see below) with a one-time code to enter to complete the login. You cannot access the account without both. To turn on two-step verification, go to Login & security, and click the Edit button next to the 2SV settings, and then click Get started.

You have two options to receive your OTP codes: via text or via the Authenticator app. If you choose text, you’ll receive a message with your OTP code whenever you log into your Amazon account. If you choose the Authenticator app, you can access your code within your password manager or a dedicated authenticator app like Google Authenticator.

If you choose an Authenticator app, use your preferred app to scan the QR code. The app will display a six-digit code – simply enter it and click Verify OTP to continue.

On the next page, click Got it. Turn on Two-Step Verification.

This page will walk you through the process for signing into devices that can’t display the OTP prompt – e.g. your Kindle. Instead, you’ll need to enter your password followed by the OTP code in order to sign in.

How To, Stacey Ross on The Online Mom, home

How To Create Safe Passwords

15/07/2014 admin 68 Comments

By Stacey Ross

A few months back, I was reading an article about how to “spring clean” your online world and how various common oversights are leaving online enthusiasts vulnerable to hackers! I began to think of all of the emails, websites, and other accounts that, if in the hands of a hacker, could expose you to all sorts of nightmares.

So, what to do? For starters, consider a password make-over!

Common mistakes when making passwords

Looking at some of the most common passwords of 2015, ranging from “password” and “123456” to “football” and “login,” it is clear that hackers can access many accounts merely by repeatedly trying the most popular words or numbers.

Morgan Slain, CEO of SplashData, Inc., the computer security firm that compiled the list, shared, “If you have a password that is short or common or a word in the dictionary, it’s like leaving your door open for identity thieves.”

Be safer and sounder online

How many other common mistakes do we make? I spent a couple of hours chatting with Chris Duque, CyberSecurity Specialist/CyberSafety Advocate and a veteran of the Honolulu Police Department, who is an expert on online reputation management, cybercrime, cyber-bullying, over-sharing personal information, and much more.

I left the conversation eager to share his golden nuggets of advice, as he has a wealth of information, tips and insights that can surely lead to a safer online experience.

Seven tips for more secure passwords

There are several ways to protect our personal information and accounts, but Duque suggests a good start is to clean up our passwords.

1. Duque advises people who are active online to have five different e-mail accounts: a) family and close friends, b) the public, c) social media, d) banking, e) online shopping. Not only does it help you protect your private information, but it also helps organize your online activity.

2. Likewise, have different passwords for your various emails and online accounts. “Consider that a hacker opens one email account, he or she then has a field day that can destroy your life,” Duque shared. “You are less vulnerable if you make it harder to access your online information. If one account is compromised, it is safe to say that the others will be too. It’s best to prevent that!”

3. Steer away from using personal clues when creating passwords. Keep personal information such as your name, location, birthday, loved-one’s name and even your sex out of the mix. Personal information is often publicly available, which leaves clues as to what your password might be, so also avoid words that share your nickname, hobbies or things you are known for.

4. Create high quality passwords, but make sure you can remember them. You don’t want to use the same password for everything, but consider changing the prefix or suffix so your passwords are not entirely different.

5. Put some thought into creating passwords. Include numbers, symbols, and both uppercase and lowercase letters. Also consider a control character and a non-English word. Replace a number for a letter, for example, “i” for 1 and “0” for O.

6. Refrain from giving out your passwords but, if you must, then change them after you receive help. Do not email or text your passwords; rather call the person over the phone instead. Password managers such as LastPass and PasswordGenie are tools that encrypt and store passwords online, and some also help secure your information. Many people just choose to store their passwords in a safe place off the computer, like in a safe or hidden in a bookshelf (best to have them in more than one location). If you store them on your computer, be sure that they are well buried.

7. Be fake! When setting up emails and accounts, we are often asked security questions in case we forget our passwords. Duque advises us to change our passwords every six months or so and also shared this great piece of advice: “Hackers often are successful because they have clear clues as to what those answers might be, merely by studying the user’s profile. I advise creating your own questions, when that option is available, and give fake answers!” Nothing like throwing off a hacker, right?

Stacey Ross is an online consultant, social media enthusiast, freelancer and owner of SanDiegoBargainMama.com. A former teacher and middle school counselor, she is now a mom of two who researches and freelances about lifestyle topics involving family and well-being.