Security for Dummies

security tips and tricks

3 facts from one source

I have mentioned several times here and here we all need password manager. These three posts in the ITFacts strongly support my words. My statement is clear – we need password manager software. I suggest using portable one

63% of Americans use roughly the same password for different online accounts
63% of Americans admit to using the same password or a variation of it for all or most of their online accounts. 6.7% use a variation of a familiar password for most of their online accounts. 22.9% use the same password for most of their online accounts. 3.5% use the same password for all their online accounts.

66% of US employees write down passwords in unsafe places
US workers, managers, and IT staffs alike are increasingly confronted with difficulties arising from computer passwords. Over half of all respondents said the average employee in their firms are required to remember three to five passwords, with an additional 26% saying the number ranges from six to ten or more. 49% responded that employees are required to use passwords more than 25 times per week, with 8% stating the number of password uses exceed 100 per week. 66% stated that employees write down or store passwords in unsafe places, creating a security problem for their companies. 48% of responding IT professionals are actively seeking a reliable password management solution. While 79% of those taking the survey report that security is their number one password management concern, 39% also reported Lost Employee Productivity or Frustration as an issue. In addition, 31% said that helpdesk hours are either lost or spent in frustration by support personnel.

Only 14% of business users use a different password for each site
14% of the business users use a unique password for each site. 41% use the same password all the time, while the remaining 45% use “a few” different passwords.

Advertisements

July 13, 2008 Posted by | passwords, Security, Security Threats | , | 1 Comment

Back to passwords

Yes, we have lots of passwords – bank accounts, e-mails, computers, domains, instant messengers, you name it – and we need them all. We may forget them and we do. I am not talking about those who have only one password for all, they are just not aware of risks. Regular PC user needs at least 10 passwords.
I think that we all agree that we need a Password Manager. The only question is which one to chose.

What to Look for in Password Management Software
Password management software should be easy to use and useful to the most inexperienced computer user. It should also be secure enough to keep hackers out and passwords safe. These are the criteria that one shall consider when selecting a best suitable solution for his money:
• Feature Set – The best password management software provides applications and tools to help manage passwords and login information. This may include saving personal data or credit card information, program functions like web site launching capabilities. Automatic capture and filling of forms shall be of highest priority.
• Ease of Use – Password management programs should be easy to program and manage, even for computer novices.
• Portability – The ability to launch application and to save records to a removable device. Alternatively a web access to the stored passwords can be used
• Security – Most importantly, the software should provide password security to its user. Passwords shall be kept encrypted. User shall have an opportunity to make backups of saved information and generate passwords with encryption algorithms.
From the whole range of password managers only two answer these requirements:

RoboForm2Go – a popular one and
n-Pass2Go – the best one
Get it from CNET Download.com!

Alternative mode of operation, as I have mentioned already, is to store passwords online and access them from any computer. This novel approach deserves more attention.
First and most interesting IMHO is a Clipperz. Good – smart design, good idea, Ajax. Drawbacks –rather complicated operation. My personal concern is also about keeping all my passwords somewhere online. Even assuming that staff cannot access and decrypt my files, it can be done by hackers with brute force attack. And in case that I forget the master password – all gone.

Then, I would like to mention Passpack. Another nice and fast developing tool. It fills passwords automatically from the Ajax window. The same minor concern – keeping passwords, a most valuable information online. I personally will use it for some accounts not containing information on bank accounts, credit cards and social security.

The last one, myVidoop.com, was suggested by Kevin Fox in his comment to one of the previous posts. An interesting idea of replacement of master password with image categories was implemented there. Major drawback to my oppinion is a lack of portability. I mean that you need to install plug-in to enable automatic form filling. This is impossible when you are working on public computer or at work.

I am going to continue writing on password managers. Keep reading or subscribe to RSS

July 8, 2008 Posted by | passwords | , , | 4 Comments

5 reasons to use PORTABLE password manager

There are much more than 5, but I will start with these main points:

  1. You are human… never mind, no one is perfect. 
  2. We live in modern world with its cons and pros 
  3. We live in the era of globalization, just admit it 
  4. We live in the era of internet, Do you understand what this means? 
  5. There are bad guys there in the web, beware

Do I have to explain? OK, let’s make it clearer.
1. You are human, aren’t you?
You may forget anything, – your keys, your eyeglasses, your documents and your wallet. You DO forget your passwords. And even if you do remember your password, you can mistype it. “To err is human”. If you type it wrong several times – your account is blocked, and you have to ask administrator to reset it. And how often are you required to change your password to your bank account, web access, corporate VPN, etc? You wish there were no passwords at all. Just open the webpage and you are in.

2. We live in 21st century, aren’t we?
We have MANY accounts. We are using computers. We are working hard in the web. Therefore we have LOTS of passwords to remember. But we are still humans after all. And we do forget. Do you want to bet that you cannot remember 5 strings in a row? Just give it a try. Please remember the following:

mLUafc$eMJm_

IR_^Z7R(F8zH

Bp}Ea4O7Xk*s

p#VnD4}B}Z^}

@Bu&KG}N0n[X

Yes, maybe YOU can remember these 5 passwords. Then you are a genius and maybe this reason will not urge you to use these products, but let us look to the next reason.

3. We live in the era of globalization.
You can find yourself tomorrow in Milano, drinking a tiny cup of strong espresso in the internet café on the Via Corsa Di Porta Romano and trying to type your password for your Gmail account, but… you cannot find necessary letters, symbols are in the wrong place and the whole keyboard is somehow different… What a mess! And the very next day you appear in Russian beautiful city of Snt. Petersburg and find out that the keyboard is Cyrillic. You wish you could enter your password automatically, just like that – open the webpage and you are in, but at the moment you even do not know how to switch a keyboard to Latin layout. Ha?!

4. We live in the era of the Internet.
We keep information there. We purchase goods and services. We look for a partner or a spouse. We watch movies, we listen to music. We… Everywhere we go there in the web we need to prove our identity (the same username/password). Someone can guess it. Someone can spy it. Someone can get access to our money, documents, entire life. We are exposed to risks! Oh, my god!

What is even more alarming –
5. There are bad guys in the web.
Do you know what identity theft is? Did you ever receive some message from your bank that was never sent? Did you ever get an e-mail, requiring resetting password to your account? These messages are called phishing. If you ever followed their instructions – you’ve lost something. You’ve lost money or information or something even more valuable, like identity. Identity is not virginity, you never enjoy loosing it!

Is there a way to be safe, portable, light-hearted? Is there a way to make it convenient? Is there some automatic, simple, user-friendly and clear solution, working in the background and doing hard work for me? Maybe there is some solution that is not using much recourses of computer working on any PC without installation? Maybe there is some solution that I can take with me wherever I go?
Yes! There is an ultimate, convenient and secure solution.  Use password manager. Use password manager that fills forms automatically and does not require from you any additional actions. Use password management system that is convenient and user-friendly. Use the one that keeps your private data in encrypted database. Use n-Pass! This is my personal advice.

You, whoever you are, wherever you are, whatever you do, you need:  

  • Password management 
  • You need it to be portable 
  • You need it to be secure  
  • You need it to be simple, convenient and automatic
  • You need it to be n-Pass!   

Forget your passwords!
Give away your Stick-It notes!
Delete your text files you used to keep your passwords in!
Start using n-Pass today.

You do not have one?Take your free 60 days trial of n-Pass now!

Get it from CNET Download.com!

July 3, 2008 Posted by | identity theft, passwords, privacy, Security | , | 13 Comments