Many organizations are pushing for two-factor authentication, and it is easy to see why. The benefits are so great and the risks so devastating (and unnecessary) that there is no good reason to not implement two-factor authentication. Let’s discuss what two-factor authentication is, why it matters, and how you can set it up for your Microsoft, Google, and Apple accounts.
CAI Managed IT blog
Passwords are quite literally everywhere nowadays. With so much of modern life now controlled or held within user accounts, keeping your passwords both secure and straight in your head is crucial. Many web browsers now offer some built-in password management utility to help make this process more convenient for the user, but is this option available at the cost of security?
While we would strongly recommend that you update your passwords more than once a year, now is as good a time as any to do so. Reflecting on this, let’s go over how to fully lock down your Microsoft accounts.
If you haven’t taken the time to go through and update your passwords lately, particularly the one protecting your Google account, you should do so… despite it undeniably being a pain. After all, Google serves various purposes and is attached to many accounts for most. Considering the number of data breaches and other cybersecurity issues this potentially contributes to, you will want to ensure your Google account is properly locked down.
A lot is made about data breaches and hackers, but I think you’d be surprised to find out that over 80 percent of cyberattacks are the result of stolen authentication credentials. This has led many security-minded IT administrators to try and find a better way than the old username & password strategy that we’ve all been using for as long as there have been user accounts. One organization that is actively making waves trying to replace the username/password combo is Microsoft. They are at the forefront of the move to passwordless authentication.
Passwords are not a modern invention by any stretch, but as we have dealt with them for so long, there are a lot of bad habits that many people have adopted. That’s why we felt that it was appropriate for us to call out some of these habits and discuss some better options for you to adopt.
Passwords are hard to remember - there’s no denying that. However, there is also no denying how important it is to use different ones for each account, all sufficiently complex, and all the rest. The point is, a lot of people use bad password practices because (to be frank) good password practices are too intimidating. There has to be some kind of acceptable middle ground… right?
What would you do if a stranger claimed to have compromising webcam footage of you and threatened to share it with your contacts? A new, very convincing email scam is making some users very nervous.
In the wake of the Equifax data breach, which placed the personal information of 143 million users at risk, the issue of data security is at the forefront of social consciousness. Your organization needs to go about its daily business as if it will experience a data breach at any given moment. This involves looking at the worst-case scenario, and planning for it so that you’re never caught unaware.
Password security is quite the conundrum. We want our passwords to be easy to remember, but the problem is that passwords that are easy to remember are often simple and insecure. Therefore, it becomes a best practice to use complicated passwords with both upper and lower-case letters, numbers, and symbols to compensate. The “passpoem” might resolve this issue in the most obvious way.
Is the password an outdated type of security measure? This question seems to be getting asked around quite a bit, especially with more powerful threats loose all over the Internet. Unfortunately, the fault in passwords generally lies in the fact that humans generally don’t pick passwords that are secure enough. Thanks to a new method called “spaced repetition,” it seems there might be some hope left for the password after all.
Last week, the Heartbleed bug was identified as a weakness in the OpenSSL cryptographic library, potentially leaking two-thirds of the Internet's secure information from any websites utilizing this encryption style. While most major websites such as Google, Yahoo, and Facebook released patches quickly, it does little to actually remediate the problem. Your data could have been leaked over the year-plus that the vulnerability could have been accessed. There is no way to know if it has been compromised.
On April 7th, a new bug on the Internet was discovered that's putting millions of users' personal data at risk. Given the name "Heartbleed bug," it's capable of allowing infiltrators to collect information while you are securely browsing a SSL/TLS website. Since SSL/TLS is so widely used, it's very probably that your personal data is at risk.
On December 3, 2013, security company Trustwave discovered over two million stolen user passwords for popular online services like Facebook, LinkedIn, Google, Twitter, Yahoo, and 93,000 other websites. There's a high probability that you use one of the services affected by the hack. Is your personal information compromised?
Last time, we spoke about password security, we went over the importance of using strong passwords to avoid identity theft. In part two, we will discuss three easy password solutions that can help you manage all of your different passwords.
For sites you need to log into often, having your browser remember your password can save you time logging in, especially if you are using secure passwords that you might need to look up otherwise. There are circumstances where you might want to manage what personal information gets stored in your web browser.
LinkedIn, the popular social network geared towards business networking and communication, has reported a major breach in security. A file containing over six million passwords was leaked and posted on the Internet.
What does this mean for you, and what course of action should you take?