Security Basics For Windows Users

Windows81With Windows malware on the rise, now seems like a good time for a refresher on basic security advice for Windows users.

First, the bad news. If you are using Windows XP or Windows Vista, you need to upgrade as soon as possible for your own safety. Your computer can no longer run current antivirus software, nor does it receive security updates. Even longstanding programs like Google Chrome now consider WinXP and Vista obsolete. Below you’ll find resources on how to plan your upgrade.

As with any computer, the best defense for Windows users is prevention, including reliable backups and solid security software. Equally important, you also need to know how to recognize and avoid common Internet threats.

If you’d like to know more about Windows security, stay tuned to Tech Tips via Facebook and RSS, or subscribe by email.

Windows Antivirus Programs
Good security starts with a quality antivirus program. You can use the freebies, but I strongly recommend that you invest in a commercial security suite. It’s money well spent.

Upgrading From Windows XP and Windows Vista

Tech Tips – Recommended Advice For Windows Users

 

How To Back Up Your Computer (For Windows And Mac)

backuprestoreWhen was the last time you backed up your computer? If you have automatic backups set, do you check them on a regular basis? Have you ever tested your backups by trying to restore some of your files?

It’s not enough to set your backups and forget them. You would not believe the number of times I’ve encountered backups that were “definitely” good, only to discover they were blank or missing or had never run in the first place. Don’t wait for an emergency to find out your backups don’t work!

I recommend that you make extra backup copies to keep in a secure offsite location. If you use a cloud-based backup, you should also keep a current local copy of your data in case of emergencies. The following resources will help you configure and maintain your backups.

Get computer help straight to your inbox! Sign up to receive Tech Tips by email, and follow Tech Tips on Facebook for more tech support advice for Windows and Mac.

How To Create Strong Passwords (2016 Edition)

Computer SecurityTime once again for my updated guidelines on creating passwords. The short version: use passphrases that are at least 12 characters long and different on every site, plus two-factor authentication where possible. And for pity’s sake, stop using weak passwords!

Many people say to me, “I don’t need a secure password. I don’t have anything sensitive on my computer, so I don’t care if a hacker gets in.” You, my friends, are a hacker’s dream. Because it’s not necessarily your personal information they want, although they’ll happily steal your credit card info if they can. No, what they really want is control of your computer, your email address, your Facebook page… anything and everything that will let them do their dirty work from behind a smokescreen.

Strong passwords must be:

  • Not in use on any other system
    This is perhaps the biggest no-no in the password rulebook. When hackers nab passwords, they try the same account/password combinations on popular sites like Google, Facebook, Twitter. If you’re using the same password you just let them in. Do not ever, ever, ever use the same password anywhere. Before you despair, keep reading. There are tools to make it easier.
  • Changed regularly
    Yes, you have to change your passwords. And yes, they still have to be different everywhere. In fact this is one of the best things you can do to secure your passwords. Use a password management tool if you need help keeping track of everything (see below).
  • 12 characters or longer
    Think passphrase rather than password. The longer and more complex a password is, the less likely it can be cracked.
  • A mix of upper- and lowercase letters, numbers, and symbols
    Some systems won’t allow you to use a range of characters in your password, in which case I suggest you reconsider using that site. Do you really trust someone who isn’t going to allow you to secure your account properly? Makes you wonder how secure everything else on the site is.
  • Not common words or proper nouns found in a dictionary
    Here’s a list of the 25 worst passwords of 2015. If your passwords sound like these, change them now.
  • Not the names of your spouse, kids, pets, or other personally identifying information
    Don’t create passwords out of information that can be gleaned about you, and don’t share information that can be used to guess security questions. For example, if you have pictures of your dog Fido on Facebook, and you also answer your bank’s security question “What’s your dog’s name?” with “Fido,” guess what? You have just given a hacker potential access to your bank account.

Examples of good and bad passwords

Good passwords (but don’t use these!)

AP@ssw0rdIJustMADE!UP!4U
Here’sAnOtHeR1FOR$You

Bad passwords

password
password1
password!
123456
<blank>
mypassword
spouse’s name
pet’s name

Password Don’ts…

  • Don’t rotate between the same two or three passwords. It’s just as bad as using the same password everywhere.
  • Don’t send passwords via sites like email, Facebook, Twitter. Use another means like text message, which goes directly to the recipient. Or even better, a phone call.
  • Don’t stick passwords on Post-It notes. Whether it’s under the keyboard or on a bulletin board, it’s exposed. Be like Gandalf: Keep it secret, keep it safe.
  • Don’t share passwords and accounts. This is especially prevalent in small businesses. Don’t create one account then share the password; create multiple accounts for each person who needs access. More time consuming? Sure. More secure? You bet.

Tools to manage your secure passwords

With a password management tool such as 1PasswordLastPass, or KeePass, all you have to remember is one master password and the software takes care of the rest. You can use the same password management tool on your computer and on your mobile devices.

But there’s a catch. Unfortunately any company can be breached by hackers and password management firms are no exception, as was demonstrated by a recent LastPass breach. In other words, passwords stored in management tools can be swept up in data breaches just like any other kind of data.

The good news is that most password managers encrypt your data, so even if hackers get hold of it, they will hopefully be hard-pressed to recover your actual passwords. That being said, you need to safeguard your master password with more vigilance than any other password you use. Please do NOT re-use your master password anywhere else! And be sure to keep another copy of your passwords somewhere safe in case you lose access to your password management tool.

Two-factor authentication

Two-factor authentication (2FA) uses a password plus another unique identifier, like a passcode messaged to your phone. This is much safer than a password alone because the second identifier is constantly changing, making it much harder to break into an account. If a site offers 2FA, you should consider using it.

However, 2FA does not make a weak password safe. Your best bet is 2FA plus an excellent password. As with a password manager’s master password, you need to make absolutely sure you have copies of your 2FA backup codes, because that’s what’s going to get you into your account if you have trouble.

Password harvesting scams

Password harvesters are everywhere. For example, you might get a spam email saying you need to update your account. This message contains links to a page that looks like the real login, but it’s really just a fake designed to steal your credentials. Similarly, password-harvesting scams can be distributed via Facebook, Twitter, and other social media sites. When in doubt, type the address for the site into your Web browser manually rather than clicking on a link.

Why not take this opportunity to change your passwords? It’s the best thing you can do to protect yourself against identity theft and cybercrime.

[Originally posted in 2010 as How To Create Secure Passwords. This version has been updated with the latest advice on secure passwords.]

Security Basics For Mac Users

appleIf you’re not protecting your Mac from Internet threats, your computer can easily be overcome by viruses and malware. But running antivirus isn’t enough. Mac users also need to be just as aware of scams, fake apps, and other Internet dangers as their Windows counterparts. Here are some resources to get you started.

If you’d like to know more about Mac security, stay tuned to Tech Tips via Facebook, Twitter, and RSS, or subscribe by email.

Mac Antivirus Programs

Mac Security Help

Tech Tips – Recommended Advice For Mac Users

Cryptolocker: Why Modern Computer Viruses Are More Dangerous Than Ever

crypt-messageToday’s computer viruses go beyond mere annoyance. How does holding your data for ransom sound? What about spying on you through your webcam, tracking your physical location, recording every keystroke you make? Welcome to the modern generation of computer threats, where infection means real-world consequences.

The latest virus making the rounds is Cryptolocker, a textbook example of all the truly nasty ways in which a modern computer virus can ruin your day. Cryptolocker encrypts your data with a one-way algorithm which mathematically cannot be reversed. If you don’t pay the ransom within the timeframe, the only key to your data is gone, kaput, goodbye.

You can’t restore your data by removing Cryptolocker, because removing the virus doesn’t decrypt the data. No tech support person in the world can decrypt it for you because it’s simply not possible without the key. Even police departments have paid the ransom, even as they recommend that consumers not do so.

Here are some resources on Cryptolocker so you can keep it from digging its sharp claws into your computer.

Cryptolocker started its initial spread via email attachments, which are fairly easy to avoid. But now it’s morphing into variants that can be transmitted via USB drive, and luring victims with fake software activation codes. Although it’s a Windows virus, like all viruses it can be transmitted via Macs and mobile devices. Following in the steps of other viruses, soon Cryptolocker will evolve into spreading via social media sites.

And this is just the start.

There are other viruses out there that can activate webcams – and yes, they can bypass the green light that tells you the webcam is on. They can listen through microphones. They can track your location via your mobile device. They can listen in on your conversations on social media.

Now, more than ever, it’s vital to protect yourself from computer viruses. Here are some Tech Tips resources to help:

Have you run into Cryptolocker or other similarly destructive viruses? Share in the comments, and don’t forget to subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

 

How To Protect Your Privacy On Social Media Sites Like Facebook And Twitter

socialmediaWhen was the last time you checked the privacy settings on your social media accounts? Once? Twice? Never? If you don’t check periodically, you run the risk of having your account hijacked by hackers.

Related article: Strong passwords key to social media privacy by Triona Guidry (The Northwest Herald)

What do you mean by “social media”?

Sites primarily used as a means of mass communication: Facebook, Twitter, LinkedIn, Pinterest, Instagram, Tumblr… You could also think of them as virtual communities, each with different rules and tendencies.

Why should I bother securing my social media accounts?

Because having your account hijacked stinks. At best, it’s inconvenient to reset your passwords and notify your friends. At worst, it results in data loss, identity theft, and financial ruin.

But aren’t these sites private?

Nope. They have privacy settings, most of which aren’t on by default. But anyone can sign up on these sites, and anyone can pretend to be anyone else on them. They’re designed to share information, not keep it private. Which is why the idea of people sharing their entire life stories and that of their kids gives me the screaming heebie-jeebies. Social media sites aren’t private photo albums and diaries. They’re publicly-accessible news sites (and data aggregators for advertisers).

Why do hackers want to hijack me?

In short: money. Cybercrime is a multi-billion dollar global industry. With economies tanking and people out of work, the idea of making tons of cash through Internet scams is hard to resist. Through commandeering your account, cybercriminals sell everything from Internet pharmaceuticals to fake antivirus programs to Twitter followers using your hijacked identity. It’s the go-to crime of the 21st Century.

Should everyone protect their social media accounts?

Yes. Absolutely. There’s no excuse not to.

How can I protect my social media accounts?

Use strong passwords that are unique on every site

Double-check your privacy settings

Report fake followers and inappropriate content

Verify links before sharing

Do you have questions about securing your social media account? Ask in the comments, and don’t forget to subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

 

How To Secure Your Web Browser

Did you know that most viruses sneak onto your computer through your Web browser? Here’s how you can secure your Internet surfing experience.

First, some basic safety tips. You’ll want to look through these before you proceed.

Then, take a look at your Web browser(s) with the following advice in mind.

Related Article: Eight Tips For Safer Web Browser Searching by Triona Guidry (The Northwest Herald)

How To Clear Your Web Browser’s Cache

How To Activate Your Web Browser’s Privacy Controls

Do you have questions about securing your Web browser? Ask in the comments, and don’t forget to subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

 

A Parent’s Guide To Protecting Your Kids Online

kidsIt’s hard to protect kids online, because parents and educators often have a hard time finding resources that can help them understand the latest risks and recommendations. I’ve gathered a variety of information in one place so you can learn about antivirus, parental controls, and protecting your kids while using mobile devices and video games.

Kids’ computers are among the most vulnerable to security threats. That’s not to say your kids are doing anything wrong. On the contrary, they’re the victims. Not only do virus-writers like to booby-trap kids with malicious web sites, they also like to infiltrate legitimate ones. Kids are also at much at risk of identity theft as any Internet user. More so, because cyberbullying has become such a deadly and devastating menace.

These are resources every parent needs to know about how computer viruses and Internet threats work. If you have questions, please feel free to comment. You can also subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

Antivirus And Security

Mobile Devices

Video Games

Cyberbullying And Harassment

 

Six Things Every PC User Needs To Know About Windows 8.1

Windows81The new Windows 8.1 affects you, even if you’re still using previous versions of Windows. Here’s what you need to know about the upgrade.

First Rule of Windows 8.1: There Is No Start Menu
Microsoft’s been shouting it from the rooftops: “The Start button’s back! The Start button’s back!” Except that doesn’t mean what you think it means.

What Windows 8.1 does is stick a Start button in the lower left corner, which brings up the new Start screen – not to be confused with the old Start menu you’re probably looking for. Dizzy yet? To make matters worse, not all applications will support the returned Start button, meaning it’s less of a fix than a kludge. A Start button that isn’t always present is as confusing as a Start button that’s missing entirely, if not more so.

Second Rule Of Windows 8.1: The New Look Is Here To Stay
Regardless of what they’ve done with the Start buttonmenuscreen, the Windows 8 interface (which I would call “Metro” except Microsoft says we’re not supposed to call it that anymore) is the future of Windows. So don’t expect Windows 8.1, or any other update, to restore your computer to yesteryear. The new look and feel is here to stay, and it’s time to get used to it if you intend to stay in the Microsoft world.

Third Rule Of Windows 8.1: Say Goodbye To Your Keyboard And Mouse
Windows 8 is made for tablets. In fact, many of us are still trying to figure out why Microsoft thinks a tablet interface is a good idea in a PC environment. If you don’t have a touch interface, it’s klunky to use – in other words if you’re one of the 99.99999% who still have a keyboard and mouse, which is SO 2012, PEOPLE.

Fourth Rule Of Windows 8.1: You Need It, Unless You Like Viruses
If history is any indication, expect Windows 8.1 to become the only acceptable version of Windows as far as being able to fix problems or install updates. Doesn’t matter if you want it or not, eventually you’ll have to install it or your computer is guaranteed to become a writhing infestation of identity-stealing viruses and malware.

This means you, Windows XP people – you need to upgrade. Now. I don’t care if you go Win7 or Win8, either is better than what you’re using now. Don’t wait until your computer is unusable, your financial data stolen, your accounts hacked, and your personal information spread across the Internet.

Fifth Rule Of Windows 8.1: It’s Not That Bad And In Some Ways Good
If it weren’t for the klunky interface and the lack of training for the average consumer (you know, the people for whom it’s purportedly designed), I would like Windows 8.

It’s fast. It’s powerful. It doesn’t take up a ton of memory (looking at YOU, WinME), doesn’t throttle your processor (Windows Vista), doesn’t cause incompatibilities with every single piece of hardware you own (Windows 95).

So, yes, it’s a technically superior operating system. So was OS/2 Warp, only it wasn’t widely used because it was hamstrung by a lack of apps and a failure to educate people on how to use it. Ironic that Microsoft may be following the same road to ruin decades later.

Sixth Rule Of Windows 8.1: You’re On Your Own Learning It (But I’ll Help!)
Microsoft has information online, but you have to hunt for it – using an unfamiliar touch-swipe interface, unless you happen to have another device handy, and doesn’t that eliminate the point? It’s no wonder many businesses have decided to hold off on upgrading. I don’t know why Microsoft has such blinders on when it comes to understanding that your average, everyday person needs to be able to use this without spending the entire morning trying to figure out how to accomplish a task.

To that end, here are some resources to get you started with Windows 8:

And don’t forget to follow Tech Tips for the latest on Windows 8, Mac, and more:

Once again we come to the age-old dilemma: Do you put up with the new features for the sake of security? If I were you, I would either a) get on Windows 7 ASAP, b) get on Windows 8 ASAP, or c) pick another platform (Mac? tablet? phablet?) because the Windows 8 train has left the station and anybody who didn’t jump on board is going to get run over eventually by viruses, malware, and other Internet scum.

What do you think about Windows 8? Love it? Hate it? Cowering in a corner hugging your Timex-Sinclair and dreaming of punchcards? Share in the comments!

 

How To Backup And Restore Files On Your PC Or Mac

backuprestoreEveryone knows you’re supposed to make backups, but choosing a method can be confusing. Here’s a rundown of your choices for Windows and Mac.

Built-In Backups
All modern computers come with utilities which you can use to back up to an external hard drive. The hard drives themselves often come with user-friendly utilities as well.

Third-Party Backups
If you don’t like the built-in options you can choose a third party backup – but watch out for lookalike viruses that pretend to be backup or “computer cleaner” programs. Your best bet is a solution from a reliable software vendor.

Cloud-Based Backups
Cloud backups are convenient because all you have to do is let the utility lurk in the background. Your backups are always current because the software is always running, always backing up changed files.

The danger with cloud backups is that you don’t know who has access to them behind the scenes, or whether the backups will remain available to you if the service goes down or bankrupt. If you’re going to store backups on the Internet, make sure you keep a copy on a local hard drive.

Encrypting Backups
The best way to secure your data when using cloud backups is to encrypt it. Mac users, there’s an easy trick you can pull with Disk Utility: creating a protected disk image.

Windows users, you’ll have to find a third party utility like TrueCrypt. But bear in mind, most encryption utilities were developed for tech professionals so they’re not always the most user-friendly. Also, any utility that works with files at a fundamental level runs the risk of damaging those files. Run your encryption on copies, not originals. I also recommend against encrypting your entire hard drive unless you really know what you’re doing.

Testing And Restoring Backups
Backups don’t do much good if you can’t restore the data on them. You should periodically run a test restore, to make sure you can before an emergency strikes. You should also maintain multiple backups in case one backup device fails.

Another way you can back up your files is with a drive imaging program that takes a snapshot of your entire disk. I’ll post about that in a separate article. Want a head’s up? Subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

Image courtesy of Stuart Miles / FreeDigitalPhotos.net