Stay Safe With LastPass Auto-Change

No doubt, you know that you’re supposed to change your passwords every so often to keep them secure. Nobody I know EVER does this. Maybe we’re all lazy, but the mere thought of changing the bazillion passwords I have makes my head hurt!!!

Enter the LastPass Auto-change passwords feature.

auto-change-password-in-progress

 

How It Works

For LastPass, click on the extension icon in your browser and select My LastPass Vault from the drop-down menu. Choose the account you’d like to change and select the wrench icon. Then in the pop-up window that appears, select Auto Change Password and the process begins.

Granted, it doesn’t work with every website out there, but automating password updates many of the popular sites you use probably makes it worthwhile.

If you’re not using LastPass already, grab the Chrome extension and let Lastpass generate secure passwords for you anytime you need one.

Managing Passwords in Chrome

If you use Google Chrome as your web browser (and you should) you probably know that it can save your usernames and passwords for sites that you visit. But did you also know that Chrome can sync these passwords across all your devices?

Imagine you’ve created an account on your computer at work but want to sign-in from home or even from your smartphone while you’re out and about. This is definitely easiest if you’re using the Chrome browser and signing in with your Google account on all your devices.  Fortunately, you can access all your information from any browser simply by visiting passwords.google.com

ChromePasswords

 

Just sign-in with your Google account, to access a list of all the accounts and passwords you’ve used in Chrome.

You can display the passwords by clicking the eye icon or remove any of the entries aren’t able to change your existing passwords. (You’ll have to visit the associate website to do that.)

If you don’t want your passwords stored in the Google Passwords site, you have two options. Don’t save your passwords in Chrome at all or make them unavailable from the Google website.

  1. Open Chrome and go to Settings – Advanced Sync Settings.
    ( Or enter chrome://settings/syncSetup in the address bar )
  2. Under the Encryption Options, choose “Encrypt all synced data with your own sync passphrase”, enter a passphrase and save the settings.

Disable Google Passwords

Shortly afterwards your passwords will not be accessible via the Google Passwords site. You can always change your mind revert back to the default settings..

#302 Memorable AND Secure Passwords

Since October is Security Awareness month, I thought I’d try to do my part by giving you a pop quiz. (Don’t worry there is no punishment for not passing.)

Which of the following two passwords is stronger, more secure, and more difficult to crack?

D0g.....................
PrXyc.N(n4k77#L!eVdAfp9

Go ahead. Pick one. And no cheating…I’m waiting! 😎

Despite the fact that the first password is infinitely easier to use AND remember, it is also the stronger of the two. You might have suspected this was a trick question so let me explain.

First, both do well by incorporating at least one of each of the four types of characters. (lowercase letter, uppercase letter, number, special character)  This makes a much larger number of possible combinations that a hacker needs to try to guess. (And by the way they can guess them really fast. There are automated password cracking tools that can guess thousands of passwords PER SECOND!)

The difference is that the first password is one character longer which would take 95 TIMES LONGER to crack by guessing.

Assuming you use all of the four types of characters in your password THE MOST IMPORTANT FACTOR IS PASSWORD LENGTH!

Make Your Own Password ‘System’

One simple way to create your own unique, easy to remember passwords is to “pad” your passwords by simply adding some characters to the beginning, middle or end. When used along with a simple password formula we can easily come up with long and memorable passwords that are super-strong AND easy to use!

For example, if I insert the name of the site into a formula like this:

<* + UPPERCASE first letter of the site + & + lower-case letters from the rest of the site name + 23*>

I would get passwords that look like these:

Facebook     <*F&acebook23*>
Gmail            <*G&mail23*>
Outlook        <*O&utlook23*>

So you see, it’s actually pretty easy to make your own custom password system that is memorable and secure. And lest you think hackers don’t care about little old you…you’re probably right. But you have access to a lot of things they do care about like your bank and your company’s corporate network.

Steve Gibson’s Password Haystack page. has the best explanation of this, including a fantastic Security Now podcast.

Check Your Passwords & Password Managers

Since October is Security Awareness month, you should check to see if your passwords are as good as you think and and check out this review of three top password managers. (Personally, I’m a fan of LastPass.)

What about you? How do you handle creating and managing your passwords? Leave a comment and share what works for you.

#300 I’m Back!

…well actually I should say the “Tip of the Week” email is back. After a brief detour, I’m back at AEP and reviving the weekly Friday morning  email just in time for the 300th edition!  I’ve missed the conversations, questions and comments from your end and I look forward to hearing from you again.

If my absence did not make your heart grow fonder simply unsubscribe using the link at the bottom of the email.

ADMIN NOTE: If you’ve been getting the email from WordPress all along, you might be getting two versions now. Just unsubscribe from the one you don’t want.

Please take 10 seconds and let me know what version of Office you are using, so that our elves can make the tips that you would most like to get.

Here are the posts that you’ve missed over the summer: (unless you were one of the few who manages to stay plugged-in)

#281 Keeping PowerPoint Images in Place When Resizing

#280 Deciphering Shortened URLs

#279 Are You (and Your Passwords) as Smart as You Think?

#282 Using Word To Fill Scanned Forms

#283 Better Than A Default Bullet

#284 Roll Your Own Templates

#285 Word Defaults You Can “Set & Forget”

#286 Hiding Zeros in Excel

#287 Custom Formatting of Bulleted/Numbered Lists

#288 Four Ways to Customize Excel for the Way YOU Work

#289 How to Create a Table of Contents in a SNAP!

#290 Updating Your Automatic Table of Contents

#291 Browser Shortcuts

#292 Many Ways To Navigate Word Documents

#293 Show Only A Few Rows & Columns of Your Spreadsheet

#294 How to Super Charge Word’s Find & Replace

#295 Delete entire words quickly

#296 DaFont, Da Whole Font & Nothing But DaFont

#297 Hyperlinking in Excel

#298 Excel Zebra Stripes

#299 Wi-Fi Security Tips

Well that should keep you busy for awhile…but when you’re done let me know what you’d like to see or just drop me a note to say hi! I hope you are all doing well and I look forward to continuing our adventure together!

#299 Wi-fi Security Tips

You know times have changed when you can get free wireless internet access at McDonald’s. But now that these wi-fi networks have popped up virtually everywhere, do you know the basics for keeping yourself and your information safe when you use them?

These public hot spots all have one thing in common—they are open networks that are vulnerable to security breaches. Because they do not encrypt data, your passwords, email messages, and other information can be visible to hackers. That means it’s up to you to be aware of wireless hot spot security and to protect yourself and your data.

Let’s take a look at a fewe things you can do to make working on wireless networks in public locations more secure.

1. Disable your Wi-Fi adapter

When you’re not at home or at work, it’s a good idea to turn off your laptop or notebook’s Wi-Fi capability when you’re not using it. Otherwise it’s possible for your computer  to connect to a malicious hot spot without your realizing it. Many newer laptops now have a Wi-Fi button you can use to easily turn your Wi-Fi adapter on and off. If yours doesn’t, you can disable your Wi-Fi adapter using your operating system.

2. Try to choose more secure connections

Use a virtual private network (VPN) – It’s not always possible to choose your connection type, but Internet security is critical. When you can, opt for wireless networks that require a network security key or have some other form of security, such as a certificate. The information sent over these networks is encrypted, and encryption can help protect your computer from unauthorized access. For example, instead of using a public hot spot with no encryption, use a virtual private network (VPN). If your business does not have its own VPN, you can download and install free VPN software. The security features of the different available networks appear along with the network name as your PC discovers them.

Protect your email with https  –  One way to protect your email messages in public is to select the https or other secure connection option in your email account settings (if your email provider supplies one). This option may be called always use https, more secure connection, or something similar. Even if the email provider you use has a secure network, after you log on to your account on a public network, your information is no longer encrypted unless you use a more secure connection. An https connection, for example, which includes encryption, is more secure than an http connection

3. Make sure your firewall is activated

A firewall helps protect your PC by preventing unauthorized users from gaining access to your computer through the Internet or a network. It acts as a barrier that checks all incoming information and then either blocks the information or allows it to come through.

Note: Some antivirus software includes its own firewall. If your antivirus has a firewall and it is turned on, you do not need to turn on another one. Having two firewalls turned on is not recommended.

4. Keep all your software updated

You probably know that you should keep your anti-virus software up-to-date, but you should also keep all your other software updated as well. Updating your operating
system, applications, and browser plug-ins is essential to maintaining your privacy and security. Bugs or weaknesses in your software that cyber attackers can exploit are being discovered constantly. Software vendors, such as Microsoft and Apple, issue updates (or patches) regularly to correct these vulnerabilities. As a result, updating your software is a key step to protecting yourself. So you’ll definitely want to stop  ignoring those prompts you keep getting to update your software.

For more wi-fi security tips check out this article from Microsoft

Or you can sign-up here for a security awareness monthly newsletter.

#280 Deciphering Shortened URLs

Driven by the increasing prevalence of social media you probably encounter many shortened URLs every day — whether you realize it or not. Originally intended to make sharing websites easier, these shortened URLS also disguise the true identity of where the links will take you. Obviously not knowing where a link is taking you until you click on it can be potentially dangerous.

There are two things that can keep you out of danger. The first is to simply be aware of how these URL shorteners obscure the destination of a link and second is knowing how to check where they are directing you BEFORE you click them.

Ways to Translate the ‘short link’ into a real URL

Most URL shortening services provide kind of “preview” feature that lets you see where a link will take you before actually going there. If you’re curious, you can learn how to preview shortened links from the most popular services here. However, with so many different services this quickly becomes way too burdensome to deal with.

A couple more efficient approaches include:

1. Longurl.com is a website that can “exapnd” those shortened URLs and show you were it is pointed, along with a few other details.

2. Long URL Please is a browser plug-in that simplifies the process of ‘translating’ shortened URLs by automatically converting the  short urls to their originals so that you don’t have to.

Have you ever been taken somewhere you didn’t expect by a shortened URL? Have you ever considered any ways of dealing with them other than either of these two options?

#279 Are You (and Your Passwords) as Smart as You Think?

For those of you who have followed me over to “the other side”, I can’t tell you how glad I am that you’ve made the journey. Since my new role has brought me into the cyber security world, I thought it would be a good idea to revisit a previous tip on passwords.  One of our human foibles is often over confidence and the fact that we are often unable to recognize their mistakes.  After all, you don’t know what you don’t know, right?

So in an attempt to increase your awareness of what makes a good password I’d like to invite you to take 2 minutes and check the strength of your passwords. As someone who has had an account hacked I promise you that you’ll be glad.

Go Take the Password Test

How did you do? If you passed, good for you. If not, check out how to make your passwords better. Strong Passwords | Microsoft Security

Leave me a comment and let me know how you well you did. Next time we’ll revisit some options for keeping track of all those dang passwords and how you can implement a more secure password strategy AND save time doing it.