Use a Password Manager Or You WILL Get Hacked

Do you ever use the same password over and over again for different accounts? If so, you are not alone. However, this is quite dangerous. It’s best to use a different, unique password for each account, and to make it easier, you should use a password manager.

According to surveys, people understand that they should use unique passwords, and more than half of people get stressed out due to passwords. Furthermore, about 2/3rds of people said that they had forgotten a password or that a password issue had cause problems at work.

However, a password manager can easily solve the issues associated with passwords. A password manager is a type of software that can store login info for any and all websites that you use. Then, when you go to those websites, the password manager logs you in. These are safe, too. The information is stored on a secure database, which is controlled by a master password.

Using a Password Manager

Most people have more than one online account, and again, it’s so important to have a different password for each account. However, it’s very difficult to remember every password for every account. So, it’s not surprising that people use the same one for all of their accounts. But, if using a password manager, you can make it a lot easier.

  • When using a password manager, you can create a password that is safe and secure, and all of your passwords are protected by your master password.
  • This master password allows you to access all websites you have accounts on by using that master password.
  • When you use a password manager, and you update a password on a site, that password automatically is updated on all the computers that use your password manager.

Password Managers Can Ease Your Stress

When you first start using a password manager, it’s likely that you’ll notice you have fewer worries about your internet accounts. There are other things you will notice, too, including the following:

  • When you first visit a website, you won’t put your password in. Instead, you can open the password manager, and then there, you can put your master password.
  • The password manager you use fills in your username and password, which then allows you to log into the website with no worries.

Things to Keep in Mind Before You Use a Password Manager

Password managers available on the internet from many reputable security companies. However, before you pay for them, there are some things that you should keep in mind:

  • All of the major internet browsers have a password manager. However, they just can’t compete with the independent software that is out there. For instance, a browser-based password manager can store your info on your personal computer, but it may not be encrypted. So, a hacker can might that information anyway.
  • Internet browser-based password managers do not generate custom passwords. They also might not sync from platform to platform.
  • Software based password managers work across most browsers such as Chrome, Internet Explorer, Edge, Firefox and Safari.

Password Managers are Easy to Use

If you are thinking about using a password manager, the first step is to create your master password.

  • The master password has to be extremely strong, but easy to remember. This is the password you will use to access all of your accounts.
  • You should go to all of your accounts and change your passwords using the password manager as an assistant. This ensures that they are as strong as possible, too.
  • The strongest passwords contain a combination of numbers, uppercase and lowercase letters, and symbols. Password managers often create passwords using this formula.

Managing your accounts online is really important, especially when you are dealing with passwords. Yes, it’s easy to use the same password for every account, but this also makes it easy for hackers to access those accounts.

Don’t Reuse Your Passwords

You might think it would be easy to reuse your passwords, but this could be dangerous:

  • If your password is leaked, hackers can get access to all of your sensitive information like passwords, names, and email addresses, which means they have enough information to access other sites.
  • When a website is hacked, and all of your passwords and usernames are discovered, the scammer can then plug in those passwords and usernames into all of your accounts to see what works. These could even give them access to your bank account or websites like PayPal.

Ensuring Your Passwords are Secure and Strong

There are a number of ways to ensure your passwords are secure and strong. Here are some more ways to create the best passwords:

  • Make your passwords a minimum of eight characters long.
  • Mix up letters, numbers, and symbols in the password, making sure they don’t spell out any words.
  • Have a different password for every account that you have. This is extra important for accounts containing financial information, like bank accounts.
  • Consider changing your password often. This ensures your safety and security.

If you have a weak password, you are much more susceptible to hacks and scams. So, protect your online existence, and start utilizing these tips.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Remember This: Hackers Like Strong Passwords, Too

In late 2016, a huge data breach occurred. More than 412 million accounts were affected when hackers got into FriendFinder Networks.

5DAccording to sources, approximately a million of those accounts had the password ‘123456,’ and approximately 100,000 has the password that was simply, ‘password.’ This, of course, is despite the efforts from pros about password management and the importance of a strong password.

Complex Passwords are Inconvenient

This data breach is just one of many, and it shows that using passwords alone are risky and have consequences. Additionally, complex passwords are inconvenient, and this means that people often avoid using them, or they write them down, or use them across multiple accounts, meaning there is a great chance that they can be stolen.

Keeping in mind, still, that passwords are flawed. This is not because they are often so easy to guess and easy to hack, it’s because they are quite expensive to maintain. Approximately 20 to 50 percent of calls to the help desk are due to password resets because people forget them.

All of this means that things have only gotten worse when it comes to the usability of passwords over the past few years. So, to keep the control that is necessary to ensure the data is safe in an organization, the IT team must use tools that will address these major security concerns. When you consider all of this, it is truly shocking that so many people are still using passwords such as ‘password’ and ‘123456.’

If you look at all of the data-breaches that have occurred in 2016 and consider the millions of people who have been caught up in these breaches, it’s absurd that people are picking passwords that are so easy to guess.

However, you also should keep in mind that it doesn’t matter what your password is, security experts and IT professionals keep hammering in the importance of changing passwords. Even if you are choosing passwords that are a bit more advanced than ‘123456,’ you should still change your password, often.

You also must consider this: it doesn’t matter how good your password is and how complex you make it; passwords are still vulnerable. What we need is a change in our thoughts about security and a revision of our concept of what a password is and does.

In some form or another, passwords have existed as a way to secure information for centuries. For most of this time, they have worked well. However, with technology changing the world, this old form of security needs to be refreshed to meet the needs of the time.

More Security is Necessary

To overcome all of the issues that are associated with passwords, companies should take time to look at different forms of security. All you are doing now is wasting time and money by changing passwords and making them stronger. On top of this, when your business experiences a data breach, you could be facing a fine and of course, embarrassing questions. Instead, it’s time to drop this concept of using passwords as the only means of security.

We need an approach that eliminates passwords altogether. Using, for instance, two factor or multi factor authentication or better, un-hackable security tokens is one way to ensure that no passwords are stored, created, or transmitted. This will help us all to remain safe.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Celebrate World Password Day in 2016 With These Tips

Each year, researchers in security take the time to rate some of the worst passwords found on the Internet. While popular pop culture events have caused waves with the list of the worst passwords of 2015 – think “solo,” “starwars,” and “princess” – the worst passwords of last year were still the usual suspects, “password,” “123456,” and “qwerty.”

5DIt shouldn’t be a surprise to anyone that researchers estimate as many as 90 percent of all user-generated passwords are subject to hacking. However, it might surprise you to know that even passwords that you believe to be secure will give little protection if it gets leaked.

On May 5th, the 4th World Password Day will commence, and Intel Security is, for the first time, departing from its usual stance of asking users to change their passwords to something stronger. Instead, they are asking users to add multi-factor authentication, or MFA.

MFA is an extremely powerful security feature that is available on most major websites for free, and this helps to stop any unauthorized person from accessing the account, even if this person knows your password. This feature combines the login with other identification factors such as face recognition, fingerprints or a code that you can use, which is delivered by text message.

Even the President is getting into the password game. That’s how important it is to have a strong password. President Obama recently suggested that Americans should start to protect themselves online by turning on this multi-factor authentication. Additionally, when you supplement passwords with MFA, you will greatly decrease the chance that you become a victim of fraud or identity theft.

Here are some of the best ways to protect and strengthen your password:

  • Create passwords that are strong by using symbols and a mixture of upper and lower case letters
  • Use a different password for every account you have
  • Utilize a password manager to keep track of all of your passwords
  • Turn on the multi-factor authentication feature when possible.

You can find out how well your passwords stack up by testing them online at Passwordday.org, by taking a pledge to add MFA, or even watch some videos about computer security.

You can also join in on a Twitter chat on May 5 at 3 pm Eastern/Noon Pacific. Stop.Think.Connect is hosting the chat and will be joined by @Telesign, @IntelSecurity and @StaySafeOnline. When you pledge to turn on MFA, which is free on most web services, you will be entered in a drawing to win a prize. Make the pledge today to turn on the MFA feature on May 5th, which is World Password Day.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures.

Change Passwords or not; that is the Question

We’re told to change our passwords often to minimize getting hacked. Now we’re told this is a bad thing.

5DBut not for any inherent techy reason. It’s because frequent password changing makes many people lower their guard when it comes to creating new passwords.

They get lax and end up with passwords like Bear1, Crazy4u and GetHigh1978. Or, they often only minimally change the password, such as going from Hotbaby!! to Babyhot!!.

Believe it or not, despite an infinite number of permutations involving 26 letters, 10 numbers and 10 symbols, many people struggle to create new passwords beyond just minimally altering existing passwords. And don’t even ask these folks to remember any new and very different, strong passwords.

But if you already have unique, strong and jumbled passwords, you do not have to frequently change them. So if your Facebook password is Ihv1dggnPRvGr8tGamz!, there is no reason to change this 90 days after creating it. However, changing ANY password every six months to a year is still a wise idea. And this infrequency won’t leave you drained.

And you can always use a password manager to do the figuring for you anyways. A password manager will create long, strong and unique passwords, and issue you a single master password.

Rules for a Virtually Uncrackable Password

  • Does not include any names that are found in a dictionary, including proper names, sports team names, rock group names, city names, etc.
  • Does not have any keyboard sequences, no matter how unintelligible. So even though sdfgh looks jumbled, it’s just as much a sequence as 12345.
  • It contains numbers, letters and symbols.
  • If you predict struggling to remember a bunch of jumbled passwords, then think of a phrase that you will never forget, especially one that pertains to the account you want to create the password for. An example might be the password for your credit card account. You can shorten “I Hate Making Credit Card Payments” to: iH8tmkngCCpymnt$!.

You can also shorten phrases that pertain to things you love, like for instance, a phrase about your favorite movie, food, vacation, TV show, etc.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Introducing the very first Biometric Password Lockdown App

This application for your mobile device will change things in a huge way:

  • Locks down smartphones with a finger-based biometric password
  • Multi-factor authentication all-in-one
  • It’s called BioTect-ID

bioAnd why should you consider the world’s first biometric password for your mobile device? Because most smartphone security devices have been cracked by cyber thieves.

Layers of protecting your online accounts have historically involved the password, a PIN, security questions or combinations of these which isn’t that secure. However getting into your devices requires even less – a single password, connecting dots with your finger or nothing at all. Some devices can be accessed with stronger security using your fingerprint or in some cases a combination of biometrics like face scan, voice or fingerprints.

Now you may be convinced that a physical biometric, such as your fingerprint, palm pattern or face scan are so unique that they’re impossible to hack, but guess what: These are all hackable. In fact, a cyber crook could steal, for instance, your face or fingerprint image—for all time—and then what? You’re out of luck.

So why have that possibility looming over you? Why not eliminate it with the BioTect-ID app? You have only one voice, one fingerprint, one palm, etc., but fingering in a hand written password means you can change the gesture biometric or the “drawing” of the password any time—because this is a behavior, not a static physical characteristic. Nobody can steal your gesture, not even your identical twin.

BioTect-ID is also very privacy-conscious because there is nothing invasive about recording a gesture.

The choice of which biometric to use becomes a very important consideration. The Internet of Things (IOS) will see our devices increase in value as they control our home access, record our health scores and process/retain many other aspects of our personal lives. The use of biometrics will increase dramatically to protect our privacy and security. But you want to choose carefully. Remember your unchanging physical body information will be hugely attractive to thieves who can steal your identity or use it for other purposes. But you can’t steal the BioTect-ID information.

Here’s how the BioTect-ID multi-factor authentication works.

  • With your mouse or finger, create a four-character password.
  • BioTect-ID “learns” your unique finger/hand movements as you do this.
  • To access your mobile phone, you “draw” your password into the BioTect-ID application.
  • If you are the registered owner, you get access — with bad guys out of luck.

BioTect-ID even solves the big problem of physical data being irreplaceable because it is a gesture biometric also known as a “dynamic” biometric, rather than something like a fingerprint or facial recognition.

This is such exciting news from Biometric Signature ID that we just have to run through it again:

  • The first biometric app that does not require invasive information about a body part like your eyes.
  • The only privacy-conscious biometric security app in existence.
  • Passwords cannot be stolen, not even borrowed, and of course, can’t be lost.
  • Just draw your password with your finger, stylus or mouse, and this gesture will be captured.
  • Only this gesture will unlock (and lock) your smartphone, and it takes only seconds.
  • Easily reset your password at will.
  • The strongest identity authentication on the planet.

Don’t wait about getting this kind of protection, because biometrics is increasingly becoming a part of modern day life.

The final frontier of privacy is your body, and by continuing to rely upon body-part biometrics, you keep that door open enough for a hacker to copy and, essentially, retain a part of your body. There goes your privacy, to say the least.

The gesture-based, multi-factor authentication is poised to change the future of cyber protection. But not before this technology gets adequate awareness and support. We need to get this groundbreaking technology out there into the minds of Internet users.

Here is how you’ll benefit with the BioTect-ID:

  • Peace of mind, knowing that even the most brilliant hacker will never be able to duplicate or steal your gesture.
  • Elimination of having to keep body-part details in files
  • Keeping your privacy and security safe from being exposed against your control
  • Being the first to benefit from this cutting-edge security technology

You can actually receive early edition copies of the app for reduced prices and get insider information if you become a backer on Kickstarter for a couple of bucks. Go to www.biosig-id.com to do this.

Don’t Be Lazy With Your Passwords

It can be tough being a responsible adult sometimes, and managing these responsibilities isn’t always a chore that I want to deal with. Can you relate? Managing life takes focus and effort, and managing your online life is no different. Most of us are lazy with our online accounts, especially when it comes to our passwords. It is easy to use the same password for every account, but this also makes it very easy for hackers to access your passwords.

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294You Need a Password Manager

Most of us have several online accounts that require different passwords. However, trying to remember all of these passwords is difficult, so it is no wonder that people choose to only use one password for every account. How can you avoid this? You should use a password manager.

  • Password managers will help a person not only create a password that is safe and secure, but all of the passwords you choose can be stored and managed by using a master password.
  • A master password allows you to get access to all of your accounts by using only one password.
  • When you have a password manager, you will no longer have to reset passwords, and your online accounts will be more secure than ever before.

Making Passwords Strong and Secure

There are a number of ways to make your passwords secure and strong. But don’t just take my word for it, according to Bill Carey, VP Marketing for the RoboForm Password Manager “The number one thing a user can do to protect themselves online is use a strong unique password for every website”

  • Passwords should be a minimum of eight characters long.
  • All passwords should also have letters, numbers and characters that do not spell another word.
  • Make sure to use different passwords for different accounts. This is especially the case for banking and other websites that contain sensitive information.
  • Passwords should be changed frequently to ensure safety and security.

Those who have weak passwords are more susceptible to hacks and scams. Make sure to take these tips to heart and protect your sensitive online information.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

How to Set Up a Password Manager

If you have made the decision to use a password manager for your personal cybersecurity, which I highly recommend, you will quickly find that you online world is safer, easier and more secure than ever before.

7WAccording to a recently concluded survey conducted by uSamp and sponsored by Siber Systems, creators of the RoboForm Password Manager, 63% of respondents reported forgetting a password, or had a password become compromised, in their professional life.  But it doesn’t need to be this difficult.

What Does a Password Manager Do?

Before choosing a password manager and setting up an account, you may be curious to see exactly what they do:

  • A password manager stores the passwords for your online accounts in one, easy to access place, as long as you have access to the master password.
  • The passwords are stored and encrypted by the password manager software, and the information is controlled by a master password.
  • The password manager will allow you to create a strong password for every account without the need to have to remember them.
  • Many password managers can sync across devices and platforms, as well as browsers, so you can use it with almost any online account you have.

Setting Up a Password Manager is Easier Than You Think

Setting up a password manager is typically easy, and the process begins by downloading the manager onto your device.

  • Setting up the account is no different than sitting up any other account. You will need a user ID, password, name and email address in most cases.
  • Each device you use should have the password manager installed onto it.
  • The data will automatically sync from device to device as it is updated according to information from RoboForm.com.
  • As long as the master password is kept safe, the data stored within the password manager is secure.
  • To start saving passwords to the password manager, log into websites as you normally do, and then the program will ask if you want to save the log in information. Once the information is saved, each time you go to the site and attempt to log into your account, the password manager will automatically enter your information.

As you can see, using a setting up a password manager is quite simple, and it is likely easier than you ever thought in the past. It can be done in minutes and will keep you safe for many years to come.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.