Security for Dummies

security tips and tricks

3 facts from one source

I have mentioned several times here and here we all need password manager. These three posts in the ITFacts strongly support my words. My statement is clear – we need password manager software. I suggest using portable one

63% of Americans use roughly the same password for different online accounts
63% of Americans admit to using the same password or a variation of it for all or most of their online accounts. 6.7% use a variation of a familiar password for most of their online accounts. 22.9% use the same password for most of their online accounts. 3.5% use the same password for all their online accounts.

66% of US employees write down passwords in unsafe places
US workers, managers, and IT staffs alike are increasingly confronted with difficulties arising from computer passwords. Over half of all respondents said the average employee in their firms are required to remember three to five passwords, with an additional 26% saying the number ranges from six to ten or more. 49% responded that employees are required to use passwords more than 25 times per week, with 8% stating the number of password uses exceed 100 per week. 66% stated that employees write down or store passwords in unsafe places, creating a security problem for their companies. 48% of responding IT professionals are actively seeking a reliable password management solution. While 79% of those taking the survey report that security is their number one password management concern, 39% also reported Lost Employee Productivity or Frustration as an issue. In addition, 31% said that helpdesk hours are either lost or spent in frustration by support personnel.

Only 14% of business users use a different password for each site
14% of the business users use a unique password for each site. 41% use the same password all the time, while the remaining 45% use “a few” different passwords.

July 13, 2008 Posted by | passwords, Security, Security Threats | , | 1 Comment

Portable antivirus, any good?

Once I was presenting at the potential customer. It was a serious company, very impressive meeting room with good presentation equipment. Of cause, I did not bring my laptop with me. I took my files on my flash drive. The presentation was successful as usual. The customer placed an order and everything could be nice, but… When I plugged my pendrive at work after the presentation, the antivirus got crazy. There were so many viruses, Trojans and worms there. My portable applications that I used to run from the drive were all infected. I lost a lot of time to clean it. Unfortunately the backup file was not quite up-to-date. I could restore my applications, but some data was unrecoverable. I wish I could detect viruses there… I do not blame anyone. I am just asking for your advice.

I know that there is a problem to make antivirus portable. From one side it shall be small footprint, from the other it shall get updates, it shall provide real-time protection.  I am looking for one that will work from the flash drive and scan all the activity and prevent copying viruses to my device. Yes, I know, there is ClamWin, a nice and free one, but does not suit my needs.

Do you know any good portable antivirus? Please leave your advice in comments.

July 11, 2008 Posted by | Antivirus | , | Leave a comment

Back to passwords

Yes, we have lots of passwords – bank accounts, e-mails, computers, domains, instant messengers, you name it – and we need them all. We may forget them and we do. I am not talking about those who have only one password for all, they are just not aware of risks. Regular PC user needs at least 10 passwords.
I think that we all agree that we need a Password Manager. The only question is which one to chose.

What to Look for in Password Management Software
Password management software should be easy to use and useful to the most inexperienced computer user. It should also be secure enough to keep hackers out and passwords safe. These are the criteria that one shall consider when selecting a best suitable solution for his money:
• Feature Set – The best password management software provides applications and tools to help manage passwords and login information. This may include saving personal data or credit card information, program functions like web site launching capabilities. Automatic capture and filling of forms shall be of highest priority.
• Ease of Use – Password management programs should be easy to program and manage, even for computer novices.
• Portability – The ability to launch application and to save records to a removable device. Alternatively a web access to the stored passwords can be used
• Security – Most importantly, the software should provide password security to its user. Passwords shall be kept encrypted. User shall have an opportunity to make backups of saved information and generate passwords with encryption algorithms.
From the whole range of password managers only two answer these requirements:

RoboForm2Go – a popular one and
n-Pass2Go – the best one
Get it from CNET Download.com!

Alternative mode of operation, as I have mentioned already, is to store passwords online and access them from any computer. This novel approach deserves more attention.
First and most interesting IMHO is a Clipperz. Good – smart design, good idea, Ajax. Drawbacks –rather complicated operation. My personal concern is also about keeping all my passwords somewhere online. Even assuming that staff cannot access and decrypt my files, it can be done by hackers with brute force attack. And in case that I forget the master password – all gone.

Then, I would like to mention Passpack. Another nice and fast developing tool. It fills passwords automatically from the Ajax window. The same minor concern – keeping passwords, a most valuable information online. I personally will use it for some accounts not containing information on bank accounts, credit cards and social security.

The last one, myVidoop.com, was suggested by Kevin Fox in his comment to one of the previous posts. An interesting idea of replacement of master password with image categories was implemented there. Major drawback to my oppinion is a lack of portability. I mean that you need to install plug-in to enable automatic form filling. This is impossible when you are working on public computer or at work.

I am going to continue writing on password managers. Keep reading or subscribe to RSS

July 8, 2008 Posted by | passwords | , , | 4 Comments