Posts

The World’s First Biometric Password Lockdown App is here

It’s about time: a biometric for your smartphone that will change the way you think about biometric security.

bioThis revolutionary biometric comes from Biometric Signature ID and it’s called BioTect-ID, and though it’s a biometric, it does not involve any so-called invasiveness of collecting body part information. The world’s first biometric password involves multi-factor authentication and just your finger—but not prints!

All you need to make this technology work to lock down your mobile device is a four-character password. But you can also draw a symbol like a star, leaf, a shining sun or smiley face as your password.

So suppose your password is PTy5 or a star. And suppose the wrong person learns this. In order for that person to get into your locked phone, they will have to literally move their finger exactly as you did to draw the “PTy5” or the star. This will be impossible.

BioTect-ID’s technology captures your finger’s movements, its gestures, and this biometric can’t be stolen or replicated.

BioTect-ID doesn’t stop there, however. The finger gesture biometric is only one component of the overall security. You’ve probably heard of “two-factor” authentication. This is when, in addition to typing in your password or answering a security question, you receive a text, phone call or e-mail showing a one-time numerical security code. You use that code to gain access. But this system can be circumvented by hackers.

And the traditional biometrics such as fingerprints and voice recognition can actually be stolen and copied. So if, say, your fingerprint is obtained and replicated by a cyber thief…how do you replace that? A different finger? What if eventually, the prints of all fingers are stolen? Then what? Or how do you replace your voice or face biometrics?

Biometrics are strong security because they work. But they have that downside. It’s pretty scary.

BioTect-ID solves this problem because you can replace your password with a new password, providing a new finger gesture to capture, courtesy of the patented software BioSig-ID™. Your finger movement, when drawing the password, involves:

  • Speed
  • Direction
  • Height
  • Length
  • Width
  • And more, including if you write your password backwards or outside the gridlines.

Encryption software stores these unique-to-you features.

Now, you might be wondering how the user can replicate their own drawing on subsequent password entries. The user does not need to struggle to replicate the exact appearance of the password, such as the loop on the capital L. Dynamic biometrics captures the user’s movement pattern.

So even though the loop in the L on the next password entry is a bit smaller or longer than the preceding one, the movement or gesture will match up with the one used during the enrollment. Thus, if a crook seemingly duplicates your L loop and other characters as far as appearance, his gestures will not match yours—and he won’t be able to unlock the phone.

In fact, the Tolly Group ran a test. Subjects were given the passwords. None of the 10,000 login attempts replicated the original user’s finger movements. Just because two passwords look drawn the same doesn’t mean they were created with identical finger gestures. Your unique gesture comes automatically without thinking—kind of like the way you walk or talk. The Tolly test’s accuracy was 99.97 percent.

Now doesn’t this all sound much more appealing than the possibility that some POS out there will steal your palm print—something you cannot replace?

Let’s get BioTect-ID’s technology out there so everyone knows about this groundbreaking advance in security. Here is what you’ll achieve:

  • You’ll be the first to benefit from this hack-proof technology
  • You’ll have peace of mind like you’ve never had before
  • Eliminated possible exposure of your body parts data kept in files

You can actually receive early edition copies of the app for reduced prices and get insider information if you become a backer on Kickstarter for a couple of bucks. Go to www.biosig-id.com to do this.

Don’t Be Lazy With Your Passwords

It can be tough being a responsible adult sometimes, and managing these responsibilities isn’t always a chore that I want to deal with. Can you relate? Managing life takes focus and effort, and managing your online life is no different. Most of us are lazy with our online accounts, especially when it comes to our passwords. It is easy to use the same password for every account, but this also makes it very easy for hackers to access your passwords.

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294You Need a Password Manager

Most of us have several online accounts that require different passwords. However, trying to remember all of these passwords is difficult, so it is no wonder that people choose to only use one password for every account. How can you avoid this? You should use a password manager.

  • Password managers will help a person not only create a password that is safe and secure, but all of the passwords you choose can be stored and managed by using a master password.
  • A master password allows you to get access to all of your accounts by using only one password.
  • When you have a password manager, you will no longer have to reset passwords, and your online accounts will be more secure than ever before.

Making Passwords Strong and Secure

There are a number of ways to make your passwords secure and strong. But don’t just take my word for it, according to Bill Carey, VP Marketing for the RoboForm Password Manager “The number one thing a user can do to protect themselves online is use a strong unique password for every website”

  • Passwords should be a minimum of eight characters long.
  • All passwords should also have letters, numbers and characters that do not spell another word.
  • Make sure to use different passwords for different accounts. This is especially the case for banking and other websites that contain sensitive information.
  • Passwords should be changed frequently to ensure safety and security.

Those who have weak passwords are more susceptible to hacks and scams. Make sure to take these tips to heart and protect your sensitive online information.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

How Passwords Get Hacked

If I wanted to crack one of your passwords, I could probably make a series of educated guesses and get pretty close. Why? Because people tend to stick with simple, easy to remember passwords, but these are the passwords that are easy to hack. According to Bill Carey, VP Marketing for the RoboForm Password Manager “Users need to take personal responsibility for their passwords and not assume that companies will keep them safe.”

4DHackers Have Many Ways to Get Into Your Accounts

There are many ways that a hacker can get into an online account.

  • A brute force attack is one of the simplest ways to gain access to information, and is generally done when a hacker writes a special code to log into a site using specific usernames and passwords.
  • A hacker usually focuses on websites that are not known for security, such as forums…and if you are like most people, the same password and username you use on your favorite gardening site is the same you use at your bank…or at least a version of it.
  • The hacker instructs the code to try thousands of different username and password combinations on the target site, such as your bank.
  • What makes this easier? Your computer stores cookies, which have information on your login credentials, in a neat, orderly unencrypted folder on the cache of your web browser. As soon as this is accessed, it can be used to get into online accounts.

How to Improve Your Passwords

There are a number of expert tips that will help to improve your passwords:

  • Substitute numbers for letters that look similar, such as @ for O, i.e. M@delTFord.
  • Throw in a random capital letter where it usually shouldn’t be, i.e. PaviLlion723.
  • Have a different username and password combination for every account.
  • Consider using a password manager to keep track of all of your account credentials. This way, you won’t have to worry about remembering all of the symbols and letters. These password managers also automatically fill passwords in on web pages or on devices.
  • Test your password strength with an online tester, but make sure it is from a reputable source, such as Microsoft or even beter use the experts over at password manager RoboForm – http://www.roboform.com/how-secure-is-my-password.

Don’t learn a hard lesson when it comes to your passwords. Take the steps today to update your log in credentials, and have a safer tomorrow.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

How to Set Up a Password Manager

If you have made the decision to use a password manager for your personal cybersecurity, which I highly recommend, you will quickly find that you online world is safer, easier and more secure than ever before.

7WAccording to a recently concluded survey conducted by uSamp and sponsored by Siber Systems, creators of the RoboForm Password Manager, 63% of respondents reported forgetting a password, or had a password become compromised, in their professional life.  But it doesn’t need to be this difficult.

What Does a Password Manager Do?

Before choosing a password manager and setting up an account, you may be curious to see exactly what they do:

  • A password manager stores the passwords for your online accounts in one, easy to access place, as long as you have access to the master password.
  • The passwords are stored and encrypted by the password manager software, and the information is controlled by a master password.
  • The password manager will allow you to create a strong password for every account without the need to have to remember them.
  • Many password managers can sync across devices and platforms, as well as browsers, so you can use it with almost any online account you have.

Setting Up a Password Manager is Easier Than You Think

Setting up a password manager is typically easy, and the process begins by downloading the manager onto your device.

  • Setting up the account is no different than sitting up any other account. You will need a user ID, password, name and email address in most cases.
  • Each device you use should have the password manager installed onto it.
  • The data will automatically sync from device to device as it is updated according to information from RoboForm.com.
  • As long as the master password is kept safe, the data stored within the password manager is secure.
  • To start saving passwords to the password manager, log into websites as you normally do, and then the program will ask if you want to save the log in information. Once the information is saved, each time you go to the site and attempt to log into your account, the password manager will automatically enter your information.

As you can see, using a setting up a password manager is quite simple, and it is likely easier than you ever thought in the past. It can be done in minutes and will keep you safe for many years to come.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

It’s Time for You to Use a Password Manager

If you are like me, you have several online accounts, each with a user name and password. Though it is tempting to use one password for every account, this can be troublesome as it is a huge security risk. So, what is your only option? To use a password manager.

2DAccording to a recently concluded survey conducted by uSamp and sponsored by Siber Systems, creators of the RoboForm Password Manager:

  • 42% write them down
  • 23% reported always using the same password**
  • 25% reported using personal information
  • Only 8% use a password manager tool
  • Only 37% report using phrases with a combination…

The statistics clearly show that a lot of the data breaches we see today are a result of poor password management.

A Password Manager? What Is It?

At a basic level, a password manager is a service that allows people to secure all of their account log in information with one master password.

  • With a password manager, you won’t have to worry about password compromises, and you can easily have a different password for every account without the need to remember them.
  • If one password is compromised, such as a Facebook password, you can be sure that the scammer will not have access to other accounts as they don’t have the same password any longer.
  • It is easier than you might think to hack into an account, but with this software, your passwords are protected, unique and strong.

Choose the Right Password Manager for Your Needs

There are many services out there offering password management software, some are free, some are paid, but all of them offer better protection than you would get by choosing nothing.

  • Some password managers are device specific, so make sure that if you use Apple products, for example, that you ensure the manager will work with your hardware.
  • Most password managers work on multiple platforms.
  • There are online and local password managers, too. An online manager allows passwords to be stored online, but they may not be as secure or as reputable as a local password manager.
  • Fortunately, there are many great online password managers, such as RoboForm. It can be used on all major browsers and across most devices. I’ve been using RoboForm for at least 10 years. It works lovely.

Password Managers: Final Thoughts

  • Take some time to research before choosing your password manager. It must be a trustworthy company.
  • You will be more secure than ever before, but nothing is fool-proof, so you still need to keep your devices security software updated and make sure you have copyies of all your passwords in an encrypted Excel file.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

The Password Reset Isn’t How to Remember a Password

Consider a keychain for a moment. For most of us, a keychain holds all of our necessities such as home keys, car keys, work keys and even forgotten keys, that we aren’t quite sure what to do with. Now, think about this. What if your keychain had keys that look identical, but each key only opens one door.

5DIf you are like most people, this key scenario is almost identical to the way you treat your account passwords online. What happens when you want to use a key, but you don’t know which one goes with which door? It can be very easy to forget and identify the key to the door or the password to the website.

What do you do in this situation? You probably wouldn’t have a friend that had a key to your home, and you certainly don’t want to break down the door. Should you call a locksmith every time you forget which key works? This sounds ridiculous, right? Well, it is no different than using the password reset feature when it comes to forgetting the password on a website. Instead, step up your password game.

Don’t Change Your Password Every Time You Forget It

You wouldn’t want to call a locksmith every time you lock yourself out of the house, and you should not rely on a password reset feature every time you forget your password.

  • If you have a number of accounts and don’t want the hassle of creating strong, long passwords, consider a password manager.
  • These services will help you to create a strong, secure password for every website you frequent, plus you will have a single master password, that allows you to manage it all.
  • A password manager eliminates having to reset a password.

Create the Best Password for Your Online Accounts

When it comes to creating the best password for any online account, According to Bill Carey, VP Marketing for the RoboForm Password Manager “It’s not a matter of if your password will be leaked, it’s a matter of when.  So protect yourself by using a strong and unique password for every website.”

  • Passwords must be a minimum of eight characters long, and they should include mismatched numbers, characters and letters.
  • The best passwords do not spell any words.
  • Use a password for each account, especially if using high-value websites such as banking sites.
  • Make sure to change your passwords regularly.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

Weak Passwords Mean Data Breaches

Studies across the board indicate that weak usernames and passwords are one of the top causes of data breaches, and I find that information to be unfortunate, because it is preventable. According to a recently concluded survey conducted by uSamp and sponsored by Siber Systems, creators of the RoboForm Password Manager: 70% reported forgetting a password, or had a password become compromised, in their professional life in the US.

  • More organizations are enacting policies where employees can use their own devices and store information on a cloud.
  • This means that it is more important than ever before to protect accounts with strong passwords.
  • A strong password is the first line of defense against scammers and hackers, and it helps to keep data safer.

The Research on Passwords Doesn’t Lie

The data from these studies indicates that there is no organization in any industry that is not vulnerable to a breach of data.

  • Every company, no matter what size, should put in some effort to protect their sensitive data.
  • Many breaches of data could have been prevented by implementing stronger security controls, improving credentials used to long in and employing safety best practices in the workplace.
  • Weak or stolen usernames and passwords are one of the top causes of data breaches, and more than 75 percent of attacks on corporate networks are due to weak passwords.
  • Almost half of all instances of hacking is due to stolen passwords, which are obtained through the theft of password lists.

Know The Risks of Choosing Weak Passwords

Experts have warned for many years that there are risks associated with relying on weak usernames and passwords to restrict the access of data.

  • Verizon estimates that about 80 percent of all data breaches could have been stopped if a stronger, better password was used.
  • Experts, including the IT team of companies, can offer assistance to employees seeking to improve their passwords and reduce risk.
  • Too many companies protect their data with passwords that are too weak or too easy to guess, such as the name of the organization or other obvious words.
  • It is also difficult to enact policies for improved passwords in the workplace because employees are not informed of the facts.
  • The best passwords are long and varied, with symbols, letters and numbers. These passwords should also not be obvious, such as the name of a company, address or company motto.
  • One of the best investments in ones personal security is in a password manager. Frankly, I don’t know how anyone can use a PC and not have a password manager in place.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

How to use two-factor authentication for critical accounts

Have a small business? Great. Have two-factor authentication for your accounts? If you’re not sure of the answer to that question, you could be in trouble. October is National Cyber Security Awareness Month, the perfect time to learn more about cyber security. As a small business owner, you certainly have thought about data breaches. They don’t just happen to giants like Target and Sony. The common thread in many data breaches is that the hackers got the password.

5DOnce a hacker has a password, they often can get into the account, even if a username or other information is required. But suppose the hacker, mouth drooling as he’s about to break into your business accounts with your password and username, types in this login information and then sees he’s blocked unless he enters a one-time passcode? That’s a form of two-factor authentication. Game over for Joe Hacker.

Two-factor authentication may mean a different login, every time you login, even on the same day, and only YOU have it. It’s sent to your e-mail or phone. Setting up two-factor authentication differs from one platform to the next. See the following:

PayPal

  • Click “Security and Protection” in the upper right.
  • At bottom of next page, click “PayPal Security Key.”
  • Next page, click “Go to register your mobile phone” at the bottom. Your phone should have unlimited texting.
  • Enter your phone number; the code will be texted.

Google

  • At google.com/2step click the blue button “Get Started.” Take it from there. You can choose phone call or text.

Microsoft

  • Go to login.live.com. Click “Security Info.”
  • Click “Set Up Two-Step Verification” and then “Next.” Take it from there.

LinkedIn

  • At LinkedIn.com, trigger the drop-down menu by hovering over your picture.
  • Click “Privacy and Settings.”
  • Click “Account” and then “Security Settings.”
  • Click “Turn On” at “Two-Step Verification for Sign-In.”
  • To get the passcode enter your phone number.

Facebook

  • In the blue menu bar click the down-arrow.
  • Click “Settings.”
  • Click the gold badge “Security.”
  • Look for “Login Approvals” and check “Require a security code.”

Apple

  • Go to appleid.apple.com and click “Manage Your Apple ID.”
  • Log in and click “Passwords and Security.”
  • Answer the security questions to get to “Manage Your Security Settings.”
  • Click “Get Started.” Then enter phone number to get the texted code.

Yahoo

  • Hover over your photo for the drop-down menu.
  • Click “Account Settings.”
  • Click “Account Info.”
  • Go to “Sign-In and Security” and hit “Set up your second sign-in verification.”

Type in your phone number to get the texted code. If you have no phone you can get receive security questions via e-mail.

The prevention tactics above apply to businesses and really, everyone. Employees should be rigorously trained on proactive security and tricks that cyber thieves use.

Being cyber aware also includes backing up your data to a secure offsite location. Back it up with Carbonite, and receive 2 free bonus months with purchase of any subscription through the end of October by entering code “CYBERAWARE” at checkout.

Robert Siciliano is a personal privacy, security  and identity theft expert to Carbonite discussing identity theft prevention. Disclosures.

Why You Should Use a Password Manager

Most experts in cybersecurity suggest that computer users utilize a password manager, and I think they have a great point. These managers ensure that you can use a unique, strong password for all online account. On the flip side, there are naysayers that state a password manager isn’t as safe as you might think, as if the master password is discovered, it could give someone access to all of your information. So, who is right?

3DAccording to a recently concluded survey conducted by uSamp and sponsored by Siber Systems, creators of the RoboForm Password Manager, only 37% of survey participants use passwords that contain both letters and numbers. And only 8% report using a password management system, which can automatically create strong passwords for every site and change them frequently.

Here are some things to keep in mind:

Singing Praises for Password Managers

Why do some experts sing the praises for password managers?

  • Password managers allow you to use the most secure passwords, and allow you to use a different password for every account.
  • Since most websites have their own requirements for a password, you won’t become frustrated every time you log in, and you won’t have to remember if the ampersand is before or after the capital “S.” Besides, no one can remember every single password and username combination.
  • These password managers can work across all devices and on all browsers.

The Possible Downside of Password Managers?

Though there are certainly benefits of using a password managers, some people share their concerns with this software and state some of the following reasons:

  • There is a chance of a hack, albeit a small one, and if someone discovers a master password, they have access to everything including banking and personal information.
  • You also don’t know how secure these password managers really are, especially if it is an online password manager, such as one associated with a web browser, as the data may not be encrypted properly.

Looking At Both Sides of the Fence

When looking at expert opinion, you will typically find that most of them fall somewhere in the middle when it comes to using a password manager. These people see password managers as useful, but people should use them with caution.

  • Only use applications that have good reputations and those that do not rely on third parties
  • Use password managers that alert you immediately of a breach
  • Remember, a password manager is only as strong as the master password. This password should be strong, unique and changed often.

Good or bad, it’s probably better to be safe, rather than sorry. As with anything, be smart with your password manager, and you should have no issue with its effectiveness.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

What is a Password Manager?

Many people, including myself, make mistakes with their passwords and use them on site after site. To remain safe, it’s important to use a unique, strong password on every site you visit. How do you do this the easy way? Use a password manager.

2PAccording to a recently concluded survey conducted by uSamp and sponsored by Siber Systems, creators of the RoboForm Password Manager, the results indicate that people have some idea of the scale of the password challenge: More than half said they felt stressed out by the number of things they have to remember on a daily basis at work, and 63% reported that they’d either forgotten a password or had a password compromised at some point during their professional career

A password manager can solve this issue. A password manager is a type of software that stores login information for all the sites you commonly use, and the program helps you to log in automatically each time you browse to a particular website.  This information is stored in a database, controlled with a master password, and is available for use at any time.

Word of Warning: Don’t Reuse Your Passwords!

What is the big deal about reusing your passwords? It could be really damaging:

  • If your password is leaked, scammers will have access to information such as your name, email address and a password that they can try on other websites.
  • A leaked password could give scammers access to online banks or PayPal accounts.

What is It Like Using a Password Manager?

The first thing you will notice when using a password manager is that it will take a lot of weight off of your shoulders. There are other things you will notice, too:

  • You first visit the website as you normally would, but instead of putting your password in, you will open the password manager and enter the master password.
  • The password manager will automatically fill in the log in information on the website, allowing you to log in.

Think About it Before You Use a Web-Based Password Manager

Yes, there are web-based password managers out there, but there are problems associated with them:

  • All major browsers have password managers, but these cannot compete with a full password manager. For instance, they store the information on your computer, and this is not encrypted information meaning scammers can still easily access it.
  • These managers cannot generate passwords randomly, and they don’t allow for syncing from platform to platform.

Get Started With a Password Manager

If you are ready to get started with a password manager, the first thing to do is choose your master password:

  • The master password must be very strong, as it controls access to everything else
  • You should also change your passwords on every other site to a stronger password
  • Make sure your passwords have capital letters, symbols and numbers for the strongest password combination

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.