Shred your Boarding Pass

Apparently there are people who take pictures of their airplane boarding pass…and post it online. I’m dead serious. I’ve heard of toddlers getting excited over scraps of paper, but full-grown adults posting images of their boarding pass online? Don’t get me started.

2DLet’s just only say that this is incredulously absurd. Like, who cares about your bleepity bleep boarding pass, right? OK, you got bumped up to First class. SAVE IT. Well wait a minute. Fraudsters care.

Fraudsters also care about the boarding pass that’s left intact in a rubbish can or lying on a seat somewhere.

Few travelers know that the bar code on the boarding pass MAY contain that individual’s home address, e-mail address, name and contact number. All a crook needs is this basic information (revealed via bar code reader off his cell phone!) to get the fraud ball rolling.

  • Keep your boarding pass out of everyone’s sight except the airport employee who requests it.
  • After you no longer need it, tear it up and flush it down a toilet.
  • When you arrive to your hotel, don’t bring it with you to your hotel room and leave it sitting out in full view. Shred and destroy it prior.  Putting it in the hotel room trash isn’t enough. Realize that when you’re not in the room, maids and other hotel employees can gain access—and I can’t say it enough: You just never know who has a bar code reader app.
  • And for Heaven’s sake, don’t post images of it online, if for no other reason, this makes you come across as less interesting than a doorknob. In fact, don’t even think of taking a picture minus the bar code. You just never know with today’s technology what a crook could get off an image online.

Man, if you still don’t believe me about any of this, check out these two very short but alarming videos. You’ll be flabbergasted at how much information about you a techy thief could get off of your boarding pass! “If a hacker can find it, he can find YOU!”

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Change Passwords or not; that is the Question

We’re told to change our passwords often to minimize getting hacked. Now we’re told this is a bad thing.

5DBut not for any inherent techy reason. It’s because frequent password changing makes many people lower their guard when it comes to creating new passwords.

They get lax and end up with passwords like Bear1, Crazy4u and GetHigh1978. Or, they often only minimally change the password, such as going from Hotbaby!! to Babyhot!!.

Believe it or not, despite an infinite number of permutations involving 26 letters, 10 numbers and 10 symbols, many people struggle to create new passwords beyond just minimally altering existing passwords. And don’t even ask these folks to remember any new and very different, strong passwords.

But if you already have unique, strong and jumbled passwords, you do not have to frequently change them. So if your Facebook password is Ihv1dggnPRvGr8tGamz!, there is no reason to change this 90 days after creating it. However, changing ANY password every six months to a year is still a wise idea. And this infrequency won’t leave you drained.

And you can always use a password manager to do the figuring for you anyways. A password manager will create long, strong and unique passwords, and issue you a single master password.

Rules for a Virtually Uncrackable Password

  • Does not include any names that are found in a dictionary, including proper names, sports team names, rock group names, city names, etc.
  • Does not have any keyboard sequences, no matter how unintelligible. So even though sdfgh looks jumbled, it’s just as much a sequence as 12345.
  • It contains numbers, letters and symbols.
  • If you predict struggling to remember a bunch of jumbled passwords, then think of a phrase that you will never forget, especially one that pertains to the account you want to create the password for. An example might be the password for your credit card account. You can shorten “I Hate Making Credit Card Payments” to: iH8tmkngCCpymnt$!.

You can also shorten phrases that pertain to things you love, like for instance, a phrase about your favorite movie, food, vacation, TV show, etc.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Popular Passwords make it easy to hack You

Your account passwords should be as unique as your fingerprint—to make them less hackable by crooks using password-guessing software that can run through millions of possible combinations in just minutes. And if you have an easy password, there may be a hit within 10 seconds.

5DThink this software can figure out your password of “password1” or “monkey”? These are among the most used passwords. Needless to say, so is “1password” and just “password.” And “login.” What are people thinking?

Every year, millions of passwords are stolen. These are made public by researchers, in order of popularity. Hackers see this list. If you don’t want to get hacked, then avoid using the following passwords (this list is very incomplete):

  • 123456 (avoid ANY numerical sequence)
  • qwerty (avoid ANY letter sequence)
  • 123456789 (long sequences are just as bad as shorter ones)
  • Football (hackers know that tons of passwords are a name of a popular sport)
  • abc123 (combining different keyboard sequences doesn’t toughen up the password)
  • 111111 (how lazy can you be?)
  • 1qaz2wsx (vertical sequences are vulnerable too)
  • master, princess, starwars (give me a break)
  • passw0rd (wow, so creative!)

Don’t even bother with names of animals, countries, cities, famous music bands or people names. Even combining these won’t help, such as EmilyParis. If any component of the password can be found in a dictionary, change it.

Using a unique, different and strong password for all of your accounts goes a very long way in protecting yourself from hackers—and that means a different password for every account/site, not just a strong and original one. A hacker’s software will take millions of years to crack a password like 8guEF$#gG2#&4H.

Now suppose you have 15 passwords like this (for 15 accounts). How do you remember them all, being that they’re a crazy jumble of all sorts of characters?

Use a Password Manager

  • Solves the problem of having to remember (and type in) many different whacky combinations of characters.
  • Creates complex, hard-to-crack passwords.
  • Stores all the passwords and allows you to use one master password.
  • Eliminates having to reset passwords.

But feel free to make some of your passwords up. So if your favorite movie is the original “Star Wars,” your different passwords might be:

  • iLVth1st*wrz!FB (FB being for Facebook)
  • iLVth1st*wrz!A2Z (A2Z being for Amazon)
  • iLVth1st*wrz!$$ ($$ being for your bank)
  • Passwords should be at least eight characters.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Introducing the very first Biometric Password Lockdown App

This application for your mobile device will change things in a huge way:

  • Locks down smartphones with a finger-based biometric password
  • Multi-factor authentication all-in-one
  • It’s called BioTect-ID

bioAnd why should you consider the world’s first biometric password for your mobile device? Because most smartphone security devices have been cracked by cyber thieves.

Layers of protecting your online accounts have historically involved the password, a PIN, security questions or combinations of these which isn’t that secure. However getting into your devices requires even less – a single password, connecting dots with your finger or nothing at all. Some devices can be accessed with stronger security using your fingerprint or in some cases a combination of biometrics like face scan, voice or fingerprints.

Now you may be convinced that a physical biometric, such as your fingerprint, palm pattern or face scan are so unique that they’re impossible to hack, but guess what: These are all hackable. In fact, a cyber crook could steal, for instance, your face or fingerprint image—for all time—and then what? You’re out of luck.

So why have that possibility looming over you? Why not eliminate it with the BioTect-ID app? You have only one voice, one fingerprint, one palm, etc., but fingering in a hand written password means you can change the gesture biometric or the “drawing” of the password any time—because this is a behavior, not a static physical characteristic. Nobody can steal your gesture, not even your identical twin.

BioTect-ID is also very privacy-conscious because there is nothing invasive about recording a gesture.

The choice of which biometric to use becomes a very important consideration. The Internet of Things (IOS) will see our devices increase in value as they control our home access, record our health scores and process/retain many other aspects of our personal lives. The use of biometrics will increase dramatically to protect our privacy and security. But you want to choose carefully. Remember your unchanging physical body information will be hugely attractive to thieves who can steal your identity or use it for other purposes. But you can’t steal the BioTect-ID information.

Here’s how the BioTect-ID multi-factor authentication works.

  • With your mouse or finger, create a four-character password.
  • BioTect-ID “learns” your unique finger/hand movements as you do this.
  • To access your mobile phone, you “draw” your password into the BioTect-ID application.
  • If you are the registered owner, you get access — with bad guys out of luck.

BioTect-ID even solves the big problem of physical data being irreplaceable because it is a gesture biometric also known as a “dynamic” biometric, rather than something like a fingerprint or facial recognition.

This is such exciting news from Biometric Signature ID that we just have to run through it again:

  • The first biometric app that does not require invasive information about a body part like your eyes.
  • The only privacy-conscious biometric security app in existence.
  • Passwords cannot be stolen, not even borrowed, and of course, can’t be lost.
  • Just draw your password with your finger, stylus or mouse, and this gesture will be captured.
  • Only this gesture will unlock (and lock) your smartphone, and it takes only seconds.
  • Easily reset your password at will.
  • The strongest identity authentication on the planet.

Don’t wait about getting this kind of protection, because biometrics is increasingly becoming a part of modern day life.

The final frontier of privacy is your body, and by continuing to rely upon body-part biometrics, you keep that door open enough for a hacker to copy and, essentially, retain a part of your body. There goes your privacy, to say the least.

The gesture-based, multi-factor authentication is poised to change the future of cyber protection. But not before this technology gets adequate awareness and support. We need to get this groundbreaking technology out there into the minds of Internet users.

Here is how you’ll benefit with the BioTect-ID:

  • Peace of mind, knowing that even the most brilliant hacker will never be able to duplicate or steal your gesture.
  • Elimination of having to keep body-part details in files
  • Keeping your privacy and security safe from being exposed against your control
  • Being the first to benefit from this cutting-edge security technology

You can actually receive early edition copies of the app for reduced prices and get insider information if you become a backer on Kickstarter for a couple of bucks. Go to www.biosig-id.com to do this.

The World’s First Biometric Password Lockdown App is here

It’s about time: a biometric for your smartphone that will change the way you think about biometric security.

bioThis revolutionary biometric comes from Biometric Signature ID and it’s called BioTect-ID, and though it’s a biometric, it does not involve any so-called invasiveness of collecting body part information. The world’s first biometric password involves multi-factor authentication and just your finger—but not prints!

All you need to make this technology work to lock down your mobile device is a four-character password. But you can also draw a symbol like a star, leaf, a shining sun or smiley face as your password.

So suppose your password is PTy5 or a star. And suppose the wrong person learns this. In order for that person to get into your locked phone, they will have to literally move their finger exactly as you did to draw the “PTy5” or the star. This will be impossible.

BioTect-ID’s technology captures your finger’s movements, its gestures, and this biometric can’t be stolen or replicated.

BioTect-ID doesn’t stop there, however. The finger gesture biometric is only one component of the overall security. You’ve probably heard of “two-factor” authentication. This is when, in addition to typing in your password or answering a security question, you receive a text, phone call or e-mail showing a one-time numerical security code. You use that code to gain access. But this system can be circumvented by hackers.

And the traditional biometrics such as fingerprints and voice recognition can actually be stolen and copied. So if, say, your fingerprint is obtained and replicated by a cyber thief…how do you replace that? A different finger? What if eventually, the prints of all fingers are stolen? Then what? Or how do you replace your voice or face biometrics?

Biometrics are strong security because they work. But they have that downside. It’s pretty scary.

BioTect-ID solves this problem because you can replace your password with a new password, providing a new finger gesture to capture, courtesy of the patented software BioSig-ID™. Your finger movement, when drawing the password, involves:

  • Speed
  • Direction
  • Height
  • Length
  • Width
  • And more, including if you write your password backwards or outside the gridlines.

Encryption software stores these unique-to-you features.

Now, you might be wondering how the user can replicate their own drawing on subsequent password entries. The user does not need to struggle to replicate the exact appearance of the password, such as the loop on the capital L. Dynamic biometrics captures the user’s movement pattern.

So even though the loop in the L on the next password entry is a bit smaller or longer than the preceding one, the movement or gesture will match up with the one used during the enrollment. Thus, if a crook seemingly duplicates your L loop and other characters as far as appearance, his gestures will not match yours—and he won’t be able to unlock the phone.

In fact, the Tolly Group ran a test. Subjects were given the passwords. None of the 10,000 login attempts replicated the original user’s finger movements. Just because two passwords look drawn the same doesn’t mean they were created with identical finger gestures. Your unique gesture comes automatically without thinking—kind of like the way you walk or talk. The Tolly test’s accuracy was 99.97 percent.

Now doesn’t this all sound much more appealing than the possibility that some POS out there will steal your palm print—something you cannot replace?

Let’s get BioTect-ID’s technology out there so everyone knows about this groundbreaking advance in security. Here is what you’ll achieve:

  • You’ll be the first to benefit from this hack-proof technology
  • You’ll have peace of mind like you’ve never had before
  • Eliminated possible exposure of your body parts data kept in files

You can actually receive early edition copies of the app for reduced prices and get insider information if you become a backer on Kickstarter for a couple of bucks. Go to www.biosig-id.com to do this.

Don’t Be Lazy With Your Passwords

It can be tough being a responsible adult sometimes, and managing these responsibilities isn’t always a chore that I want to deal with. Can you relate? Managing life takes focus and effort, and managing your online life is no different. Most of us are lazy with our online accounts, especially when it comes to our passwords. It is easy to use the same password for every account, but this also makes it very easy for hackers to access your passwords.

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294You Need a Password Manager

Most of us have several online accounts that require different passwords. However, trying to remember all of these passwords is difficult, so it is no wonder that people choose to only use one password for every account. How can you avoid this? You should use a password manager.

  • Password managers will help a person not only create a password that is safe and secure, but all of the passwords you choose can be stored and managed by using a master password.
  • A master password allows you to get access to all of your accounts by using only one password.
  • When you have a password manager, you will no longer have to reset passwords, and your online accounts will be more secure than ever before.

Making Passwords Strong and Secure

There are a number of ways to make your passwords secure and strong. But don’t just take my word for it, according to Bill Carey, VP Marketing for the RoboForm Password Manager “The number one thing a user can do to protect themselves online is use a strong unique password for every website”

  • Passwords should be a minimum of eight characters long.
  • All passwords should also have letters, numbers and characters that do not spell another word.
  • Make sure to use different passwords for different accounts. This is especially the case for banking and other websites that contain sensitive information.
  • Passwords should be changed frequently to ensure safety and security.

Those who have weak passwords are more susceptible to hacks and scams. Make sure to take these tips to heart and protect your sensitive online information.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

How Passwords Get Hacked

If I wanted to crack one of your passwords, I could probably make a series of educated guesses and get pretty close. Why? Because people tend to stick with simple, easy to remember passwords, but these are the passwords that are easy to hack. According to Bill Carey, VP Marketing for the RoboForm Password Manager “Users need to take personal responsibility for their passwords and not assume that companies will keep them safe.”

4DHackers Have Many Ways to Get Into Your Accounts

There are many ways that a hacker can get into an online account.

  • A brute force attack is one of the simplest ways to gain access to information, and is generally done when a hacker writes a special code to log into a site using specific usernames and passwords.
  • A hacker usually focuses on websites that are not known for security, such as forums…and if you are like most people, the same password and username you use on your favorite gardening site is the same you use at your bank…or at least a version of it.
  • The hacker instructs the code to try thousands of different username and password combinations on the target site, such as your bank.
  • What makes this easier? Your computer stores cookies, which have information on your login credentials, in a neat, orderly unencrypted folder on the cache of your web browser. As soon as this is accessed, it can be used to get into online accounts.

How to Improve Your Passwords

There are a number of expert tips that will help to improve your passwords:

  • Substitute numbers for letters that look similar, such as @ for O, i.e. M@delTFord.
  • Throw in a random capital letter where it usually shouldn’t be, i.e. PaviLlion723.
  • Have a different username and password combination for every account.
  • Consider using a password manager to keep track of all of your account credentials. This way, you won’t have to worry about remembering all of the symbols and letters. These password managers also automatically fill passwords in on web pages or on devices.
  • Test your password strength with an online tester, but make sure it is from a reputable source, such as Microsoft or even beter use the experts over at password manager RoboForm – http://www.roboform.com/how-secure-is-my-password.

Don’t learn a hard lesson when it comes to your passwords. Take the steps today to update your log in credentials, and have a safer tomorrow.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

How to Set Up a Password Manager

If you have made the decision to use a password manager for your personal cybersecurity, which I highly recommend, you will quickly find that you online world is safer, easier and more secure than ever before.

7WAccording to a recently concluded survey conducted by uSamp and sponsored by Siber Systems, creators of the RoboForm Password Manager, 63% of respondents reported forgetting a password, or had a password become compromised, in their professional life.  But it doesn’t need to be this difficult.

What Does a Password Manager Do?

Before choosing a password manager and setting up an account, you may be curious to see exactly what they do:

  • A password manager stores the passwords for your online accounts in one, easy to access place, as long as you have access to the master password.
  • The passwords are stored and encrypted by the password manager software, and the information is controlled by a master password.
  • The password manager will allow you to create a strong password for every account without the need to have to remember them.
  • Many password managers can sync across devices and platforms, as well as browsers, so you can use it with almost any online account you have.

Setting Up a Password Manager is Easier Than You Think

Setting up a password manager is typically easy, and the process begins by downloading the manager onto your device.

  • Setting up the account is no different than sitting up any other account. You will need a user ID, password, name and email address in most cases.
  • Each device you use should have the password manager installed onto it.
  • The data will automatically sync from device to device as it is updated according to information from RoboForm.com.
  • As long as the master password is kept safe, the data stored within the password manager is secure.
  • To start saving passwords to the password manager, log into websites as you normally do, and then the program will ask if you want to save the log in information. Once the information is saved, each time you go to the site and attempt to log into your account, the password manager will automatically enter your information.

As you can see, using a setting up a password manager is quite simple, and it is likely easier than you ever thought in the past. It can be done in minutes and will keep you safe for many years to come.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

It’s Time for You to Use a Password Manager

If you are like me, you have several online accounts, each with a user name and password. Though it is tempting to use one password for every account, this can be troublesome as it is a huge security risk. So, what is your only option? To use a password manager.

2DAccording to a recently concluded survey conducted by uSamp and sponsored by Siber Systems, creators of the RoboForm Password Manager:

  • 42% write them down
  • 23% reported always using the same password**
  • 25% reported using personal information
  • Only 8% use a password manager tool
  • Only 37% report using phrases with a combination…

The statistics clearly show that a lot of the data breaches we see today are a result of poor password management.

A Password Manager? What Is It?

At a basic level, a password manager is a service that allows people to secure all of their account log in information with one master password.

  • With a password manager, you won’t have to worry about password compromises, and you can easily have a different password for every account without the need to remember them.
  • If one password is compromised, such as a Facebook password, you can be sure that the scammer will not have access to other accounts as they don’t have the same password any longer.
  • It is easier than you might think to hack into an account, but with this software, your passwords are protected, unique and strong.

Choose the Right Password Manager for Your Needs

There are many services out there offering password management software, some are free, some are paid, but all of them offer better protection than you would get by choosing nothing.

  • Some password managers are device specific, so make sure that if you use Apple products, for example, that you ensure the manager will work with your hardware.
  • Most password managers work on multiple platforms.
  • There are online and local password managers, too. An online manager allows passwords to be stored online, but they may not be as secure or as reputable as a local password manager.
  • Fortunately, there are many great online password managers, such as RoboForm. It can be used on all major browsers and across most devices. I’ve been using RoboForm for at least 10 years. It works lovely.

Password Managers: Final Thoughts

  • Take some time to research before choosing your password manager. It must be a trustworthy company.
  • You will be more secure than ever before, but nothing is fool-proof, so you still need to keep your devices security software updated and make sure you have copyies of all your passwords in an encrypted Excel file.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

The Password Reset Isn’t How to Remember a Password

Consider a keychain for a moment. For most of us, a keychain holds all of our necessities such as home keys, car keys, work keys and even forgotten keys, that we aren’t quite sure what to do with. Now, think about this. What if your keychain had keys that look identical, but each key only opens one door.

5DIf you are like most people, this key scenario is almost identical to the way you treat your account passwords online. What happens when you want to use a key, but you don’t know which one goes with which door? It can be very easy to forget and identify the key to the door or the password to the website.

What do you do in this situation? You probably wouldn’t have a friend that had a key to your home, and you certainly don’t want to break down the door. Should you call a locksmith every time you forget which key works? This sounds ridiculous, right? Well, it is no different than using the password reset feature when it comes to forgetting the password on a website. Instead, step up your password game.

Don’t Change Your Password Every Time You Forget It

You wouldn’t want to call a locksmith every time you lock yourself out of the house, and you should not rely on a password reset feature every time you forget your password.

  • If you have a number of accounts and don’t want the hassle of creating strong, long passwords, consider a password manager.
  • These services will help you to create a strong, secure password for every website you frequent, plus you will have a single master password, that allows you to manage it all.
  • A password manager eliminates having to reset a password.

Create the Best Password for Your Online Accounts

When it comes to creating the best password for any online account, According to Bill Carey, VP Marketing for the RoboForm Password Manager “It’s not a matter of if your password will be leaked, it’s a matter of when.  So protect yourself by using a strong and unique password for every website.”

  • Passwords must be a minimum of eight characters long, and they should include mismatched numbers, characters and letters.
  • The best passwords do not spell any words.
  • Use a password for each account, especially if using high-value websites such as banking sites.
  • Make sure to change your passwords regularly.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.