Grundig IT Newsletter
Computing News That You Can Use – August 2022
Quote of the Month
“Education is the most powerful weapon which you can use to change the world.” —Nelson Mandela
Online security is a big topic these days. This is not new, and this will not change anytime soon. It’s likely that many of the ideas presented here are ones you’ve heard more than once. Security is a big enough concern to reconsider how you’re handling it. Even if not every concept presented here is one you can use, we’ve compiled a list of things to consider when trying to improve your security.
You should use multi-factor authentication when available: There are many kinds of multifactor authentication: Authenticator apps, email messages, SMS text, etc. Multi-factor authentication includes other things as well; Fingerprint authentication on your phone, facial recognition, and phone-application authentication like Microsoft Authenticator.
You should always keep your passwords strong (the longer the better) and not recycle passwords. No matter how strong a single password is, as soon as you re-use it, it becomes a bad password. There are lots of ways to keep your passwords strong, and we’ve discussed them before. You can also use a password strength tester. A lot of people are also worried about changing their passwords, worried they’ll forget them. While I understand the reluctance, it’s better to change a weak password before it gets hacked, rather than in response to a breach.
Consider using a password manager. A secure password manager can be a powerful tool. Some people don’t like the idea of password managers, because if someone hacks your password manager, they have your entire collection. That is technically true, so you should make sure your password manager is as secure as possible with 2-factor authentication and a very strong password. But the password manager can take away any worry about forgetting your passwords – you can generate a really strong password (like +vi6dreZ+!KaaRKt7)2F@8WV~PG%9: E! ) and not worry about forgetting it or typing the password wrong. Our password newsletterhas some suggestions for this.
Default browser-based password managers are not as secure as expected. Google Chrome has been found to store plaintext password data in RAM, which allows hackers who got access to your computer to steal the passwords. Most browser-stored passwords are very easy to access – you can go to your settings and view them with a few clicks and maybe a password, once someone has access to the browser window.
Don’t write down your passwords. You may think the best way to store a password is in a private file or offline notepad. It does keep the wider network from seeing your passwords, but keeping your list on a file on your desktop means that anyone who can access the desktop can get everything you have.
Don’t use Public Wifi. That statement may feel a bit harsh, but coffee shops and hotel lobbies are a great place for hackers to start stealing your data. If you do use a hotel wifi to browse the Internet, you should not check any important finance or personal data while on an unsafe wifi network. If you have to look things up on the road, it’s safer to use your cell phone as a hotspot.
Make sure your personal Wifi is secure. There are a number of ways to make your home or business wifi more secure. A few of the simpler ones (some require a more in-depth study) include guest networks and hidden networks. Almost every Wifi router has an option to create a guest network, which allows you to have visitors get internet access without giving them access to your internal network. Similarly, you can have hidden networks, where you need to know the wifi network name to connect to it. This is a convenient and small step to make a network harder to access.
Take note of website links – both watch for disguised links, and keep an eye out for unsecured websites. I won’t get into the background requirements for website credentials, but in short, websites can be HTTP, or HTTPS, and the second one is much more secure, encrypting traffic between your computer and the final destination. When dealing with disguised links, most users have heard to be careful of any links sent by email, but most people don’t think to check the actual URL of links in the websites they frequent. It’s always worthwhile to look at the URL of website links before clicking them.
Keep your apps and system updated! This is actually a pretty important one, and a relatively easy one for people to miss. Most applications will put out system updates and security patches, in addition to features and other updates. Most important to update is your operating system – Windows or MacOS – because that provides access to your entire system if compromised. But it’s still very important to update other applications that access the internet, because they might cause security breaches on your system as well.
Lock your computer when you’re not using it. This last step might feel like an obvious one, or an unnecessary one. Either way, it’s still an important thing to think about. This is most obviously important when you’re in a public space, but it’s still important in your office. In Windows machines, you can hit Ctrl-Alt-Del to bring up a system menu with Lock as an option; alternatively you can press the Windows key + L to lock your system.
If you have any other tips, we’d be happy to hear them; and if you have any other areas you want to increase your security that aren’t covered here, please reach out to us!
- Tom Grundig – 925.528.9081 – Tom@grundigit.com