How To Prepare Your Computer For Recycling Or Donation

Posted on April 15, 2013 Written by Leave a Comment

computer-recycleIf you have old computers and cell phones lying around, you’re not alone. Many of us hang onto old devices because we don’t know what to do with them. Sure, we want to donate or recycle, but what about the data?

Here’s how to erase your computers, cell phones, and tablets prior to donation or recycling. Don’t forget printers, copiers, and fax machines too! You can find more details on e-waste and e-cycling on the EPA’s web site.

Warning: This article presumes that you’ve either backed up or don’t need the data on the device. Make sure you have everything you need before you do this!

Computers

If you’re recycling you can simply format the drive. Try DBAN for Windows to erase your hard drive thoroughly. Mac users can use their Apple system software utilities.

If you’re donating, presumably you want to present a usable computer with an operating system on it. In that case you’ll want to do a factory reinstall from the original disks or hard drive partition. Check your manufacturer’s instructions for details on how to restore to the original factory software. This turns your computer back into what it was when you bought it, without your personal data.

When in doubt, you can always remove the hard drive and smash it to pieces.

Smart phones and tablets

First, delete all contact, calendar, and other private data. For both tablets and smart phones, perform a factory reset to zap any remaining data. If it’s a phone, remove the SIM card (check your manufacturer’s instructions).

Printers, scanners, copiers, and fax machines

Computers and phones aren’t the only devices that keep a record of your data. Fax machines and copiers do too, and even some printers and scanners (usually the big fancy ones). Check the manufacturer’s instructions on how to perform a power reset or factory reset. Afterwards go into the printer’s configuration settings and make sure no private data remains.

Where can I donate or recycle?

The EPA has a web site with information on where you can recycle or donate your used equipment. Check with your local schools, libraries, and charitable organizations. You never know if your used computer might fill a need right in your own community.

Bear in mind that these techniques may still result in recoverable data, if someone tries hard enough. It’s always best to double-check. You can also reformat multiple times to reduce this risk.

Do you have questions about how to recycle or donate your computer? Ask in the comments, and subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

Image courtesy of Stuart Miles / FreeDigitalPhotos.net

 

Filed Under: apple, business, computer help, consumers, hardware, ipad, iphone, ipod, mac, microsoft, mobile computing, pc, printers, privacy, security, small business, smart phones, windows, windows phone

Your Webcam Can Be Used Against You

Posted on February 15, 2013 Written by 3 Comments

webcamSmile! Your private life might be streaming live on the Internet!

Did you know hackers use viruses to commandeer the webcam on your computer, tablet, or smart phone? Makes you think about all the places you take these devices, and what they could be recording. In this month’s The Northwest Herald I talk about the dangers of unsecured webcams and microphones:

It’s not just your devices, but those of the people around you as well. Chances are, you’ve had a phone or tablet nearby during a private conversation with a lawyer, a doctor, a friend. What if someone else was watching and listening through that device?

Cameras can be hijacked in a number of ways. Cybercriminals can commandeer them with viruses, then extort you by demanding money for the deletion of potentially embarrassing photos and videos. Sometimes they have the nerve to imitate law enforcement, claiming that you have illegal content on your computer and will go to jail if you don’t pay their fee.

I’m fond of taping over the webcam unless you need to use it regularly – in which case a purse or pocket provides a lovely view of lint, should someone try to sneak a peek. That doesn’t help with microphones, of course, which is why it makes sense to store your mobile devices where they’re less likely to overhear private conversations.

I also strongly recommend to my fellow parents – get the computers and camera-equipped game consoles out of your kids’ bedrooms, NOW. There are some scary new statistics about the increase in predatory sexploitation which will make you want to take a hammer to every camera in the house.

Here are some articles about webcam security you might find interesting:

What are your concerns about webcam and microphone security? Share in the comments!

Image courtesy of renjith krishnan / FreeDigitalPhotos.net

 

Filed Under: antivirus, articles, consumers, cybercrime, hardware, Internet, ios, ipad, iphone, kids, malware, mobile computing, northwest herald, privacy, security, skype, smart phones, social engineering, spyware, video games, viruses, web, webcams, windows phone

How To Create Secure Passwords (Revised Edition)

Posted on February 4, 2013 Written by 3 Comments

Computer SecurityMany people say to me, “I don’t need a secure password. I don’t have anything sensitive on my computer, so I don’t care if a hacker gets in.” You, my friends, are a hacker’s dream. Because it’s not necessarily your personal information they want, although they’ll happily steal your credit card info if they can. No, what they really want is control of your computer, your email address, your Facebook page… anything and everything that will let them do their dirty work from behind a smokescreen.

I originally posted this on Tech Tips in 2010, based on many years of teaching tech support clients about password safety. But some of the old rules no longer apply, so this is my newly revised edition. If you think you can still get away with slapping an exclamation mark on the end of a word, you need to read this revised advice.

Strong passwords must be:

Not in use on any other system
This is perhaps the biggest no-no in the password rulebook. When hackers nab passwords, they try the same account/password combinations on popular sites like Google, Facebook, Twitter. If you’re using the same password you just let them in. Do not ever, ever, ever use the same password anywhere. Before you despair, keep reading. There are tools to make it easier.

Changed regularly
Yes, you have to change your passwords. And yes, they still have to be different everywhere. Use a secure password management tool if you find it unmanageable (see below).

12 characters or longer
Think passphrase rather than password. We used to say 6-12 characters was enough, but we’ve found that the longer and more complex a password is, the less likely it can be cracked.

A mix of upper- and lowercase letters, numbers, and symbols
Some systems won’t allow you to use a range of characters in your password, in which case I suggest you reconsider using that site. Do you really trust someone who isn’t going to allow you to secure your account properly? Makes you wonder how secure everything else on the site is.

Not common words or proper nouns found in a dictionary
An analysis of the recent LinkedIn breach found that many people were using ridiculously simple passwords like “password” and “123456.” If your passwords sound like these, change them now.

Not the names of your spouse, kids, pets, or other personally identifying information
Presidential candidate Mitt Romney’s online accounts were hacked via the very simple expedient of answering security questions with information that had been made publicly available. Same thing happened to Sarah Palin. Don’t create passwords out of information that can be gleaned about you, and don’t share information that can be used to guess security questions.

Examples of good and bad passwords

Good passwords (but don’t use these!)

AP@ssw0rdIJustMADE!UP!4U
Here’sAnOtHeR1FOR$You

Bad passwords

password
password1
password!
123456
<blank>
mypassword
spouse’s name
pet’s name

Password Don’ts…

  • Don’t rotate between the same two or three passwords. It’s just as bad as using the same password everywhere.
  • Don’t send passwords via email, Facebook, Twitter. Use other means like text message or fax, which goes directly to the recipient. Or, even better, a phone call.
  • Don’t stick passwords on Post-It notes. Whether it’s under the keyboard or on a bulletin board, it’s exposed. Be like Gandalf: Keep it secret, keep it safe.
  • Don’t share passwords and accounts. This is especially prevalent in small businesses. Don’t create one account then share the password; create multiple accounts for each person who needs access. More time consuming? Sure. More secure? You bet.

Tools to manage your secure passwords

Feeling overwhelmed? Don’t worry, there are plenty of password management tools available. With a password management tool all you have to remember is one master password and the software takes care of the rest. I recommend KeePass, 1Password or LastPass. Even better, you can use the same password management tool on your computer and on your mobile devices.

Why not take this opportunity to change your passwords? It’s the best thing you can do to protect yourself against identity theft and cybercrime.

[Originally posted in 2010 as How To Create Secure Passwords. This version has been updated with the latest advice on secure passwords.]

Filed Under: beginners, business, computer help, consumers, cybercrime, email, facebook, gmail, google, Internet, passwords, privacy, security, small business, social engineering, social media, web

Stop Integrating My Computer With Social Media!

Posted on September 24, 2012 Written by 2 Comments

Tech companies need to remember that consumers are people with brains and don’t need to be force-fed technology through the virtual equivalent of a baby spoon. Mountain Lion, Apple’s latest operating system for Mac (OS X 10.8), boasts improved Facebook integration. In my mind that’s not a feature, it’s a reason to stay away.

I DON’T want my operating system to be integrated with social media. The operating system is the brains of my computer. It doesn’t need to check into Facebook or Twitter. I may run apps on top of it that do need to check into Facebook or Twitter, but that’s my decision. I don’t want my system software making that decision for me.

I want my system software stupid. I don’t want it to know a damn thing about the Internet except how to connect to it. To put it in IT terms, I don’t want my OS thinking past the lowest layers of the OSI model. I certainly don’t want it making decisions at the presentation and application layers. Let it merrily chat away via TCP/IP without bothering to look inside those data packets, and let the programs I choose do that work.

I could say the same for my iDevices. I don’t want to use iCloud. I don’t want to use FourSquare. I don’t want to check in every five seconds. As I said in a previous rant er… post, I certainly don’t want all my data syncing to some unknown datacenter when all it needs to do is go two inches from device to computer.

There’s such a thing as too much integration. Everything doesn’t need to work seamlessly with everything else. If I wanted an operating system based on Facebook I would do all my work with Facebook apps. If I wanted to use cloud computing I would sign up for cloud computing. But if all I want is to work locally on my own computer, I should be able to do that too.

What I want is an operating system I can secure with third party tools (sayonara, Windows RT!), upon which I can run the programs of my choosing.

Of course, I could always run Mountain Lion and simply not give it my Facebook credentials, but that’s not the point. The point is that the capability of integration is there. The point is that if something happens – if I input my password in the wrong dialog box, if a virus presents me with a malicious login, if one of Apple’s preferences “accidentally” gets switched on – then suddenly I am sharing a whole lot of data with the world that really shouldn’t be shared.

As a computer expert, I know the best ways to avoid that. But most people don’t. The average person, right now, is streaming data to Facebook, Twitter, iCloud, and who knows what else, without even being aware of it. And that’s BEFORE the latest integrations between social media and our system software.

Stop sacrificing security for convenience, because it’s not the tech companies that pay the price, it’s the consumers. We’re the ones who get our bank accounts hacked, our email hijacked, our identities stolen, our lives ruined. That’s not exaggeration, that’s the result of a multi-billion-dollar cybercrime industry.

 Subscribe free to Tech Tips by email for computer news, security tips and more!

Filed Under: antivirus, apple, cloud computing, consumers, cybercrime, facebook, Internet, ios, ipad, iphone, keyloggers, mac, microsoft, mobile computing, pc, privacy, security, smart phones, social media, software, spam, spyware, twitter, viruses, web, windows, windows 8

Don’t Use Facebook As Your Personal Planner

Posted on September 10, 2012 Written by 1 Comment

Those Facebook games that have you put in your mother’s maiden name or your grandfather’s birthday? They’re siphoning your info. It’s like waving a lollypop in front of a kid while you steal stuff out of their pockets. “Play our cool game! Oh, and thanks for all the personal details, sucker.”

Personally identifying information, or PII, is the data that identifies YOU as YOU. Birthday’s aren’t just birthdays anymore, they’re the keys that can unlock your bank accounts. So are maiden names, place of birth, the schools you went to, the people you’ve known.

Games People Play
Think about the security questions you’re asked to fill out on many web sites. If you’re answering the questions honestly (and there is something to be said for security through lying), the answers can be gleaned from your FB page.

Some of these “games” come in app form, while others are simply text-based chain letters: “Hey everybody, let’s play place of birth – post where you were born!” Consider the things you might share on Facebook: birthdays, calendar, contacts, vacation plans, photo album. That last one freaks me out the most. I do NOT use Facebook as a family photo album and I highly recommend that you don’t either, especially if you have kids. There are too many creeps out there.

Real-World Consequences
If you don’t believe this is a major problem, try these examples on for size:

Hackers Invade Accounts By Guessing Security Questions
This hack of Mitt Romney’s Hotmail email and Dropbox accounts is a great example of how answers to security questions can be gleaned. Amusement value: one of the questions was “pet’s name” which thanks to the infamous “car rooftop” incident is known to one and all as Seamus. Oops!

Similarly, Sarah Palin’s Yahoo! account got hacked during her campaign through correctly answering the security questions based on publicly available info.

Thieves Use Facebook To Rob Vacationers’ Homes
People posting their vacation plans to Facebook should do so after the fact. There are many instances of crooks using Facebook to scout vacant homes for theft. You can read about a few of them here and here.

If you think your Facebook friends would never do this to you, bear in mind that criminals create fake Facebook profiles that can be quite convincing. You might have a few ringers in your own friends list as we speak.

Facebook Doesn’t Delete Your Data
Even if you remove your information, there’s no guarantee it’s actually deleted. Facebook has long been criticized for not deleting data such as photos upon user request. Once you’ve posted something to Facebook, you can assume it’s there permanently.

Not only should you be concerned about what you are posting, but also what your friends are posting. If your friends add your birthday or other personal details without permission, ask them to remove it. While you’re at it, you could point them to this article and explain the dangers of too much online sharing.

An Uncontrolled Experiment
The truth is that these companies have not proven that they can be trusted with our data. There’s no history for this, no fossil record of what happens when we entrust our lives to the Internet. We are collectively engaging in a new human experience and we have no idea how it’s going to shake out.

So my advice is caution. Don’t use Facebook as a personal planner. That’s not what it’s for and you are endangering yourself and your friends by using it that way. Facebook is for sharing things with people, and the company has no intention of keeping anything you put on there private. There are other online tools for that purpose, although I also have concerns about those too, considering recent incidents like the Apple/Amazon customer service hack… but I digress.

The good news is that you can take advantage of Facebook’s viral nature to spread the things you want known far and wide: your business, charities you believe in, causes you think are just… and of course LOLcats and, in my case, Doctor Who jokes. But don’t put anything on there that you wouldn’t want made public, or you may live to regret it.

Filed Under: cloud computing, computer help, consumers, cybercrime, email, facebook, hotmail, Internet, privacy, security, social engineering, social media, web

Apple & Amazon Customer Service Hacked: Can The Cloud Be Trusted?

Posted on August 14, 2012 Written by Leave a Comment

Once your data is in the cloud you lose all control of it. A journalist’s online persona was recently hijacked through hackers’ clever and scary manipulation of Apple and Amazon’s tech support. This could happen to any of us, at any time.

A description of the incident from the journalist, Mat Honan, who works for Wired:

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

The Price Of Cloud Computing?
This, folks, is the kind of thing that terrifies me. Years ago I wrote a post called Cloud Computing For Consumers Makes Me Cringe, in which I expressed my concerns over the proliferation of consumer tech based on the cloud. I’m far from the only one; the tech industry has been at each others’ throats for years. Some see the cloud as too vulnerable, while others say it’s a vital (and inevitable) resource.

It seems our fears have been realized. Like everyone else I want the fun new features of today’s devices, but I don’t trust the cloud, especially when I hear about incidents like the Apple+Amazon debacle.

I’ve been in tech support far too long to be fooled. I know other incidents are happening that we aren’t hearing about. I know my data is residing in places I don’t intend. I know that in some ways I’m helpless to stop that, but I can also choose which technology to embrace and which to reject. And I reject the idea that I need a distant datacenter for even the most minute of daily tasks.

Is It Too Late?
Of course that’s a largely symbolic statement. In reality, I’m already using the cloud in ways I don’t like, but was forced to. We all are. What scares me is that most people don’t know how cloud-dependent the world is becoming. They think they’re not using the cloud even when they are.

Apple leads the pack with iCloud. You can’t sneeze on an Apple device without it asking if you want to use iCloud. Soon you’ll have to use Apple’s cloud service even if all you want is to sync the basics like calendar and contacts. But once transferred, our data is not necessarily protected, as our poor Wired journalist learned. From an article about the incident:

On Aug. 3, an “epic hack” compromised technology journalist Mat Honan’s Twitter account. Along the way, the attacker–known as “Phobia”–also managed to remotely erase Honan’s Apple laptop, iPhone, and iPad. Furthermore, Phobia did it by socially engineering–as in, tricking–customer service representatives at Amazon and Apple, allowing him to gain sufficient information to first access Honan’s iCloud and Gmail accounts.

Manufacturers Need To Step Up Security
Granted, Honan did a few things that aided the criminal. He linked accounts together (notably Twitter), he didn’t activate all the security available on his devices, and he didn’t have good backups. But, in my opinion, that’s as much the fault of the manufacturers as it is the consumer.

We’re encouraged to link accounts. We’re encouraged to take advantage of all the shiny new features. There is never any fine print that says, “oh, by the way, if a hacker makes it this far, enabling this feature means you’re screwed.” And it’s not always clear that “turn this feature on” means “your data will be transmitted”.

I also lay blame at the manufacturers’ feet for their EpicFail on internal security practices that would have prevented the criminal from gaming the system to gain the information needed to break in.

The journalist was technically savvy and this still happened. Imagine how much harder for the average person! I know because I’ve spent most of my career helping small businesses and consumers with just this sort of problem, and there are few good solutions.

It’s not just Apple and Amazon. This is an industry-wide problem that the industry hasn’t addressed. Vendors are quick to point out new features: more speed, more memory, bigger, better, faster… but the consequences are not always recognized until after the technology has been embraced by the public.

How You Can Protect Yourself
Which means you, dear consumer, are on your own in deciding which technology is safe or unsafe. This is harder than it sounds. Like everything else in our advertising-driven world, some of the information you’ll read is sponsored by the people who sell the products. You have to sift, filter, and decide for yourself. (This blog, for the record, is sponsored solely by me.)

Personally I think it’s absolutely stupid that my modern iPad can’t do what my creaky old PalmPilot still can: sync data via a physical cable. Tech manufacturers need to GIVE US AN OFFLINE OPTION instead of forcing us to use the cloud because they obviously can’t secure the cloud.

I’m also looking at you, video game manufacturers. I chose not to play Diablo III specifically because it requires an always-on connection to the servers. Gee, now Blizzard is telling the Diablo and World of Warcraft players that those servers were hacked and their personal info was stolen. I like a good fantasy RPG as much as the next geek but not at that cost.

The industry is throwing us at the cloud because cloud computing makes it easier for them to write the programs and provide support for them. If everything’s in the cloud they don’t have to deal with multiple computer configurations, multiple devices, and tons of tech support headaches. “Hi, I’ve got a Palm V connecting via serial to a Pentium II running Windows 98, and somehow it won’t also connect to my new Windows 7 laptop…”

It’s my firm belief that every device should have a setup wizard that walks you through securing that device. This might not stop people gaming the system but it makes it a lot harder for them to get very far with your data, even if they do manage to break into your accounts.

The cloud may be easier for vendors, but not always so for consumers. My advice is to use it at your own risk.

Image: FreeDigitalPhotos.net

Filed Under: amazon, apple, business, cloud computing, consumers, cybercrime, Internet, ios, ipad, iphone, mac, privacy, security, small business, smart phones, social engineering, social media, twitter, video games, web

Five Things That Annoy Me About The iPad

Posted on April 19, 2012 Written by 7 Comments

For the most part I like my iPad, but there are a couple of things about it that drive me nuts. We always hear about how great the iPad is. I want to share with you some of the things I can’t stand about it.

Saving files
Who’s the genius who came up with this? To save a file from an iPad you have to “share and print” it to iTunes, then sync the iPad to your computer… then MANUALLY copy it onto your hard drive? I’m having a flashback to my old TRS-80 days, saving data onto cassette tapes – a process that was a lot more straightforward.

Most people aren’t even going to find this setting. In iTunes, go to your iPad, then Apps. There’s a section at the bottom that lists the apps that can handle files (not all can). Select the app, select the file, save it to your hard drive. Yeah, like that was intuitive.

I’m a full-time writer. I write on my iPad – a lot. Saving files is a pain. This process means I have multiple versions of various documents lying around, and have to rely on modify date to tell which one is most recent.

And no, Apple, I do NOT want to use your spiffy new iCloud service to make this easier (see below). I just want to sync a basic text file from the device in my hand to the computer less than two inches away. How hard is that?

Cameras
I don’t need two cameras. I don’t even need one camera. But if there’s going to be a camera I want a physical way to turn it off, like a lens cap or a mechanical shutter. There are viruses that can turn on your camera without your knowledge and I want some control over that beyond antivirus.

At the moment, the cameras on my iPad are secured via the highly technical method of taping Post-It Notes over them.

Newsstand
This is the future of periodicals? I am not impressed. I wanted one device upon which to read all my stuff: books, newspapers, magazines, the Internet. Works great for the first and last, but my periodicals are scattered all over the place. Some have their own apps, others come in via Zinio or Newsstand. And that’s just the standard periodicals, never mind the comic books. It’s a jumble.

As a side note: I wish all magazines would give print subscribers the option of logging into digital content. If I’m paying for a magazine to be physically delivered, I should be able to get that same magazine digitally delivered.

iCloud
Look, Apple, I don’t want to sync my entire life to a device, okay? I like the fact that I can choose to do so, but I don’t like being nagged every five seconds to change that choice. (Ping, I’m looking at you too.)

And I know I’ll probably be forced to use iCloud eventually if I want to take advantage of new features. Apple will make the choice for me because it’s easier for them, in much the same way I had to embrace Google Reader to use a halfway decent RSS app.

Antivirus
Antivirus for mobile devices reminds me of the old DOS command-line scanners. This is partly because of the stupidity of the file-saving process. Antivirus for iPad only scans files in certain places, like your iTunes save files or an FTP account. It’s not necessarily going to warn you if some sneaky new Trojan is burrowing into your iPad in real time. And, like any antivirus, it’s not going to prevent someone from tricking you into clicking on something you shouldn’t.

Being an iPad owner isn’t all fun and games. What annoys you about Apple’s ubiquitous tablet?

 

Filed Under: antivirus, apple, cloud computing, consumers, file sharing, hardware, ipad, itunes, mobile computing, privacy, security, viruses

“Girls Around Me” App Shows How Stalkable You Are

Posted on April 4, 2012 Written by Leave a Comment

There’s a creeptastic app called “Girls Around Me” that gleans data from mobile social media platforms to show all the women in your physical location. It’s been pulled since the controversy, but this description from Sophos Naked Security’s Lisa Vaas will give you the chills:

Brownlee’s article describes how he pulled out the app at a party, only to watch female guests recoil at the way data from Facebook and Foursquare was depicted, with each woman represented on the map as a “Matrix-like” silhouette of a naked pole dancer or stripper.

Some of the guests’ comments:

“Wait… what? Are these girls prostitutes?”

“How does it know where these girls are?”

“Do you know all these girls?”

“Is it plucking data from your address book or something?”

The answers Brownlee gave: No, they’re not prostitutes, they’re just regular women. The data from the women (I’ll abstain from calling them “girls,” as I believe they were, in fact, adults), including their specific location, reams of photos, Facebook details including birthdays or relationship status or schools attended, had been publicly broadcast from Facebook and Foursquare’s check-in functions.

Now pull out your smart phone. Do you have Location Services on, and are you using Facebook or Twitter? Shazam! You are stalkable. I’m hearing the Foursquare users scrambling to turn it off. Good. In my view you should always default to not sharing your location unless you have a very good reason to do so.

And there are good business reasons to use location. Realtors advertise open houses, stores promote sales, writers offer book signings… but I’ve also seen people checking in from the grocery store, the gas station, the dentist. Not only does this spam your contacts with needless info, it’s a magnent for the unscrupulous. “Ooh, look! You checked in at the auto repair shop! Which means you’re not home AND you’ve got a ritzy model car. Time for a little breaking and entering!”

Unfortunately it’s not as simple as turning off location. As the Sophos article points out:

…it’s impossible to uninstall Twitter from my phone, as it’s bundled into the operating system. If you want to snip Twitter’s thread, you have to uninstall it (if possible) or quit the application on your phone.

Or turn off Location Services, which stinks if you want to use something like Apple’s nifty Find My Phone or even basic GPS. What’s the use in paying for all these modern features if you have to lobotomize your phone back to the 1990s?

My greatest concern is that most people are using Facebook and Twitter from their phones without thinking about the fact that they are broadcasting their location. If you sign up for Foursquare – okay, you should realize it’s going to tell people where you are. But most folks don’t equate Facebook with “shouting to the world that I’m at the pediatrician.” And that’s another thing: parents, you’re not just broadcasting your location, but your children’s. And if you’ve been publishing stuff about your kids on Facebook, Twitter, or your blog, you’ve just given a potential criminal even more info.

Are you screaming in fury yet? You should be, because this is only going to get worse. Just as we no longer have a choice in using cloud computing, we will soon have no choice in broadcasting our location. We are at the mercy of the device vendors, and our privacy is not exactly their top priority. Get used to being findable by everyone from advertisers to co-workers to total strangers.

Do you use location? Does the idea of apps like “Girls Around Me” creep you out? Share in the comments!

Filed Under: alerts, apple, consumers, cybercrime, facebook, Internet, ipad, iphone, mobile computing, privacy, security, smart phones, social media, twitter, web

What To Do If Your Employer Demands Your Facebook Password

Posted on March 29, 2012 Written by Leave a Comment

By now you’ve heard the controversy about employers demanding the Facebook passwords of prospective and current employees. As described on one of my favorite sites, the always irreverent Register:

…some employers aren’t happy with just seeing the public part of applicant profiles; they’re actually asking prospective employees to turn over their Facebook login and password… Other companies are requesting that prospective (and presumably current) employees “friend” HR reps or background-checkers on Facebook. Others are requiring applicants to log in to their Facebook accounts from a company-owned computer…

Facebook users, you are served
Oh, dear. I believe the technical term for this is “being served.” And the world is answering, “It’s on,” because this is stupid on a level normally associated with putting salt in one’s coffee. Sharing passwords is one of the cardinal sins of IT security. You just don’t do it. EVER.

What cracks me up is that, in my industry, this would backfire. On the contrary, it’s a great way to weed out people who have no business working in IT:

HR Person: “Could I have your Facebook username and password, please?”

IT Applicant: “No. That would violate Facebook’s terms of service, and is against the standard password rules used by every sane IT department on this planet.”

HR Person: “Congratulations! You’re hired!”

Just say no to sharing passwords
Facebook has weighed in to remind people that sharing passwords is against its terms of service, and the government’s considering the matter.

I have no beef with prospective employers searching the Internet for anything I may have publicly posted. If my posts reveal too much because I didn’t understand privacy controls, that’s my problem. (And I realize that’s not the easiest task for a lot of people, which is why I blog on Tech Tips; to help people learn the fundamentals of using their computers.)

But demanding personal Facebook passwords? Where do we draw the line? As the Reg points out:

If a company requires you to give them an intimate view of your social networking pages during the interview process, might there be something in the employment agreements that gives them the “right” to take a second, third, or fourth look – whenever they want to – after you’re hired?

And might there be something that gives them the right to scrutinize other things, like your email account, bank account, personal offline correspondence…? I have seen some companies take advantage of the current economy by forcing employees to work ridiculous hours, or take on the jobs of two or three people. People are so scared to be unemployed that they are willing to put up with things they’d never have tolerated before. Is sharing Facebook passwords one of them? Do we have to sacrifice our personal lives for the chance to scrape together a living?

What to do if your employer insists
My personal stance is unequivocal. I refuse to share passwords with anyone, employer or not, but I’m a freelancer and can pick and choose my gigs. What about those who don’t have the luxury of standing on principle? They may feel they have no choice but to violate their own privacy and allow employers access to their personal accounts.

I suspect this whole thing is going to get shot down by public opinion, but something similar could occur in the future. What should you do if you are in this situation? My advice tends towards a strong preference for saying not just no, but hell no. Do you really want to work for a company with that level of disrespect for its people? Is it one of those dungeons of despair that sucks your energy just by being there? Because I can’t imagine the morale of such a company would be very high. I’d consider it a major warning flag that there may be other reasons for staying very far away.

What do you think? Share in the comments!

Filed Under: business, facebook, Internet, passwords, privacy, security, social media, web