Archive for RB

| February 20, 2021
Comments Off on You Need a Strong Username

You Need a Strong Username

You Need a Strong UsernameWhen securing you online accounts your username matters. A recent report from password manager provider Nordpass points out why you should have a strong username. They explain that an easy to guess username gives away half of the protection for your online information.

Nordpass logo Strong passwords are vital to to securing your online information, but you shouldn’t skimp on your username. Nordpass found that most people use their actual name to secure their online usernames.

The blog states that usernames which include personal information are the worst. That is because when you use personal data to create your account, it helps cybercriminals build your profile. If you post a comment on Facebook with a username Becky1970 or ToledoTommy, that’s enough for an attacker to start a social engineering attack.

How to create a strong username

Here are some tips from Nordpass to help you create a strong username.

  • How to create a strong usernameDon’t reuse your username on other accounts — this makes it easy to track you.
  • Don’t use your actual name.
  • Avoid creating a username that’s identical to your email address.
  • Don’t use personal information like your birth date, the city you’re from, or social security and ID numbers.
  • Don’t use usernames that are the same as your password or may hint at it.

If these tips are too complicated – use a username generator.

Here are the 25 most popular usernames

2020 Risky usernames

RankNameTimes used
1????875,562
2David470,646
3Alex451,546
4Maria438,485
5Anna387,660
6Marco352,629
7Antonio325,085
8Daniel310,096
9Andrea305,442
10?????298,963
11Laura296,627
12Ali290,285
13???277,859
14Jose271,960
15Sandra264,886
16???????249,476
17Sara247,072
18Carlos214,261
19Ana212,049
20Michael198,312
21Marie194,530
22Francesco193,526
23Mehmet191,023
24Marta186,424
25Sarah184,996
NordPass partnered up with a white-hat hacker, who compiled a report of the most popular usernames of all time. The hacker requested to stay anonymous.


Click here to see the Nordpass 200 most used usernames.

rb-

For those of use that don’t know the most common username means ‘title’ in Thai.

Thankfully some key usernames are missing from this list: Admin, Administrator, guest, root, user.

 

Stay safe out there !

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him at LinkedInFacebook and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , ,
| February 11, 2017
Comments Off on Your Bad Password Habits

Your Bad Password Habits

Your Bad Password HabitsYet more proof that passwords suck. Kaspersky Lab has published new data that reinforce the fact that passwords suck. Kaspersky found that Internet users around the world have bad password habits. Most users have not mastered how to use passwords effectively to protect themselves online.

Kaspersky Labs logoThe Kaspersky research has shown that people are putting their online safety at risk by making bad password decisions and simple password mistakes that may have far-reaching consequences. The research outlined in Networks Asia unearthed three common bad password habits that are putting many Internet users at risk. Internet users:

Common bad password habits

  1. Use the same password for multiple accounts, meaning that if one password is leaked, several accounts can be hacked.
  2. Use weak passwords that are easy to crack.
  3. Store their passwords insecurely, defeating the point of having passwords at all.

PasswordAndrei Mochola, Head of Consumer Business at Kaspersky Lab said, “Considering the amount of private and sensitive information that we store online today, people should be taking better care to protect themselves with effective password protection.

Password research

  • 10% of people use the same password for all their online accounts. Should one password be leaked, these people are at risk of having every account Head in the sandhacked and exploited.
  • 18% have faced an account hacking attempt but few have effective and cyber-savvy password security in place.
  • Only 30% of Internet users create new passwords for different online accounts

Additionally, Kaspersky found that people are not creating passwords that are strong enough to protect them from hacking and extortion. Despite that users think their online banking (51%), email (39%), and online shopping accounts (37%) need strong passwords, only;

  • 47% use a combination of upper and lowercase letters in their passwords,
  • 64% use a mixture of letters and numbers.

simple password management mistakesKaspersky’s Mochola observed,  “This seems obvious, but many might not realize that they are falling into the trap of making simple password management mistakes. These mistakes, in turn, are effectively like leaving the front door open to emails, bank accounts, personal files, and more.

Mistreating their passwords

According to the article, the study found that people’s bad password habits include sharing them with others and using insecure methods to remember them.

  • 28% have shared a password with a close family member.
  • 22% have admitted to writing their passwords down in a notepad to help remember them. Even if a password is strong, this leaves the user vulnerable because other people may see and use it.
  • 11% have shared a password with friends, making it possible for passwords to be unintentionally leaked.

people are mistreating their passwordsMr. Mochola described good password practices, “The best passwords cannot be found in the dictionary. They are long, with upper and lowercase letters, numbers, and punctuation marks. However, with people having so many online accounts today, it’s not easy to remember a secure password for everything. Using a password management solution can help people remember and generate strong passwords to minimize the risk of account hacking online.”

rb-

Great advice from Kaspersky, but as followers of the Bach Seat know, humans suck at passwords they use the same bad password habits here.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
| December 15, 2012
Comments Off on Scan Your Sclera for Security

Scan Your Sclera for Security

Scan Your Sclera for SecurityTyping a password into your smartphone might be a reasonable way to access the sensitive information it holds, but a startup called EyeVerify thinks it would be easier—and more secure—to just look into the smartphones’ camera lens and move your eyes to the side scan your sclera for security.

EyeVerify logoMIT Technology Review says that Kansas City, KS-based EyeVerify software claims that it can identify you by your “eye-prints,” the pattern of veins in the whites of your eyes. The firm claims the method is as accurate as a fingerprint or iris scan, without requiring any special hardware.

The company plans to roll out its security software next year. CEO and founder Toby Rush envisions a range of uses for it, including authenticating access to online medical records or bank accounts via smartphones. Mr. Rush told TR that phone manufacturers are interested in embedding the software into handsets so that many applications can use it for authenticating people, though he declined to name any prospective partners. The security software allows people to bypass the security on their mobile devices just by looking at it.

The article explains that the technology behind EyeVerify comes from Reza Derakhshani, associate professor of computer science and electrical engineering at the University of Missouri, Kansas City. Dr. Derakhshani, the company’s chief scientist, was a co-recipient of a patent for the eye-vein biometrics behind EyeVerify in 2008.

Retina scanTo the users, EyeVerify seems pretty simple (though somewhat awkward in its prototype stage according to the article). To access data on a smartphone that’s locked with EyeVerify, the blog says you would look to the right or the left, enabling EyeVerify to capture eyeprints from each of your eyes with the camera on the back of the smartphone. (Eventually, EyeVerify expects to take advantage of a smartphone’s front-facing camera, but for now, the resolution is not high enough on most of these cameras, Rush says.) EyeVerify’s software processes the images maps the veins in your eye and matches that against an eye-print stored on the phone.

EyeVerify CEO Rush says the software can tell the difference between a real person and an image of a person. It randomly challenges the smartphone’s camera to adjust settings such as focus, exposure, and white balance and checks whether it receives an appropriate response from the object it’s focused on.

Biometrics

The look of the veins in your eyes changes over time, and you might burst a blood vessel one day the article speculates. But Mr. Rush says long-term changes would be slow enough that EyeVerify could “age” its template to adjust. And the software only needs one proper eye-print to authenticate you, so unless you bloody up both eyes, you should be able to use EyeVerify after a bar fight.

EyeVerify still needs to do more to prove that. Mr. Rush says that in tests of 96 people, the eye-print system was 99.97 percent accurate. The company is working with Purdue University researchers to judge the accuracy of its software on 250 subjects—or another 500 eyes.

Mr. Rush’s favorite application is for voters on Election Day. “Being able to vote from the convenience of my house, I can already send in a mail-in ballot, why not verify biometrically here and simply vote?” he told Fox News.

rb-

The end-user will be the fundamental roadblock to any eye-based biometrics.   Traditionally, anything related to eye recognition has received strong resistance, because it is just human nature to be squeamish about having our eyes scanned.

I covered the challenges of biometrics here, as long as this technology is limited to smartphones, some but not all biometrics issues remain:

  1. What is the real-world sensitivity/specificity trade-off i.e. quantified False Positive and False Negative Error Rates?
  2. Revocability. What happens if the mobile device is lost? What is the strategy to cancel and reissue a pair of eyes?

Despite the concerns scanning your sclera for security is coming to an iPhone near you.

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
| December 13, 2012
Comments Off on Top Five IT Trends for 2013

Top Five IT Trends for 2013

Top five IT trends for 2013Ian Kilpatrick, who has the longest job title I have ever seen, chairman of international value added distributor, specialists in market development for secure IP infrastructure solutions and convergence at Wick Hill Group shares his vision of the top five IT trends for 2013. In the article, Top five IT trends for 2013 at ITnewslink he shares his predictions.

BYOD Man1. BYOD – He says the first IT Trend for 2013 is BYOD. BYOD is now an unstoppable, user-driven wave that will continue to make a major impact on the IT world in 2013 and beyond.  2013 will see companies trying to integrate BYOD into their networks.

He also speculates that we can expect to see the growth of Microsoft (MSFT) Windows to Go secure USB sticks based on Windows 8, which provide remote users with the supported version of the corporate desktop. These are available from a limited number of suppliers authorized by Microsoft and include Imation’s IronKey Workspace for Windows to Go.

Mobile Device Management2. Mobile Device Management – The next IT trend for 2013 is that Mobile Device Management solutions growth will accelerate in 2013. The growth is due to the rapid growth of mobile devices such as smartphones, tablets, and laptops, but particularly smartphones.

Growth will be strongest for MDM solutions that offer features such as ensuring mobile device usage complies with company security policies, allocating access rights, managing configuration, updating policies, dealing with data leakage issues, and dealing with lost or stolen devices.

A crucial component for the continued growth of MDM solutions will be the clear separation between the management of business and personal data on devices. There are over 100 suppliers in mobile device management many of them are good but niche solutions. The Gartner (IT) Magic Quadrant identifies the strategic leaders, which includes Zenprise.

High density wireless3. High density wireless – Wireless requirements have been significantly incrementing over the last year making it the third IT trend for 2013. The firm says BYOD has changed both the data transfer and performance expectations of users. However, these expectations have not been met, with many networks still inadequate in their coverage and performance.

The new 802.11ac standard, with 1 gigabit per second throughput rates, will be a key driver in organizations moving to high-density wireless in 2013. High density wireless will provide companies with high coverage and high performance, supporting business-critical applications and delivering complete site coverage There will continue to be a shift from niche solutions towards more strategic solutions. The Gartner Magic Quadrant identifies Xirrus, which will continue to experience stratospheric growth.

Data back-up and recovery4. Data back-up and recovery – 2013’s fourth IT trend for 2013 deals with data back-up and recovery. Organizations have been under immense pressure from ever-increasing data volumes, archiving, and compliance requirements.

At the top end, new data replication technologies will have a major impact on data centers in 2013. For smaller organizations, the shift from tape will continue apace. For conservative organizations, the move to disc (and, in particular, RDX technologies that combine the best of tape and disk) will accelerate. Hybrid back-up to RDX and then the cloud will increase. In volume terms, the lowest move (but in market-hype the biggest) will be significant growth in direct back-up to the cloud. RDX, hybrid, and cloud data backup solutions are available from vendors such as Imation and Barracuda Networks.

Data leakage protection5. Data leakage protection – The last Wick Hill Group IT trend for 2013 says that with the growing volumes of data and regulatory bodies’ willingness to levy fines for non-compliance, data leakage protection will continue to be a major cause for concern during 2013. Companies will be looking closely at how to secure and manage their data as their network boundaries spread even wider, with increased use of social networking and BYOD, increased remote access, the rapid growth of wireless, increased virtualization, and the move towards convergence.

Increasingly, organizations will couple DLP products with SIEM (Security Information and Event Management) solutions. DLP concerns will also continue the growth curve for authentication (much of it hosted in the cloud) and encryption, to protect data, both in motion and at rest. Some companies will look to hosted security services and the cloud to cope with an increasingly complex security situation. SIEM and authentication solutions are available from companies such as LogLogic, Check Point VASCO, and SafeNet.

rb-

So these are not really earth-shattering predictions for 2013, BYOD, MDM, and Wi-Fi are already part of my world. We are doubling our backup capabilities and will be updating from our current McAfee to some sort of DLP

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,
| December 8, 2012
Comments Off on OMG Texting bday

OMG Texting bday

OMG Texting bday20 years ago this week, one of the largest phenomenons of web 2.0 emerged. On December 3rd, 1992, a 22-year-old Canadian test engineer sat down and typed out a very simple message, “Merry Christmas.” Gizmodo says the text flew over the Vodafone (VOD) network to the phone of Richard Jarvis, and since then, we just haven’t been able to stop texting.

Texting is a major staple of communication now,Texting is a major staple of communication now, and by far the main use of a phone for many, but it didn’t start out that way. In the very beginning, texts were just a way to send network notifications, namely to let you know you had a voice mail. In 1993, Nokia (NOK) became the first company to make GSM handsets capable of person-to-person texting, but it still didn’t skyrocket to popularity for several years.

Growth of texting

ComputerWorld reports that in late 1995, three years after Papworth’s first text message, users were only sending an average of one text every two and a half months. In 2000 the industry counted 17 billion text messages, according to data from Ericsson. In 2010, the world sent over 6.1 trillion SMS messages or roughly 193,000 per second.

POTUS TextsToday, upwards of 7 trillion text messages are sent every year—that’s more than 200,000 per second.  So while you’re launching your daily flurry of textuals, take a second to consider the fact that your inane contributions are part of zeta-flood of data.

Digital Trends claims that texting is becoming obsolete. They cite data from Chetan Sharma, an independent mobile analyst and wireless carrier consultant, who reports that the number of text message exchanges in the U.S. had dropped by about 2 percent in the third quarter. This is a sharp difference from the steady growth that text messaging had previously seen. Sharma says it’s the first time that text messaging has begun to dwindle in the United States.

rb-

Texting is still a huge part of the way people communicate via mobile devices, but the emergence of new messaging options has led to the first decline in SMS volume.

Apple‘s (AAPLiMessage, which operates almost Texting is becoming obsoleteexactly like a text message but only communicates between Apple devices. iMessage completely bypasses the carrier when sending text messages between iPhones.

Facebook‘s (FB) Messenger app, which essentially exists as the mobile presence for the social network’s instant messaging feature. Facebook’s Messenger app can be used across multiple platforms, which could give it an advantage when it comes to text messaging alternatives.

Hopefully, the competition will force AT&T (T) to stop overcharging its customer. Gizmodo claims AT&T’s New Text Plan Overcharges You by 10,000,000 Percent. Literally lead the way toward cheaper texting plans.

The history of SMS

Related articles
  • Text messages direct to your contact lens (telegraph.co.uk)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
« Older Entries