Monthly Archives: May 2017

Reusing password and Password Managers

At some point we have all been guilty of this, reusing passwords on multiple sites because it is impossible to remember every password for every website we are required to log into these days!  I personally used to think having a password manager was bad, but it isn’t!!!  Password managers enable you to use features like, generating secure passwords.  It remembers them for you, so you don’t have to rely on your memory or sticky notes around your computer!  Just make sure you password manager has a secure password!!!

Troy Hunt teaches courses on Pluralsite.com and is an Australian Microsoft Regional Director and also a Microsoft Most Valuable Professional for Developer Security. (from his website!)  He’s an expert on this!!!!  He has a website called, haveibeenpawned.com and he uploads security breach information to a database and then all you have to do is put your email address in and it searches to see if you have been pwnd.  Pwnd meaning that your security credentials have be compromised.  I recommend you visit it ASAP!  You will be shocked and I guarantee you will start changing many of your passwords!!!!!  It’s a free service he provides and it’s a ton of work!!!!   I highly recommend donating money to the site.  It’s a ton of work he is doing to keep us safe. 🙂

I recommend you read his blog post about passwords and password managers.  He has listed a few that are very good.  Check the post out here.

 

Advertisements

Awesome YouTube Video by Troy Hunt

This video has some awesome info on why you should have complicated passwords everywhere!  A link to the article he mentions in here as well! https://www.troyhunt.com/password-reuse-credential-stuffing-and-another-1-billion-records-in-have-i-been-pwned/

Google Docs Phishing Attack-How To Protect Yourself

As many of your heard, there is a new phishing scam out there and it has to do with Google Docs.   Unless you are 100% positive that the document is in fact real, do NOT open it.   The best part of it is, an ethical hacker by the name of Eugene Pupov claims he did it by mistake.   Whether it was a mistake or not, the emails come mostly from a domain named malinator.com.    They look like this:

devious-google-phishing-attack

What does the attack do?  It asks you to grant permission to your email, and if you accept it can go through your email and and find your contacts and send it out to more people from your account.  It will look like it came from you, so be aware of any emails you may get from people you know.  If you are remotely unsure if that email you received from a person you know has a Google Doc attached to it, send them a separate email asking them if they actually sent you a document.  They may be infected and not know it!  If they are infected tell them they need to notify people!

How can you protect yourself?   Be suspicious of ANY email that looks like it could be a phishing attack.  If you are wondering what that looks like, check out my previous blog article here.   Do NOT authorize any apps to have permission to your gmail account.  Check to see what apps already have authorization to your Google account and if they don’t look like something you accepted remove access.  There is an article on how to do this on Google’s website here.   They have addressed the issue and if you think you have been affected, please click here to find out what Google advises you do to correct the issue.

 

 

 

 

 

%d bloggers like this: