Archive for the ‘General’ Category

« Older Entries

Back to basics – protecting yourself online

Monday, July 26th, 2010

Basic advice for staying safe while staying connected on vacation. Actually – it’s very good advice for your everyday usage, also! As with the great majority of advice you’ll see here, or on the Sticky Password facebook page or stuff that we link to, you’ll notice that most of this involves common sense.

Two big issues with being active on …the Internet are 1) that people often think that they’ve built a bond with someone they’ve never just because they both play World of Warcraft online. The truth is that you don’t know who is on the other end of the discussion. Just as you wouldn’t share your personal info with a stranger in the subway who was also wearing a Yankees jersey just because you are also a fan, you should never make your info available online. Someone may misuse it. (Getting away with it 9 times out of 10, won’t take the pain out of getting burned that 10th time!) And 2) the idea of anonymity. Somehow, because we are using a computer, we think that there is a veil of anonymity over anything we do. Nothing could be further from the truth. Unless you are careful, that computer can easily reveal anything and everything you’ve entered – all the sites you’ve visited, your personal data and more.

Taking basic precautions may take a few minutes (really, only a few minutes), but it can save you from the anguish and real problems of identity theft. AND, by taking those few precautions, you’ll probably get even better use of your computer as you learn to use it better.

Peter L

Tags: , ,
Posted in General, News and Commentary, Passwords and Security | No Comments »

How password management is performed by a friend of mine

Wednesday, July 21st, 2010

One night my landlady told me, that she had some ”Notification failures” in her Hotmail inbox and if I can help her, since I work for a software security company. So of course I agreed and had a look at her Inbox. It was full of “Notification failure” messages, that some email was not delivered, that some mailbox doesn’t exist and so on. So I had a look at her sent messages and I saw a lot of sent emails to many many emails in BCC (blind carbon copies). Wow, it was the first time I have seen some hacker just hacking someone’s email account and using it for spamming. That was scary. Really scary.

So I told her to immediately change her password and also to tell me her password and guess what, it was the most common password ever!! 123456. Oh my gosh! I was shocked! And then when we tried to change the password I have realized that she had been using this password since  she created her email account. Since 1998! That’s right! She had the same poorest password for 12 years. She is lucky that someone hacked her email just 2 weeks ago. So I tried the password changing process and it stopped me with the message: “Please update your browser and system” because she hadn’t updated her browser and system for 2 years! Yes, 2 years. So we had a lot of updates to go through and after 3 hours I was finally able to change her mail account password. So I asked her what password she wanted to use and she told me “Well, if 123456 is not secure enough, lets go with my other password happyhappy.” Oh my gosh again! Come on!

So I told her the basics of selecting a strong password and, of course, I told her about Sticky Password and all of its benefits. She was so surprised about all the password management topics and she also told me, that she has been using 2 passwords for all of her accounts all her life.

Now she is in the middle of starting her new online life.

Petr P

Tags: , ,
Posted in General | No Comments »

Security is manageable – passwords and more

Thursday, June 24th, 2010

Your security online is made up of little things that each and every one of us CAN manage. Much of protecting yourself involves paying attention and being aware of what you are doing when using your computer. Even the settings that you use for your computer and security programs are designed to allow you to make a reasonable decision based on the way you use your computer. The few minutes of paying attention while installing your security software can make all the difference. Know what the software is doing for you, so that you’ll be able to recognize when something strange is going on.

A password manager is there to do for you those things that take up your time and really are an effort. Creating strong passwords for each website and keeping them straight in your head isn’t easy. And it does take time to use them. We recommend Sticky Password, but whether you use a password manager or not, you should be aware of the basics of safe passwords: unique strings of letters and numbers that can’t be guessed for each site and purpose. And, of course, don’t share your passwords with anyone.

And, as has been written in this blog before, DON’T believe everything you read. That’s generally true, but on the Internet, you are likely to be overwhelmed by offers. If you wouldn’t accept the offer from someone on the street, then there is even more reason to reject it from a mysterious someone who wants to share riches with you. Your odds of winning the lottery are better than getting ‘your share’ of the millions of dollars.

Review these general security tips and you’ll see that protecting yourself is something that you CAN manage.

Tags: , ,
Posted in General, News and Commentary, Passwords and Security | 1 Comment »

Identity theft and the average Joe

Monday, April 19th, 2010

I’d like to see the next security survey include a follow-up question to the ‘are you afraid of identity theft’ question. Something along the lines of: ‘do you know what identity theft is and how you can protect yourself?’

I’m not trying to belittle the issue of identity theft. But my own experience is that most people simply repeat the phrase because they’ve heard it so many times on TV and the radio. They don’t understand it and therefore they don’t take even the most basic of precautions to protect themselves.

It’s kind of like the idea of ‘panic rooms’. After the release of the Jodie Foster film (2002), it was all the rage to talk about ‘safe rooms’ and all sorts of new fangled security systems. But do you know anyone who actually did anything to increase the security of his or her home? Lots of talk and no action!

With identity theft, the situation is worse because identity theft is something that can impact each and every one of us. If you have a social security number (in the US, or the national ID in other countries), or credit card, or a bank account, or utility bills you are at risk. Each one of us who is living in modern society is a potential target.

Make sure you protect your personal data. As far as computer usage is concerned, at the very least make sure that your computer software is up to date, including security patches. Make sure you have the basic security programs installed and running: anti-virus software, firewall, anti-spam, and a password manager. With email: don’t open it or click on it unless you KNOW who sent it! Be jealous of your privacy!

Do you know what identity theft is? How are you protecting yourself?

What would your answers be?

Peter L

Posted in General | 3 Comments »

Password stealing

Sunday, April 18th, 2010

I just ran across a little article about a school having its computer system compromised because of a password being swiped. It seems that a student in the 4th grade got the password from a teacher’s desk and then used it to fiddle with the district-wide computer ‘blackboard’ system. No long-term harm was done, but I’m sure the IT folks were scrambling for a while before they figured out what had happened.

Luckily, the alleged child culprit wasn’t prosecuted! While the 9-year old surely misbehaved, in my estimation, the offense doesn’t warrant a criminal punishment. Instead, it should be a call to the school to figure out why passwords are accessible to curious 9-year olds. (Aren’t all 9-year olds curious!?!)

What is missing from the article is any mention of the security policy of the school. Is it standard policy for teachers to write their passwords on post-it notes and to leave them on their desks? Why did this teacher have a password with administrator rights? Do all of the teachers have admin rights? Did the teacher follow procedures for keeping the password safe? Were there any procedures to follow?

We aren’t given any details, but would we be going out on a limb to conclude that the fault or breach is the fault of the teacher, if not the school or district for failing to follow an appropriate security policy for passwords?!

Peter L

Posted in General | 1 Comment »

Show off in Sticky Password style

Thursday, April 8th, 2010

You use Sticky Password because you appreciate the security and the elegant approach to password management and automatic form filling. Now you can add some of that pizzazz to your style. Show off with a cool Sticky Password t-shirt, or make everyone jealous while having a cup o’ joe in your handsome Sticky Password mug.

Visit the Sticky Password store on zazzle to order your very own Sticky Password t-shirts, mugs and other gifts – even doggie sweaters. New designs and merchandise will be added regularly, so make sure to check back to see what’s new.

Buy yours today and send us a picture of any Sticky Password product in your real life and we’ll post it on the Sticky Password facebook page.

Remember, it’s good to flaunt your Sticky Password, NOT your passwords!

Sticky Password securing your personal data in the big city!

Sticky Password securing your personal data in the big city!

Tags: , ,
Posted in General | 1 Comment »

Sticky Password in real life

Tuesday, April 6th, 2010

A bunch of you have already sent emails asking about the photos being posted on the Sticky Password facebook page. We’re starting a photo series on facebook that we’re calling ‘Sticky Password in real life’. The idea is for Sticky Password customers to submit pictures from all over the world showing how they use Sticky Password, or anything with the Sticky Password logo anywhere: near a landmark, under a waterfall, in your apartment or the local library, at your 2nd cousin’s wedding – anywhere! Or, even something simple like writing Sticky Password in the snow with pine cones. :-)

Join us by sending a photo showing YOUR real life with Sticky Password to photos@stickypassword.com. Don’t forget to include your name and where you took the picture so that we can toot your horn for you. (Legal stuff: by submitting your photo, you agree that Sticky Password can post the photo on facebook and use it in any way that we’d like to promote Sticky Password.)

We look forward to posting your photos!

Posted in General | 2 Comments »

The going rate for a password

Tuesday, January 26th, 2010

I ran across write up of an interesting survey in a online Swedish newspaper. It seems that a good number of Swedes are more than willing to  reveal passwords and access info to websites to an unknown person in exchange for chocolate bars while answering questions during a survey. (I suspect that this lax approach to password security – really their online identity – isn’t limited to our friends in the frigid North.)

What strikes me about this experiment isn’t that anyone would ’sell’ his or her password for a chocolate bar – that’s not the point, at all – but that people STILL think that there’s no danger of anyone misusing their passwords. I don’t doubt that a good number of the people would have revealed the same amount of information even if no chocolate had been offered. After all, these folks didn’t think that they were selling their passwords; the chocolate made it seem like an innocent game, and without giving it much thought, they revealed more than they should have.

This is scary news. Part of the problem is that many people have a picture in their minds that their passwords don’t secure anything valuable, and why would anyone want to read their e-mails anyway?! Another component seems to be that most people don’t realize how interconnected everything can be on the Internet. A password on one site that is also used on another site may reveal more about the person than he realizes, and, in this world of ours, there is always SOMEONE who IS interested in your data!

Keeping your passwords secure is a critical component to keeping your personal information secure and your online identity safe.

Peter L

Posted in General | 1 Comment »

Bue Spring Manatee Festival

Thursday, January 14th, 2010

Because there is more to life than just passwords (yes, we admit it!) and facebook and ‘official’ letters from the FBI, we’ll occasionally point out events and activities and all sorts of other things that excite the Sticky Password team.

The Sticky Password team has become very interested in helping Manatees in Florida. So much so, that we’re sponsoring the Save the Manatee Club. Even though no one on the team lives in Florida, we are able to help with contributions. Check out their site to see some neat videos and find out about these cool animals. The stuffed manatee you get for ‘adopting’ a manatee is well worth the price.

If you happen to be in the area (central Florida, north of Orlando) on the weekend of January 23-24, be sure to check out the 25th Annual Manatee Festival in Orange City, Florida.

Tags:
Posted in Events, General, News and Commentary | No Comments »

Personal Privacy and that ‘Interview’ with a Facebook Employee

Tuesday, January 12th, 2010

Yesterday, The Rumpus published an interview with an undisclosed Facebook employee. In the article the employee highlights a bunch of practices within Facebook that suggest that member data isn’t as private as we might think it to be. I’ve put quotes around the word interview in the heading, because it really isn’t clear whether the interview actually took place, or maybe rather, how much of the info is really the result of an interview with a real person and how much has been filled in by the author to cover his tracks or because the info intuitively fits into the picture.

After reading several articles about the interview, I keep returning to the same conclusion I had after reading the original article: everyone is responsible for his or her own privacy. It may seem that privacy is out of our control in this technological world, but there’s a lot we can do.

In the era of instant gratification and reality TV, everyone wants to be a star – and that, immediately. The Internet gives us our chance. We’ve grown used to putting anything and everything (pictures, biographical info, financial and other data) on the Internet with such trust – closer to complete lack of concern – that I am amazed that more harm doesn’t come of it. The anonymity that loosens our inhibitions to reveal intimate secrets blends very well with the voyeurism of the Internet generation.

We want everyone to see us in our full glory and yet we demand that we be granted privacy. We can’t have it both ways. The Internet is a tool that must be used with caution, just like any other tool. If you wouldn’t dance naked in your living room with the shades up, or provide your financial info to your neighbors, why would you think it’s OK to do it on the Internet?

Back to the article, nothing in it is really surprising. Regardless of the company, some employees always have access to customer data. That’s because they need to.  While it may be implementing them a little late in the game, I’m sure that Facebook has similar rules that other companies do. It’s what happens or can happen to the data that is important. Think of the government agents who have lost computers with tens of thousands of personal records. It’s not about new laws or regulations or restrictions, because there’s always the human element involved and that is why we need to think about what we can do to ensure that our personal data is secure. If nothing else, we control the information that we put out there on Facebook and other social networks.

Maybe this interview incident will be a wake-up call to people to think about what they are doing for their own security.

Peter L

Tags: ,
Posted in General, News and Commentary | 4 Comments »

« Older Entries