Internet Security (Boring, I know. Please read it anyway.)

This is going to be a pretty dry topic, but do yourself a favor and read the whole thing.

With so many security breaches in the news, we all feel vulnerable. And I hate to say this, but we may be partly to blame. We like to be helpful, so when we get an email from someone requesting information, we send it. We also use the same few, easy-to-guess passwords all over the web, maybe with variations thrown in to make them more complex and safer.

We use certain patterns when creating passwords, and guess what: the bad guys know every single one of them. Even the common variations we come up with don’t make our passwords much more secure. It’s not that hard for a computer program to add a number onto the end of a basic password or substitute numbers for letters.

We want to protect ourselves online, but it seems too hard, what with all the different, difficult passwords we’d have to create to be safe. Guess what? It does not have to be complicated! It can be downright easy with the right tools.

Our identity and money (which is really the point of all this) will be a lot safer online if we just do a few things. This isn’t just about you, either; what about your Mom?

Here are some solutions to the insecure password problem; please consider doing one or all of them.

1. Use a good password manager. I use 1Password (www.agilebits.com/onepassword), and let it create and remember my passwords. And those passwords! They’re long, complex, completely random, totally wonky, and include letters, numbers, symbols, etc. I use at least 16 characters, unless the website doesn’t allow that many. My passwords are impossible for me to remember, so I don’t even try.  I’m on a mac, but maybe you aren’t? No worries; there’s a version of 1P for most desktop and mobile operating systems. If you use multiple devices, you can link them all together so all your passwords are available everywhere. 1P isn’t cheap, but it’s the best. Think of it this way: what’s it worth to keep the bad guys out of your bank account?

2. Set up two-step authentication for accounts where available. To log into a protected account from a new phone, tablet, or computer, you need to not only know something, you need to have something. Besides your user ID and password, you need to enter a specially generated code sent to you via phone or text. It sounds a lot more complicated that it really is; it just slows you down a little while you get the code and type it in. Two-step authentication is available for Facebook, Google, Dropbox, iCloud, and many, many others. This Lifehacker article has some good, basic information: http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two-factor-authentication-right-now.

3. Use your head. There are a lot of really convincing phishing emails which look like the real thing, so be suspicious! You’ve heard it before, but it’s true – no legitimate bank or company is going to send you an email asking you to supply your password so it can be “verified.” The good guys do not do that. If you get an email from a company saying your computer is infected, ask yourself one question: how would they know? No email like that is legitimate, so delete it.

A phishing email is designed to get you to provide information that should remain secret, or click on a link that leads you to the bad guys. A good one seems legit; it has links and email addresses that look real, but aren’t. The differences can be as subtle as a .net when it should be .com. If you aren’t 100% sure that the link is genuine, don’t click on it! Call the sender to verify that they actually sent the email, especially if it’s a bank or credit card company. If you decide to copy and paste the link into a browser window to check it, look at the URL at the top. Are you where you expect to be? If you’re emailing Apple and the URL includes a foreign country, there’s a problem.

If you get what looks like a phishing email, you may be able to report it to the company being spoofed. Again, using Apple as an example, if you get a phishing email that appears to be from Apple, you can forward it to abuse@icloud.com. Their legal department wants to know about these so they can take action if necessary. Most big companies have a similar address, so look on their website.

Yeah, I know; boring. Sorry about that, but this really is that important.

PS – There has been an issue lately with (mostly) Australian iPhones without a passcode being locked by third parties who demand money to unlock the phone. If you get one of these emails or messages, do not pay. Contact Apple support or go to an Apple store and get it fixed for free. BTW, the simple way to prevent this from happening is to have passcodes on your iThings. This scheme can only work if the bad guys can create a passcode for your unprotected phone. Don’t give them the chance.

A lot of the technical information for this post is from the 1Password blog, http://blog.agilebits.com.

Advertisements

GIANT RUBBER DUCKY VISITS NORFOLK!

40' tall yellow rubber ducky

Giant rubber ducky visiting the Chrysler Museum in Norfolk

Why as a matter of fact, that is a 40′ tall yellow rubber ducky bobbing in the Hague in front of the Chrysler Museum in Norfolk.

If you’re in the area and haven’t visited yet (it’s become a thing around here, one simply must visit Ducky!) you have until tonight. Tomorrow our yellow friend deflates to find his next giant bathtub.

Things are looking up!

Now that my website and email are functioning again, I’ve turned my attention to my Etsy shop. Besides adding new images, I’m working behind the scenes, tweaking everything to be more Google-friendly. Search Engine Optimization (SEO) has been called a black art which only Google fully understands. All we poor artists can do is try to set things up so we can be found in search.

Finally setting up galleries!

If you see repeated “new posts” from me for the next few days, that’s why. It’s getting better, but I’m still figuring things out. If you have any suggestions of how I should arrange them — separate car galleries for black/white and color, for example — let me know.

At least I got my domain working again. Email, on the other hand…not so much. But I’m hopeful!

Just sold my first print!

I’ve been on Etsy for a while now, and wondered if it was ever going to happen. I feel like celebrating!

Galleries on the way!

I think I have this gallery thing worked out. I’m sure I left a few steps out, but this is basically how it works.

You upload images, create a new page, and add the images. Next, you click the “Create Gallery” button at the top left of the screen and decide how you want the gallery to look. Finally, you click the “Create New Gallery” button on the bottom right. Yep – two almost identical buttons on the same screen.

Way to go, WordPress. Clear as mud.

File This Under “Life Happens”

I have to report that earlier today I was attacked by a suicidal ceramic mug. I guess it was upset that I wanted to use another mug, so it jumped off the shelf and onto the countertop. The handle broke off, bounced back, and bit me.

It was a totally unnecessary death. The mug should have realized that it was used for TEA, and I was having COFFEE.

Anywho….two hours later, I’m back from Patient First with four stitches in my arm and a big, fat, white bandage. No photos, because who wants to see that? Rotten luck, but at least I didn’t have a co-pay. Go Healthkeepers!

Website Progress…Such As It Is

After much fiddling around, I’ve finally got my home page set up and the blog entries where they belong. The about page needs fleshing out, but at least it exists.

The photo galleries, on the other hand, are tougher than I thought. I’ve been trying to set up the first one for a couple of hours, but I’m stuck. You know that point where the harder you try, the worse it gets? I’m there. I think it’s time to post this update and log out for the evening.

“After all, tomorrow is another day!”

Actual Website Just Around The Corner!

As you can see from the menu bar above, the website is beginning to take shape. After I set up a permanent home page I’ll move my posts to the blog page. Galleries will get meaningful names and images by the end of the week. I find WP a little intimidating but I’m getting there.