A Password Guide: Tips to Create a Strong Password

Password box on a webpageIt’s no longer a question of if you will face an online attack, the question is when? Many people are convinced their data is secure as they are using what they consider to be a complex password. They are often mistaken.

There are now freely available password crackers that can tackle passwords up to 55 characters long, passwords that are far more complex than most of us are using. Here are some top tips on how to create a strong password and avoid getting hacked.

  1. Password length – stick to passwords that are at least 8 characters in length. The longer the password, the longer it will take a hacker to guess.
  2. Password complexity – ensure your password contains one lower case letter, one upper case letter, one number and one special character. This will make your password a lot stronger and harder to crack. Avoid using names of family, friends or pets. Don’t use personal information such as date of birth, phone number, street name or house number and do not use consecutive letters, numbers, or keys on the keyboard such as ‘qwerty’.
  3. Use a passphrase – in order to remember your passwords, use a passphrase. For example, use the first letter of each word in a line of your favourite song. ‘Always look on the bright side of life’ could be converted to ’Al0tbs0L!’, a strong password using the four complexity indicators. Don’t simply use number substitutions for letters eg.passw0rd this is far too simple for an advanced hacker.
  4. Use a password manager – many people avoid using complex passwords are they are often hard to remember. Using a reliable password management tool to store passwords is essential. When you create a password, enter it into the password manager which will encrypt it and store it for you. Many of these software programmes are free, easy to use and work on both Windows and Mac.
  5. Create unique passwords – it’s very tempting to use one password for your email accounts, another for your banking, and one for all of your social media accounts. A study by BitDefender shows that 75% of people use the same password for their email as they use for their social media accounts. If this password was discovered and it was also used for their online banking or Paypal account this could result in financial theft.
  6. Change your password for all accounts every six months – the longer your password has remained the same, the more time a hacker has had to crack it. It is recommended to change your passwords often, at least twice a year but the more often the better.
  7. Never write down your passwords (except in a password management tool of course) – this includes both paper and emails. Writing down your strong password is almost as bad as having a weak password and not writing it down at all.

To be extra secure, download Strong Pass now

5 Most Common Password Mistakes of 2013

password-cracking-shutterstockUnfortunately in this day and age, password theft is a major issue for many Internet users. All aspects of our viral lives are guarded by the passwords we choose, from our online bank accounts to our email logins. In a bid to make our experience with logging-in to these various sites as easy as possible, many of us use easily memorable, weak and common passwords.

If you identify as one of these people, you are providing hackers with easy access to your private life and secure information. Let’s have a look at 5 of the most common password mistakes of 2013.

1. “Password”

If you have ignored all warning signs for the last fifteen years, and your password still remains as this, it is perhaps the equivalent of leaving your computer outside in the street and simply inviting passers-by to empty your bank account. In a security breach of RockYou in 2009 (they settled with the FTC in 2012) revealed 61,958 users were using “password”. Don’t be lazy. It might be easy to remember but it is a far cry from fool proof.

2. Strings of consecutive numbers or letters 

The RockYou security breech revealed that 290,731 users were putting the cunning “123456” password into use. Ultimately, a cat could walk across your laptop keyboard and inadvertently gain access to your accounts.

3. ILoveYou

Many people continue to put themselves at risk by using this weak, loving, but weak password. Your computer is not capable of emotion. If this is your password, change it!

4. LetMeIn

A reported 3 million people in 2013 fell short of creating a password too difficult for a seven year old to guess on their first attempt. Really. Hackers are aware of the most commonly chosen passwords and are quick to test when trying to break into your accounts.

5. Sex 

Using a sexual term as a password (I’m not here to judge) unfortunately enters you into a very large group. With over 3 million people reportedly using variations of the term ‘sex’, you can easily be hacked. Don’t run the risk. Put some thought into your password, add symbols and capitalise certain letters to keep those pesky hackers at bay.

Don’t make things simple for hackers. Identity theft is expensive, so don’t run the risk of being the next victim.

Keep yourself secure online: download Strong Pass now

Target Security Breach: 7 Ways to Protect Yourself


140113121845-target-shopperss-hack-620xaThe huge security breach that has affected Target recently appears to have been part of a broader and highly sophisticated scam that potentially affected a large number of retailers. It has now been confirmed that the attack that occurred last month has affected 40 million credit and debit card accounts and led to data theft including names and email addresses of as many as 70 million innocent customers. 

Is it just a matter of time before our personal information is compromised? While many shoppers have been left feeling angry and helpless, there are some steps consumers can take to protect themselves against fraud and identity theft. After all, the best solution to a problem is prevention. Before we begin it’s important to remember that retailers are not legally required to offer credit protection services to customers and we are all responsible for continued monitoring of our credit card and bank accounts. We must continue being vigilant in recognising fraudulent emails or phone calls from people claiming to represent retailers or banks.

So, how can you protect yourself in future? Use cash instead? No. Cash can be lost or stolen with little or no recourse. Credit cards offer better protection to the card holder especially when they are used without authority, a much safer option. Here are some top tips on how to protect yourself while still using plastic.

1. Be vigilant – check your credit and debit card statements regularly and report any unusual charges, even if it’s only small. Sometimes thieves place a small charge to check if the card is active.

2. If you notice an unauthorised charge, especially if it’s a debit card, ask your provider to cancel your current card immediately and issue you a new one.

3. Consider various options for monitoring your credit profile and credit card activity. Target offers a credit-monitoring service for customers, as do other retailers.

4. Be cautious of any correspondence claiming to be from your bank or the retailer you shopped at and never give any sensitive information such as PIN numbers. Double check the URL in the correspondence you have received. If you are suspicious, report it.

5. When there has been theft of personal data, thieves will often use ‘phishing’ to convince you to part with even more personal data such as passwords. This is not only done on the phone or over email, but also social media sites such as Twitter so be warned. If you use the same password for your online banking as you do for your social media accounts then change them, you can never be too careful.

6. Too many people have simple passwords for their accounts. If this includes you, make sure you change it. If you can’t think of one, use a password generator or add some capital letters to numbers to your current password to make it stronger.

7. Shred your documents – while online fraud and data theft is growing, it’s important not to forget about correctly storing and disposing your physical documents too.

Some believe that using cash is the only solution. This is not the case. Consumers need to be aware that data security is down to their own vigilance, and they should not solely rely on their bank or financial provider to protect their information. Attacks are inevitable and will continue to happen so it’s important to be prepared and protect yourself.

Use Google Chrome To Give Unrestricted Access To Your Passwords

12 Authomate Blog 12 - ImageThere have now been dozens of reports about a serious flaw in the security of Google’s Chrome browser, so we felt it was important to make you aware of this issue.  

Google Chrome allows anyone with access to a user’s computer see all their passwords stored for email, social media and other sites directly from the settings panel. And even more worrying, no password is needed to view them!

To see the passwords, all you have to do is click on the settings icon, choose ‘show advanced settings’ and then ‘manage saved passwords’ in the ‘passwords and forms’ section. A list of hidden passwords is then revealed, but clicking beside them reveals the actual text of the password free to copy or send via screenshot, compromising all of your accounts in one easy step.

Unfortunately, Google are aware of the weakness and have no plans to change this – a problem other browsers, like Firefox, once had, and fixed. So what can you do to avoid this major flaw in your internet security?

For one, maybe it’s time to change to a new browser.

Make sure you delete any saved passwords from your browser (you can access this through your browser settings in Chrome), don’t allow this saving function and regularly revisit to make sure you’re not compromised.

And protect yourself in future by using a secure password manager, like Strong Pass. If you would like to have the peace of mind that Strong Pass offers, download the app now and take your security into your own hands.

Hack exposes 42m passwords – Worse part, they were kept in open

Cupid Media is an online dating site. Like many other such sites, young and old singles flock to it. Cupid Media operates over 30 niche dating websites based on ethnicity, religion and social preferences. In a recent hack, it exposed over 42 million passwords and other personal details. yeah, it happens. But wait, that is not the whole story. The worst part of the story is that Cupid Media had practically no security in place for protecting the privacy of its users. All User details, including passwords, usernames, and birthdays were kept in plain text. Yes! Plain text ! No encryption, Not even a simple hash. That is a shame.

Read more here.

The sad part is that no amount of creativity on your part in creating a strong password or using any password manager would have helped in this case. It is just a case of stupidity on the part of Cupid Media to have exposed all personal data of its users. It is a lesson for all of us. Whenever you sign-up for new sites, ask a lot of questions and find out what information is really needed by the site and how are they keeping that data. And once you are satisfied that the website is going to keep your data safe, user a reliable password manager (like Strong Pass) to manage your passwords and keep you protected online.

Strong Pass – How to get it?

Authomate Strong Pass is the easiest to use, login/password management service. One scan of the webpage, the user will be authenticated instantly. With Strong Pass, there is no need for you to remember any passwords. Your credentials are safe when you use Strong Pass.

Screen Shot 2013-10-17 at 12.56.55 AM

apple_iphone_5s_screen_1

Follow these simple steps and you won’t have to worry about passwords or your online security again. 

On iPhone, open the app store and search for “Authomate” or “Strong Pass” and you will find the app as seen here. Once the app is installed and started, you will see a few screen giving you information on what the app can do for you. Swipe through these pages to get to the signup page as shown here. You can then signup by creating a new account. Authomate will send you a verification email to confirm the new account request. Follow instructions in email to verify the email address and complete account creation.  After your email is verified, download and install the browser extension for your laptop/PC. Now you are ready to use Strong Pass and experience the easiest to use password management serviceYou can also get the app from itunes app store on your PC/laptop.

appstore 2

Get your Strong Pass App today for iPhone and never worry about passwords again.

Strong Pass Now Available Worldwide

Image

Authomate Inc is pleased to announce that Strong Pass for IOS, the easiest to use password management app, is now available worldwide. The app has been redesigned for IOS7 and will let you to manage unlimited logins/passwords. The Android App and additional security tools will follow soon. With Strong Pass, you can login to your favorite sites with just a wave of your smartphone.

With a unique approach to authentication, Strong Pass is a blend of strong security and ease of use. One scan of the webpage, the user will be authenticated instantly. With Strong Pass, there is no need for you to remember any passwords. Your credentials are safe when you use Strong Pass.

Existing password management solutions keep a copy of your password database on each machine you use and synchronize them, thereby making your credentials more vulnerable to hacking and identity theft. Some keep your credentials in the cloud. Strong Pass on the other hand keeps your passwords very safe. Your credentials are not stored in the cloud or on Authomate servers. They are stored on your smart phone under multiple layers of strong encryption. No one else can access your data, even if you lose your phone. Although Authomate Authentication server takes part in the authentication process, your credentials are never visible to anyone else including Authomate.

Authomate Strong Pass uses bank level security to ensure your credentials are safe from prying eyes of hackers and not prone to theft. You can rest assured that your credentials are safe and secure.

To get the app, go to the app store on your iPhone and search using keywords “Strong Pass” or “Authomate”. You can also get the app from itunes app store on your PC/laptop.

appstore 2 Download Strong Pass for iPhone and never worry about passwords again.