A Password Guide: Tips to Create a Strong Password

Password box on a webpageIt’s no longer a question of if you will face an online attack, the question is when? Many people are convinced their data is secure as they are using what they consider to be a complex password. They are often mistaken.

There are now freely available password crackers that can tackle passwords up to 55 characters long, passwords that are far more complex than most of us are using. Here are some top tips on how to create a strong password and avoid getting hacked.

  1. Password length – stick to passwords that are at least 8 characters in length. The longer the password, the longer it will take a hacker to guess.
  2. Password complexity – ensure your password contains one lower case letter, one upper case letter, one number and one special character. This will make your password a lot stronger and harder to crack. Avoid using names of family, friends or pets. Don’t use personal information such as date of birth, phone number, street name or house number and do not use consecutive letters, numbers, or keys on the keyboard such as ‘qwerty’.
  3. Use a passphrase – in order to remember your passwords, use a passphrase. For example, use the first letter of each word in a line of your favourite song. ‘Always look on the bright side of life’ could be converted to ’Al0tbs0L!’, a strong password using the four complexity indicators. Don’t simply use number substitutions for letters eg.passw0rd this is far too simple for an advanced hacker.
  4. Use a password manager – many people avoid using complex passwords are they are often hard to remember. Using a reliable password management tool to store passwords is essential. When you create a password, enter it into the password manager which will encrypt it and store it for you. Many of these software programmes are free, easy to use and work on both Windows and Mac.
  5. Create unique passwords – it’s very tempting to use one password for your email accounts, another for your banking, and one for all of your social media accounts. A study by BitDefender shows that 75% of people use the same password for their email as they use for their social media accounts. If this password was discovered and it was also used for their online banking or Paypal account this could result in financial theft.
  6. Change your password for all accounts every six months – the longer your password has remained the same, the more time a hacker has had to crack it. It is recommended to change your passwords often, at least twice a year but the more often the better.
  7. Never write down your passwords (except in a password management tool of course) – this includes both paper and emails. Writing down your strong password is almost as bad as having a weak password and not writing it down at all.

To be extra secure, download Strong Pass now

Successful Crisis Management: The Evernote Hack

evernote-logo-designAs data theft is on the rise it must be assumed that sooner or later, if you have data someone wants, your systems WILL most likely be compromised. It is important to put up strong defenses but it is even more critical you have a crisis management plan when things go wrong. 

With social media comes a whole new set of rules for your organization’s crisis communications and crisis management. We’re often given opportunities to learn about social media crisis management through the highly visible fallout from the experiences of others. How a company takes action and manages a hard-hitting crisis often gives customers a more honest insight at how they are run than any meticulously crafted press release could.

Evernote Crisis Management

Evernote, the online note taking service, suffered a serious security breach in March 2013 involving the theft of usernames, email addresses and encrypted passwords of up to 50 million users. Luckily, no payment details were stolen, and according to the company the hackers were not able to access notes that users had stored on the Evernote service. So, how did they manage the crisis and what lessons can be learned?

What went well? Open Communication 

Almost immediately, Evernote communicated with their users on Twitter, through a blog post and an email stating that their security team had “discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service.” They also suggested all users reset their Evernote account passwords.

They advised users to choose a strong password and to be suspicious of reset password links sent to users via email. They also advised users to ensure that they did not use the same password on multiple sites. Within 24 hours they had updated (at least their Apple iOS app) to focus everyone on resetting their password.

Attentive Evernote reps responded to irate users on their site and carefully explained what was happening throughout the process. Some users praised the company for their transparency and timely communications and voiced their support. However, many complained they didn’t receive the notification email because they no longer had access to the email account they used to sign-up with the service.

Lessons Learned: What could have been handled better?

Although there was a blog post on the Evernote website, nothing was actually posted on the Evernote homepage. There was also an evident lack of post-hack communication.

A week after the event, there had been no blog update or further emails about what had happened, what they had subsequently done to improve security, or any attempt to diffuse the on-going comments. Initially many users asked about implementing two-factor authorization, used by Google to provide extra security for its users. However there was no immediate response. Evernote should have answered any FAQs and taken the opportunity to welcome feedback from users, making their crisis communications a two way process, which is often the best way to learn and adapt.

Do you have a crisis management plan in place? and if the answer is NO, it is about time you put one in place !

Strong Pass Now Available Worldwide

Image

Authomate Inc is pleased to announce that Strong Pass for IOS, the easiest to use password management app, is now available worldwide. The app has been redesigned for IOS7 and will let you to manage unlimited logins/passwords. The Android App and additional security tools will follow soon. With Strong Pass, you can login to your favorite sites with just a wave of your smartphone.

With a unique approach to authentication, Strong Pass is a blend of strong security and ease of use. One scan of the webpage, the user will be authenticated instantly. With Strong Pass, there is no need for you to remember any passwords. Your credentials are safe when you use Strong Pass.

Existing password management solutions keep a copy of your password database on each machine you use and synchronize them, thereby making your credentials more vulnerable to hacking and identity theft. Some keep your credentials in the cloud. Strong Pass on the other hand keeps your passwords very safe. Your credentials are not stored in the cloud or on Authomate servers. They are stored on your smart phone under multiple layers of strong encryption. No one else can access your data, even if you lose your phone. Although Authomate Authentication server takes part in the authentication process, your credentials are never visible to anyone else including Authomate.

Authomate Strong Pass uses bank level security to ensure your credentials are safe from prying eyes of hackers and not prone to theft. You can rest assured that your credentials are safe and secure.

To get the app, go to the app store on your iPhone and search using keywords “Strong Pass” or “Authomate”. You can also get the app from itunes app store on your PC/laptop.

appstore 2 Download Strong Pass for iPhone and never worry about passwords again.

Strong Pass by Authomate INC

Video

Strong Pass is the easiest to use, user login/password management App. Use Strong Pass App and login with confidence and ease to any online account on your PC or laptop with a wave of your smartphone.
Strong Pass will be available world wide very soon on iTunes.