Digital security breaches
Recently, there have been significant security breaches such as this story published in Wired magazine of how a technology reporter had his digital identity stolen, and leaking of 6.5million LinkedIn passwords.
Step 1: Test if your LinkedIn password was leaked here.
Mine was - see below.
As our information on increasingly being stored on the cloud, Digital Security is becoming a vital 21st Century skill. Moving to the cloud means
(1) we need to use many passwords on multiple devices
(2) our data is online and easier for hackers to access
Remembering long strings of random numbers, letters and symbols is not something most humans naturally do well. In my work I observe many people set up accounts, and everyone becomes frustrated and stressed at the point of creating or recalling passwords.
So, given everyone is struggling with password management, perhaps we need a better approach?
Auditing your current level of digital security:Step 1: Let's audit our current password management practices.
Q. Do you have any real or pronouncable words as passwords?
Q. Does your password consist of information that someone could find out about you? (I once guessed a friend's password first go - it was the name of his car - he was besotted with it!)
Q. Do you have the same password for more than one account?
Q. Do you write down passwords or record them digitally?
Q. Do you give others your password?
Just one YES means that your security is not a strong as it could be. (Sorry to be scaring you. It's a necessary phase to build the case for change :-) I wont do it again I promise. Just this week! )
Now let's check the security of the passwords you use.
Step 2: Audit your passwords
Use this password checker How Secure Is My Password? to find out how long a computer would take to crack your password. Check a few of your passwords. (And remember that hackers have a bank of computers working for them, not just one.)
(A note to the (perhaps justifiably) paranoid among you, I am pretty sure this is not a fraudulent site collecting your passwords :-)
Step 3: Audit your own PC
See where your unencrypted passwords are cached. In Firefox, go to
Tools - Options - Security - Saved passwords - Show passwords.
Your passwords are displayed.
(Your passwords are stored here when you click "Save password for next time".)
So what can you do?
Solution 1: Choose and store your passwords more securely.
Choose secure passwords that are unique to each account and don't write them down.
Step 4: Watch this brief video about good password management.
However, it is still almost impossible to remember a whole set of unique and secure passwords. So you will either need to store them securely with some kind of disguise / encryption, or upgrade to Solution 2....
Solution 2: Use a secure password manager such as LastPass.
Cost: This option takes about an hour to set up and some time to become fluent using LastPass.
Benefits: It saves a great deal of time and eliminates Password Stress. You never have to remember or enter passwords or fill in forms. It is far more secure - passwords are iteratively encrypted thousands of times.)
It should be clear by now that most of our current password practices are not secure. However you may be having doubts that it is safe to store your passwords in one program such as a password manager. How secure is LastPass?
Read this article explaining the security offered by LastPass.
Read this review of LastPass.
If you wish to learn how to use LastPass, continue... otherwise, you are welcome to claim your badge for this week and finish here with your new awareness and enhanced practice.
Step 5: Download and install LastPass here
Step 6: Start using LastPass, with help from me or other LastPass users, or by referring to the instructions
- in short videos here
- or in this 13 min video
You will need to:
- Install LastPass on your computer and onto the toolbar of each of your browsers
- Save the username and password for each new account you set up (LastPass will offer to save them for you). You may wish to select "Automatically log on" so you get straight in to the site.
- Allow LastPass to enter for you your username and password at protected sites you visit
Note: Remember to choose a very very strong password to be your LastPass password using secure methods we have looked at in this module, such as the first letter of each word of a phrase you will remember with a number and capital as well.
Congratulations, you have earned your
Week 4 badge: Digital Security!
Optional - Level up!
(1) Use LastPass on your mobile devices.
Purchase LastPass premium at $1 per month to download LastPass for your phone or tablet.
Here is a comparison of the free version of LastPass with the Premium version.
(Apologies for the cost. I have reviewed other Password Managers and none are as easy to use as LastPass.)
(2) Install free LastPass wallet (iPhone) to store Password information, credit card details etc.
Here are Android user instructions for the mobile version of LastPass.
(3) Advanced users may wish to explore two factor authentication to protect your passwords.
I am on leave from Sept 3 - 7, but please book in to see me this Friday 31st September, or in the week of Sept 10th for assistance with LastPass or any other issue. And in the meantime, draw on your Personal Learning Network - there are others around who may be able to assist!