Strong passwords are the first line of defense against identity theft.

Read the original post from Iolo

We use passwords so often that it’s easy to lose sight of just how critical a password really is: one of the best defenses we have against cybercrime is often the one we take the least seriously.

After a hacking incident in 2009, InformationWeek analyzed the login information of the site’s 20,000 users and found that most passwords were ones a hacker could guess in seconds. The most common passwords? 123456 and password.

Don’t make it this easy for the cyber criminals—create strong passwords that are easy for you to remember but hard for others to guess.

Why you need strong passwords

It can be tempting to use an easy-to-remember sequence like a birth date or cell phone number as a password. But don’t. Many systems have been broken into due to weak passwords, which are passwords that can be easily guessed or can be quickly decoded by a cracking program.

Once your password is known, a hacker can tap into your private information and do all sorts of damage, ranging from reading your personal emails and creating fake postings on your profile page to robbing your bank accounts and stealing your identity.

Tips for creating a strong password

4 Password Dos

• Use long passwords. The longer your password is, the better. Use a password that has at least 8 characters, and for your high-security accounts, security experts recommend even longer passwords: at least 14 characters. (How can you remember 14 characters? See “Consider building passwords based on phrases” below for some ideas.)
• Mix it up. Use a mix of uppercase letters, lowercase letters, numbers, and symbols—the more types of characters you use in your password, the harder it is to guess.

  To illustrate: For an 8-character password with all lowercase letters, a cracking tool would be able to run through every possible combination in 2.42 days. By mixing in uppercase letters, numbers, and symbols, the tool would take 210 years to run through every combination.

• Use text that’s not in a dictionary. A password cracking program can check millions of dictionary words in seconds. Avoid “real” words that can be found in a dictionary.
• Change passwords regularly. Change your passwords on a regular basis. Every 60-90 days is the recommendation of most security advisors; you may want to change them more or less often depending on the security of the information the password is protecting.

4 Password Don’ts

• Don’t use ‘password’. The word password and variations such as password1, passwd, p@$$w0rd, and drowssap (password spelled backwards) are so common that many hackers start with these.
• Don’t use easy-to-guess patterns. Don’t use a sequence of characters (like 123456 or abc123), repeated characters (ioioio), or patterns that use characters that are close together on the keyboard (qwerty).
• Don’t use your name or other personal characteristics. Don’t use your first or last name, and don’t use terms associated with your personal life that others may know, like the name of your spouse or children, names of pets, license plate numbers, and phone numbers.
• Don’t use the same passwords for every account. The risk in using the same password for multiple accounts is that if someone figures out one password, that person now has access to everything else. For the utmost in security, use a different password for every password-protected program, web site, and account that you use. It’s particularly critical that you not re-use your email account password on web sites because once it’s compromised, the door is opened to all your accounts that have your email address on file.

Consider building passwords based on phrases

The truth is that a long string of random characters can be hard to remember, especially when you have a lot of different passwords to keep track of.

One strategy is to use passwords that are built from easily remembered phrases. You take the first letters from each of the words in the phrase, and you also mix in some symbols and numbers in place of certain words, like using & to replace “and.”

Here are a few examples of strong passwords built on phrases:

• M2010nyri2l15# (”My 2010 new year’s resolution is to lose 15 pounds”)
• Lmu?i:Wayd4o? (”Life’s most urgent question is: What are you doing for others?”)
• Iw2Tls&cw2gb! (”I went to Texas last summer and can’t wait to go back!”)

TIP: A number of online password checkers like The Password Meter can be used to check the strength of your password.

Make any security questions strong, too

Automated password resetting is a process that lets you reset your password if you ever forget your current one; it’s typically implemented by you setting up one or more security questions that you have to answer in order to gain access to your account. But if these questions are too simple, someone else may be able to easily guess the answers.

One example of this technique happened in 2008 when the email account of Sarah Palin, a nominee for Vice President of the United States, was broken into. The hacker was able to answer three security questions and illegally access Palin’s email simply by researching her zip code, her birthday, and where she met her husband.

For any account that offers password resetting, be sure to set up strong questions as well.

And remember–keep your passwords secret

The strongest of passwords won’t protect you if others can readily access it. Have you ever seen someone’s password written on a sticky note taped to their monitor? This is a bit like taping your car keys to the windshield—you can easily find your keys, but so can anyone else.

Here are a few tips on safeguarding your passwords:

• Don’t respond to any email that asks for your password or asks you to verify your password by sending it in. Reputable companies don’t use email to ask their customers for this information.
• When using public computers such as in airport lounges, internet cafes, and libraries, don’t access any sites that require a password. In these insecure locations, hackers can easily capture everything you type using keylogging devices. (Read more about keyloggers.)
• The old advice was to never write down your passwords, but with today’s reality, you can end up with dozens of different passwords—and it’s better to use multiple passwords than to just use the one or two passwords that you can memorize. So it’s OK to write down your passwords: just be sure to keep the list in a secure place that others can’t access, such as a locked drawer or a safe deposit box.

Read the original post from Iolo

——————————————————-

Eavesdropping Webcams, spying ISPs, toxic PCs, and more. Here are 21 dangers that the industry is hiding from you–and what you can do about them.

Dan Tynan – Mar 30, 2010 1:00 pm

Yes, the truth is out there. But they don’t want you to know about it.

Who’s “they”? It could be Google or product manufacturers, your boss or your wireless carrier, Hollywood or Uncle Sam.

What don’t they want you to know? That your cell phone, your Webcam, and your employer may be spying on you. That you’re probably paying too much for printer ink, and that your wicked-cool subsidized handset will cost you way more over time than an unsubsidized one. That your PC may be coated with toxic flame retardants. And that’s just for starters.

Don’t despair. For every dirty little secret revealed herein, we describe a fix or a way to work around it (if any exists). You don’t have to be a victim, if you know what to do.

Just remember: You’ve been warned.

Your ISP Is a Copyright Cop

The RIAA and the MPAA may have a new ally. The next people who bust you for illegally swapping music and movies could be the folks you pay for Internet access.

Illustration: Barry Blitt
The recording and film industries are seeking to manipulate upcoming net neutrality legislation to allow ISPs to scan the bits passing through their networks and to block any that may violate copyrights–similar to Comcast’s notorious attempts to throttle BitTorrent connections in 2007. The Federal Communications Commission’s recommended rule changes already contain an exception for “reasonable network management,” which could include sniffing for copyrighted content, says Jennifer Granick, civil liberties director for the Electronic Frontier Foundation.

Meanwhile, according to leaked reports, the international Anti-Counterfeiting Trade Agreement (ACTA) now being negotiated in private sessions contains provisions requiring ISPs to police their own networks for copyright scofflaws. Critics of the proposed treaty fear that copyright holders will insert a “three-strikes” policy, under which users could have their Internet access revoked if they’re caught exchanging copyrighted content more than twice.

“It’s dangerous giving so much power to copyright claims,” says Wendy Seltzer, project leader for the Chilling Effects Clearinghouse and a Fellow at Harvard’s Berkman Center for Internet & Society. “Imagine someone telling you, ‘If you violate our copyrights, we can terminate your Net connection, not just your blog.’”

With such a powerful new partner playing the role of both investigator and enforcer, might copyright holders be emboldened to pursue more consumers suspected of violating copyrights? And what protections will consumers have against false claims of infringement?

The Fix: Contact your congressional representatives and tell them that you oppose net neutrality loopholes for content filtering. Support organizations such as Chilling Effects, the EFF, and Public Knowledge, which fight laws that turn ISPs into Hollywood’s hired guns.

Cell Phones Don’t Crash Airplanes

The Federal Communications Commission and the Federal Aviation Administration have each recommended that airlines not allow passengers to use cell phones during commercial flights. The FAA fears that the RF signal emitted by devices using the 800MHz spectrum band might interfere with the navigation systems of the plane, specifically GPS instrumentation. Yet there is no documented case of an air accident or serious malfunction caused by a cell phone’s interfering with a plane’s navigation system.

Read More on PC World

—————————————————-

By Renai LeMay, Delimiter.com.au on April 7th, 2010

Microsoft appears to have accidentally deleted six years of blog archives hosted on its free Windows Live Spaces platform belonging to Australian mobile technology evangelist Shane Williamson.

“About 3 weeks ago my Windows Live Spaces blog was deleted by Microsoft for no reason,” Williamson wrote on his site over the weekend. “That is over six years of blogging on mobile, technology and convergence gone … Microsoft claims they cannot reclaim any part of the data lost, or will they give a reason why it was lost.”

“This should be a major concern to anyone who is, or thinking of, using Windows Live SPaces as a serious blog or any other type of cloud computing services from Microsoft.” Delimiter couldn’t reach Williamson for a comment today.

When contacted about the issue today, Microsoft Australia’s public relations agency punted the question to ninemsn, which operates the Windows Live brands in Australia courtesy of its joint venture relationship with the software giant.

A spokesperson for the company said it was investigating the issue back in Microsoft headquarters in the US — as that was where the Windows Live Spaces blogs were administered from, although it hoped to provide further information on Williamson’s case in due course.

Previously known as MSN Spaces, Windows Live Spaces was initially released in 2004, and is broadly seen as competitor to other free hosted blogging platforms such as Wordpress.com and Google’s Blogger offering.

Williamson himself is seen as one of Australia’s foremost experts on the mobile technology space. In the past he’s held senior roles focused on the mobile space at a number of companies such as Microsoft, Optus and Hutchison Australia (before the merger with Vodafone). He is also the co-founder of the Mobile Monday Sydney chapter, which attempts to bring mobile industry professionals together.

Read the blog post on Zdnet

By now, you’ve probably heard that Facebook has made some big changes that affect your privacy. However, you might not know what they are.

So far, the changes have been explained in the language of the people that they benefit: companies and app developers. What about us, the end users?

Here’s a handy collection of the best tips that we could find for protecting your privacy on Facebook’s wild new frontier.

Read More on Download Squad

In its rush to take on Facebook and Google Buzz, Microsoft is now collecting and displaying personal information on your Hotmail page — information you may never have wanted to broadcast.

Exactly how it’s mining this information is something of a mystery, but if you use Hotmail or Windows Live, it’s time to review your privacy settings — lest something you said or did comes back to haunt you.

One user signed in to her Hotmail account recently and was greeted with Microsoft’s new, improved social networking splash page.

What’s wrong with this picture? All three What’s new with your network entries contain potentially embarrassing information that the authors never dreamed would appear on someone else’s Hotmail sign-in page.

Read More on Windows Secrets: http://windowssecrets.com/comp/100422#story1

Do you Facebook?? – You MUST watch this if you are a facebook user. Know all the facts before blindly continuing in being a user.. for you are a user being used. learn how.