Keep Our Service Free-Donate

Tuesday, November 29, 2016

Tips to Stay Cybersafe on Holiday Travels-Definitive Guide to Passwords


 

Poor Man Survival

Self Reliance tools for independent minded people…

www.poormansurvivor.net

ISSN 2161-5543

A Digest of Urban Survival Resources

 

 

Tips to Help You Stay Cybersafe on Your Holiday Travels-Definitive Guide to Passwords
We’re teaming up with the Department of Homeland Security to help you stay “cybersafe” this holiday season.
The holidays are right around the corner, which for many of us means traveling to celebrate with friends and family. Whether you are just traveling for a weekend away to see the grandkids or going on a long winter vacation overseas, it is important to be cyber secure. Travelers are often easy prey for hackers as they are forced to rely on public Wi-Fi or computers and may need to leave their electronic devices unattended in hotel rooms or in-transit. Follow these simple steps before and during your journey to help stay protected the next time you’re away from home.



Before You Leave:
Along with confirming your itinerary and packing, add these to-dos to your checklist:
  1. Minimize the number of electronic devices you bring on your travels to those you can carry on your person. This makes it less likely for your devices to get stolen or compromised.
  2. Update your mobile software before you go. Keep your operating system software and apps on your mobile device updated, which will improve your device’s ability to defend against malicious software also known as ‘malware’.
  3. Turn off Wi-Fi and remote connectivity when idle. Some devices will automatically seek and connect to available wireless networks. Bluetooth, for example, enables your device to connect wirelessly with other devices, such as headphones or automobile infotainment systems. Disable these features so that you only connect to wireless and Bluetooth networks when you want to.
  4. Create strong passwords. Before you leave home, make sure you have strong passwords on all of your electronic devices. Passwords should be at least eight characters in length with both numbers, letters and special characters (@!$?). Create unique passwords for each device.
  5. Enable stronger authentication. Stronger authentication (also known as two-factor or multi-factor authentication) adds an extra layer of security beyond using a password to access your accounts. Most major e-mail, social media and financial platforms offer multi-factor authentication to their users. Be sure to ask your service provider if you can activate this feature before departing on your trip. To learn more, visit the White House’s new stronger authentication campaign at www.lockdownyourlogin.com.

 

Be mindful of your Internet activity and how you can protect your privacy as well as your device:
  1. Keep your phone locked. Always lock your device when you are not using it. Even if you only step away for a few minutes, that is enough time for someone to steal or destroy your information. Use strong PINs and passwords for your accounts and lock screen.
  2. Think before you connect. Before you connect to any public wireless hotspot such as those in an airport, hotel, train/bus station, or café be sure to confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate. Many fake networks have seemingly legitimate names.
  3. Protect your money and your information. Do not conduct sensitive activities, such as online shopping, banking, or sensitive work, using a public wireless network or a public computer.
  4. Delete your cookies and cache. If you use the Internet on a public computer (such as at a hotel or café) while you are traveling, be sure to delete your cookies in the web browser after you have finished. When you are on the Internet, a browser saves your information and this saved data is called a “cookie.” This data, which can include login credentials or other personal information, can then be accessed by other individuals that may use the computer. Please read the Federal Trade Commission’s Onguard Online article to find out more about cookies and how you can remove them.
  5. Don’t broadcast your location. Many social media platforms offer location-tagging as part of their features, which allows users to include their location when they post online. Avoid using these location features and do not announce on social media that you will be out of town. You could be telling stalkers exactly where to find you or telling a thief that you are not home.
While You’re Away
Be mindful of your Internet activity and how you can protect your privacy as well as your device:
  1. Keep your phone locked. Always lock your device when you are not using it. Even if you only step away for a few minutes, that is enough time for someone to steal or destroy your information. Use strong PINs and passwords for your accounts and lock screen.
  2. Think before you connect. Before you connect to any public wireless hotspot such as those in an airport, hotel, train/bus station, or café be sure to confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate. Many fake networks have seemingly legitimate names.
  3. Protect your money and your information. Do not conduct sensitive activities, such as online shopping, banking, or sensitive work, using a public wireless network or a public computer.
  4. Delete your cookies and cache. If you use the Internet on a public computer (such as at a hotel or café) while you are traveling, be sure to delete your cookies in the web browser after you have finished. When you are on the Internet, a browser saves your information and this saved data is called a “cookie.” This data, which can include login credentials or other personal information, can then be accessed by other individuals that may use the computer. Please read the Federal Trade Commission’s Onguard Online article to find out more about cookies and how you can remove them.
  5. Don’t broadcast your location. Many social media platforms offer location-tagging as part of their features, which allows users to include their location when they post online. Avoid using these location features and do not announce on social media that you will be out of town. You could be telling stalkers exactly where to find you or telling a thief that you are not home.
 
 
The Definitive Guide to Passwords
by the Tactical Technology Collective
and Front Line Defenders
 
Many of the secure services that allow us to feel comfortable using digital technology to conduct important business, from signing in to our computers and sending email to encrypting and hiding sensitive data, require that we remember a password. 
These secret words, phrases or strings of gibberish often provide the first, and sometimes the only, barrier between your information and anyone who might want to read, copy, modify or destroy it without your permission. 
There are many ways in which someone could learn your passwords, but you can defend against most of them by applying a few specific tactics and by using a secure password database tool, such as KeePassX.
What You Can Learn From This Guide
  • The elements of a secure password
  • A few tricks for remembering long, complicated passwords
  • How to use the KeePassX secure password database to store passwords instead of remembering them
Introduction to Passwords
Let’s start with a story…
Selecting and Maintaining Secure Passwords
In general, when you want to protect something, you lock it up with a key. 
Houses, cars and bicycle locks all have physical keys; protected files have encryption keys; bank cards have PIN numbers; and email accounts have passwords. 
All of these keys, physical and electronic, have one thing in common: they open their respective locks just as effectively in the hands of somebody else. 
You can install advanced firewalls, secure email accounts, and encrypted disks, but if your password is weak, or if you allow it to fall into the wrong hands, they will not do you much good.
Elements of a Strong Password
A password should be difficult for a computer program to guess.
  • Make it long: The longer a password is, the less likely it is that a computer program would be able to guess it in a reasonable amount of time. You should try to create passwords that include ten or more characters. Some people use passwords that contain more than one word, with or without spaces between them, which are often called passphrases. This is a great idea, as long as the program or service you are using allows you to choose long enough passwords
  • Make it complex: In addition to length, the complexity of a password also helps prevent automatic 'password cracking' software from guessing the right combination of characters. Where possible, you should always include upper case letters, lower case letters, numbers and symbols, such as punctuation marks, in your password.
A password should be difficult for others to figure out.
  • Make it practical: If you have to write your password down because you can't remember it, you may end up facing a whole new category of threats that could leave you vulnerable to anybody with a clear view of your desk or temporary access to your home, your wallet, or even the trash bin outside your office.

    If you are unable to think of a password that is long and complex but still memorable, see the “remembering secure passwords section” below, which might be of some help.

    If not, you should still choose something secure, but you may need to record it using a secure password database such as     KeePassX. Other types of password-protected files, including Microsoft Word documents, should not be trusted for this purpose, as many of them can be broken in seconds using tools that are freely available on the Internet
  • Don't make it personal: Your password should not be related to you personally. Don't choose a word or phrase based on information such as your name, social security number, telephone number, child's name, pet's name, birth date, or anything else that a person could learn by doing a little research about you
  • Keep it secret: Do not share your password with anyone unless it is absolutely necessary. And, if you must share a password with a friend, family member or colleague, you should change it to a temporary password first, share that one, then change it back when they are done using it.

    Often, there are alternatives to sharing a password, such as creating a separate account for each individual who needs access. Keeping your password secret also means paying attention to who might be reading over your shoulder while you type it or look it up in a secure password database.
A password should be chosen so as to minimise damage if someone does learn it.
  • Make it unique: Avoid using the same password for more than one account. Otherwise, anyone who learns that password will gain access to even more of your sensitive information. This is particularly true because some services make it relatively easy to crack a password.

    If you use the same password for your Windows user account and your Gmail account, for example, someone with physical access to your computer can crack the former and use what they learn to access the latter. For similar reasons, it is a bad idea to rotate passwords by swapping them around between different accounts.
  • Keep it fresh: Change your password on a regular basis, preferably at least once every three months. Some people get quite attached to a particular password and never change it. This is a bad idea. The longer you keep one password, the more opportunity others have to figure it out. Also, if someone is able to use your stolen password to access your information and services without you knowing about it, they will continue to do so until you change the password.
Remembering and Recording Secure Passwords
Looking over the list of suggestions above, you might wonder how anyone without a photographic memory could possibly keep track of passwords that are this long, complex and meaningless without writing them down. 
The importance of using a different password for each account makes this even more difficult. There are a few tricks, however, that might help you create passwords that are easy to remember but extremely difficult to guess, even for a clever person using advanced 'password cracking' software. 
You also have the option of recording your passwords using a tool like KeePassX that was created specifically for this purpose.
 
Remembering Secure Passwords
It is important to use different types of characters when choosing a password. This can be done in various ways:
  • Varying capitalisation, such as: 'My naME is Not MR. MarSter'
  • Alternating numbers and letters, such as: 'a11 w0Rk 4nD N0 p14Y'
  • Incorporating certain symbols, such as: 'c@t(heR1nthery3'
  • Using multiple languages, such as: 'Let Them Eat 1e gateaU au ch()colaT'
Any of these methods can help you increase the complexity of an otherwise simple password, which may allow you to choose one that is secure without having to give up entirely on the idea of memorizing it. 
Some of the more common substitutions (such as the use of a zero instead of an 'o' or the '@' symbol in place of an 'a') were long-ago incorporated into password-cracking tools, but they are still a good idea. 
They increase the amount of time that such tools would require to learn a password and, in the more common situations where tools of this sort cannot be used, they help prevent lucky guesses.
Passwords can also take advantage of more traditional mnemonic devices, such as the use of acronyms. This allows long phrases to be turned into complex, seemingly-random words:
  • 'To be or not to be? That is the question' becomes '2Bon2B?TitQ'
  • 'We hold these truths to be self-evident: that all men are created equal' becomes 'WhtT2bs-e:taMac='
  • 'Are you happy today?' becomes 'rU:-)2d@y?'
These are just a few examples to help you come up with your own method of encoding words and phrases to make them simultaneously complex and memorable.
A little effort to make the password more complex goes a very long way. Increasing the length of a password even just by a few characters, or by adding numbers or special characters, makes it much more difficult to crack. 
For demonstrative purposes, the table below shows how much longer it may take a hacker to break a list of progressively more complex passwords by trying different combinations of the password one after another.
Of course, the time it would take to crack any of the above passwords would vary widely depending on the nature of the attack, and the resources available to the attacker. 
Moreover, new methods to crack passwords are constantly being devised. All the same, the table does demonstrate that passwords become vastly more difficult to break by simply varying characters and using two words or, even better, a short phrase.
The table above is based on Passfault's calculations. Passfault is one of a number of websites which allow you to test the strength of your passwords. However, while such resources are good for demonstrating the relative efficiency of different types of passwords, you should avoid introducing your actual passwords into these sites.
Recording Passwords Securely
While a little creativity may allow you to remember all of your passwords, the need to change those passwords periodically means that you might quickly run out of creativity. 
As an alternative, you can generate random, secure passwords for most of your accounts and simply give up on the idea of remembering them all. Instead, you can record them in a portable, encrypted secure password database, such as KeePassX.
Of course, if you use this method, it becomes especially important that you create and remember a very secure password for KeePassX, or whatever tool you choose. 
Whenever you need to enter a password for a specific account, you can look it up using only your master password, which makes it much easier to follow all of the suggestions above. 
KeePassX is portable, as well, which means that you can put the database on a USB memory stick in case you need to look up a password while you are away from your primary computer.
Although it is probably the best option for anybody who has to maintain a large number of accounts, there are a few drawbacks to this method. 
First, if you lose or accidentally delete your only copy of a password database, you will no longer have access to any of the accounts for which it contained passwords. This makes it extremely important that you backup your KeePassX database. Fortunately, the fact that your database is encrypted means that you don't have to panic if you lose a USB memory stick or a backup drive containing a copy of it.
The second major drawback could be even more important. If you forget your KeePassX master password, there is no way to recover it or the contents of the database. So, be sure to choose a master password that is both secure and memorable!
The strength of this method may, in certain situations, become its weakness. 
If somebody forces you to give away your KeePassX database master password, they will gain access to all of the passwords stored in the KeePassX database. If this is a situation you may face, you could treat your KeePassX database as a sensitive file, and protect it as we describe in our guide How to protect the sensitive files on your computer. You can also create a separate KeePassX database to contain passwords protecting more sensitive information and take extra precautions with that database.
This article was originally published by Security-in-a-Box and is licensed under a Creative Commons Attribution-Share Alike 3.0 Unported License.



Useful Resources Everyone Can Use

 


Clever Uses for Aluminum Foil

·         Sharpen scissors-hone dull scissors by folding a piece of foil into quarters and cutting through it several times.

·         Remove rust by crumpling foil into a wad and using it to scrub rust from car chrome or household items – it is softer than steel, so it won’t scratch the surface.

·         Make a funnel-fold a sheet twice on a diagonal to create a cone, then cut the tip to create a small hole.  Use your makeshift funnel to transfer liquids into jars with narrow openings.

·         Speed up ironing by placing a layer of foil under your ironing-board cover.  Because aluminum reflects heat, it will help with pressing out wrinkles.

·         Guard against paint drips-ready to paint but you have no tape for masking?  Foil can be used before you start to wrap doorknobs, dresser handles and other hardware…also use it to line roller pans for easier clean up.

A Few More Clever Solutions...

Extra Income for Single Moms
How a single mom can create multiple income streams Read more.
 

An Easy Budgeting Trick

If you hate meticulously tracking every minor expense, then this easy trick just might be the thing that can help you stick with your budget.

 

 

 

 

Bruce ‘the Poor Man’

 

 


Additional Resources

The Anatomy of a Breakdown

The Prepper’s Blueprint: The Step-By-Step Guide To Help You Through Any Disaster

Contact! A Tactical Manual for Post Collapse Survival

Homemade wood stove

https://www.youtube.com/watch?v=VDCNSiFf1Yg

Heat and Electricity Cost Cutting 101
Save more of your hard-earned cash by using these 7 ways to save on your electric bill.

 

 


Arm Up System-Defense Without Regulation
PM’s Guide to Home Defense

It is a crazy world out there with plenty of violence and everyone knows you that under most circumstances, police usually arrive after the fact. Your rights to defend yourself are often under attack, even for non-lethal self-defense tools…Includes book and 3 bonus CD ROMS

http://www.bonanza.com/listings/Guide-to-Home-Defense-Arm-Up-System-Defense-W-out-Regulation-Bonuses/370808566

 

 
Support our efforts by shopping my storefront…

http://RetroGuy.Net

 

A Smoking Frog Feature, Shallow Planet Production

 
Posted by at
Labels: , ,

1 comment:

DAR said...

It's a tough world out there so thanks for these tips to stay ahead of the bad guys...

November 29, 2016 at 8:39 AM

Post a Comment

Subscribe to: Post Comments (Atom)