Strong Passwords Aren’t As Easy As Adding 123. Here’s What Experts Say Really Helps


source:  cnet.com

Creating a good password isn’t as simple as putting an exclamation mark at the end.

You’ve seen all the familiar rules for strong passwords almost every time you create an online account. Use capital letters, numbers and special characters, and make it at least 8 characters long (or 10, or 12). These requirements are designed to make it harder for hackers to get into your accounts. However, they don’t really make your password stronger, say researchers at Carnegie Mellon University.

Lorrie Cranor, director of the CyLab Usable Security and Privacy Laboratory at CMU, says her team has a better way, a meter that websites can use to prompt you to create more-secure passwords. After you’ve created a password of at least 10 characters, the meter will start giving suggestions, such as breaking up common words with slashes or random letters, to make your password stronger. 

These tips set the password strength meter apart from other meters that provide an estimated password strength, often using colors. The suggestions don’t come from a checklist, but instead respond to common pitfalls Cranor’s team has seen people make when they set up passwords during experiments run by the lab over several years.

One of the problems with many passwords is that they tick all the security checks but are still easy to guess because most of us follow the same patterns, the lab found. Are numbers required? You’ll likely add a “1” at the end. Is it capital letters? You’ll probably make it the first one in the password. And special characters? Frequently exclamation marks.

CMU’s password meter will offer advice for strengthening a password like “ILoveYou2!” — which meets the standard requirements. The meter also offers other advice based on what you type in, such as reminding you not to use a name or suggesting you put special characters in the middle of your password. 

“It’s relevant to what you’re doing, rather than some random tip,” Cranor said. 

Continue reading “Strong Passwords Aren’t As Easy As Adding 123. Here’s What Experts Say Really Helps”

8 Ways to Get More Done in Microsoft Word With Less Work

source: fastcompany.com

 

Love it or hate it, at 37 years and counting, Microsoft Word is old enough to run for president or have gotten divorced (maybe a couple times). It might even experience unexplainable back pain in the morning.

Word not going anywhere—at least not for a while. And even if you use it every day, there are still probably plenty of super-helpful tips, tricks, and shortcuts you haven’t discovered. Here’s a quick list of some of the more useful ones.

Note: I’m using Microsoft Word for Office 365 on a Windows 10 PC but I’ll list Mac equivalents where available.

AUTO-GENERATE SOME GIBBERISH

If you’re the type of person who likes to get something—anything—on the page just so you don’t have to stare unblinkingly into all that white space, you may be happy to know that Word puts a couple forms of dummy text close at hand.

Should you be a fan of the classic Lorem ipsum prose, simply type =lorem(4,3) and hit Enter to get four paragraphs of Lorem ipsum at a length of three sentences each. Replace the digits in the parentheses to get however many paragraphs and sentences you need, respectively.

If you’re not a fan of Lorem ipsum, then replace lorem with rand instead—for example: =rand(4,3)—to get what appears to be documentation lifted from Word’s help file.

Quickbooks Logo

Quickbooks Logo

Quickbooks Logo

 

At quick glance, ‘expertly framed’ Quickbooks phishing email looks legit

source: scmagazine.com

Attackers impersonating Quickbooks on the Microsoft 365 platform create a sense of urgency to compel their victims to “promptly” pay fake invoices allegedly from a legitimate vendor, thereby opening them up to a future malicious act.

Such phishing attacks are growing increasingly common, according to blog post from researchers at Abnormal Security who have observed 900 “attacks in the mailboxes of over 20 different customers,” with the expectation that the rate will continue to tick upward as users flock to Quickbooks online services.

These latest attacks use spoofing to bypass traditional mail filters and gain legitimacy, sending emails that seem to originate from quickbooks@notification.intuit.com. The bad actors then prompt recipients to click on “Review and Pay,” which redirects them to http://parkburgerkuwait.com/loss[dot]php.

The attack is effective in part because the email is received on the same day the invoice is due, prompting the recipient to possibly act in haste without close scrutiny of the details. Among the red flags that may go overlooked: The suspicious landing page link or the headers that “reveal that the true sender domain is ‘airtelbroadband.in,’ which fails authentication,” said Abnormal researchers.

The bad actors have put considerable effort into creating a convincing email that Abnormal said, “is expertly framed,” using Inuit Quickbooks logos and links.

“Additionally, the email states at the bottom to check with the business owner before paying to avoid fraud, giving the recipient a false sense of security as it seems counterintuitive for an attacker to warn their target about their potentially malicious email,” the researchers said.

Don’t give your information to marketers who might pelt you with spam or even expose you to a potential hack. Use Abine Blur instead.

source: fastcompany.com

Over the summer, I came across an online store that was promising big discounts on All-Clad cookware, but with a catch: You had to hand over an email address just to see what the deals were.

This would have given me pause if not for a secret weapon: I loaded up a service called Abine Blur and generated a free “masked email” address to use instead of my real one. While the masked email would still forward messages to my actual Gmail inbox, the store would never learn my real address, and I could cut off any future emails with one click.

I started using Abine Blur about five months ago, after hearing about it from one of my newsletter readers, and it’s since become one of my most cherished privacy services. With masked email addresses, I don’t have to worry about getting spammed just because I signed up for an app, made a donation, or subscribed to some retailer’s newsletter in exchange for a coupon. I just tell Abine Blur to stop forwarding their emails, and our link is severed.

Continue reading “This Free Service Is a Genius Way to Foil Spam…”

Find out if you can meet all your needs within a 15-minute walk from your house.

source:  fastcompany.com

In a “15-minute city,” it’s possible to meet your basic needs within a 15-minute walk or bike ride. Instead of sitting in traffic during a rush-hour commute, you can work at home or walk to an office nearby. You can walk to get groceries, go to the doctor, take your kids to school, or run any other everyday errand. Housing is affordable, so a barista could live in a walkable neighborhood as easily as a lawyer. It’s a concept championed by the mayor of Paris and, more recently, pitched by a global network of cities as a tool for helping urban areas recover from the pandemic—and improve sustainability and health as people start to get more exercise while conducting their day-to-day activities.

In the U.S., car-dependent sprawl is more common. But a new tool lets you map out local services to see how close your neighborhood comes to the ideal.

 

Click here to try out the tool:

https://app.developer.here.com/15-min-city-map/

“The global pandemic has highlighted the importance of location and proximity,” says Jordan Stark, a spokesperson for Here Technologies, the location data platform that created the map. The company typically creates maps for businesses, such as delivery companies that need to route vehicles, and built the new tool to demonstrate how developers could work with its data. While the current version maps out amenities like grocery stores, transit stops, and medical care—along the lines of Walkscore, another tool—the company says it might later create an iteration that considers how far residents might have to travel to get to an office.

The map also shows how many services can be accessed by car from an address. “We wanted to show, especially in the U.S., the contrast in the accessibility between walking and driving,” Stark says. “And as you can imagine, there are a number of communities where you have all of your essential items within a 15-minute drive, but potentially less than one essential location in a walk. So it was a way to show that contrast in spatial makeup.”

While pockets of American cities are walkable now—the map tells me that my own neighborhood in Oakland qualifies as a “15-minute city”—it’s possible that more neighborhoods will move in this direction as cities begin to use it as a framework for urban planning. Seattle’s Office of Planning and Community Development is one of the latest to say that it is exploring the concept of 15-minute neighborhoods.

“We wanted to show, especially in the U.S., the contrast in the accessibility between walking and driving,”

source: wired.com

Wanna see me cut and paste a large block of text without formatting? Wanna see me do it again?

IT MAY NOT seem like a second or two would make a big difference in your workday. But seconds add up to minutes, and the momentum of being able to strike a few keys and keep typing makes an impact that’s difficult to quantify. That’s why I try to avoid using my mouse whenever possible: the more I can do without taking my hands off the keyboard, the quicker I can keep plugging away on the important stuff.

The Keyboard Shortcuts You Should Know

Let’s start with the basics: learn as many keyboard shortcuts as your brain can store. You probably know a few (Ctrl+C to copy and Ctrl+V to paste, for example), but there are dozens of others that can replace the clicks you make all day long. Here are a few I can’t live without:

8 Tips to Tighten Up Your Work From Home Network

source: https://nakedsecurity.sophos.com/

If you connect it, protect it.”

Every time you hook up a poorly-protected device to your network, you run the risk that crooks will find it, probe it, attack it, exploit it and – if things end badly – use it as a toehold to dig into your digital life.

Criminals who figure out how to commandeer a vulnerable device inside your network can use that device to map out, scan and attack your laptop – the one you’re using right now to work from home – as if they were right there beside you.

In addition, certain elements will be centered on mobile devices and tablets and aligned to the left or right on a desktop display. You can adjust the layout for each Block at three different device widths – desktop, tablet, and mobile.

work from home

“A blockquote highlights important information, which may or may not be an actual quote. It uses distinct styling to set it apart from other content on the page.”

You will find in any penetration tester’s toolbox.

Continue reading “8 Tips to Tighten Up Your Work‑From‑Home Network”

source: wired.com

GOOGLE MAPS IS used by more than a billion people every month. And those people send in more than 20 million suggested updates each day. Better directions for you, more data for Google.

There are reasons why so many people use Google Maps: It’s arguably the easiest mapping service to use and has the most up-to-date data available. But it wouldn’t be a Google product if it didn’t collect lots of data about you. This can be collected through the Maps app, but also the GPS location settings of the phone that’s always in your pocket. As a result, there’s a lot Google knows about your whereabouts.

The extent of what Google knows can be seen on your location timeline. All the little red dots shown on the map reveal where you’ve been and when. For me, it shows 461 places that I visited before I turned the location settings off at the start of 2019. (The most common: predictably, my home and WIRED’s London office.)

If you want to turn off location data you can do this through your Google account here. There are also options to auto-delete future location history every three or 18 months. This will stop Google from gathering data about your location when you’re not using its services.

You may also want to turn off web tracking and activity, as other Google services and products can gather information about your location. “Location data may be saved as part of activity on Search and Maps when your Web & App Activity setting is on, and included in your photos depending on your camera app settings,” the company says.

Location data is different from the other types of data Google gathers about you: Using mapping services without giving away your location is pretty difficult. There’s one thing you can do on your phone to limit how much data Google Maps gathers: limit when Google Maps can access your location. Through Android and iOS settings you can limit Maps’ ability to access your location to when the app is in use, rather than at all times.

A truly private maps service doesn’t really exist for every platform. But there are other options out there that don’t store and gather as much of your data or feed it back into a larger profile of you. Here are the alternatives you could consider, and we’ve highlighted where there may be potential privacy trade-offs you have to make.

OpenStreetMap

OpenStreetMap is the Wikipedia of apps—it’s built by the people who use it and all the information is open data, meaning anyone can reuse the maps for anything. It’s kept up to date by people using GPS devices, aerial photography, and other free sources of information. If you go somewhere and the map isn’t correct, then you can create an account and suggest changes.

Continue reading “The Best Privacy-Friendly Alternatives to Google Maps”

source:  cnet.com

 

You can access certain Android apps on your Windows 10 device, thanks to an update to the Your Phone app,
rolling out this week.

 

Certain Android phone users can now access Android mobile apps directly from their Windows 10 ($158 at Amazon) PC, thanks to an update to the Your Phone app that Microsoft is rolling out to the general public this week. 

The update, first announced during the Samsung Unpacked event on Aug. 5, lets you pin your favorite Android mobile apps to the Taskbar or Start menu on your Windows 10 PC for quick and easy access. The apps will open in separate windows from the Your Phone app, letting you use them basically the same way you would on your phone. With many people still working from home due to the coronavirus pandemic, the ability to access phone apps on a larger desktop or laptop screen, with a mouse, pen or touchscreen, could help with multitasking. 

What’s required to run Android apps on your Windows 10 PC?

Other than a Samsung Galaxy phone (at least for now), you’ll need a PC running the Windows 10 October 2019 Update or later. Check what version you’re running on your PC by going to Settings > Updates & Security > Check for update. (If you need to upgrade, you can still download Windows 10 for free.) 

You’ll also need the latest version of the Your Phone app, and Link to Windows. On your phone, you’ll need to be running Android 9.0 or greater, with the Link to Windows integration. 

Finally, your phone and computer must be on the same Wi-Fi network for the feature to work.

How to run Android apps on your Windows 10 PC

Once you have everything you need and your phone and computer are connected, the Your Phone app window should appear on your desktop. To open your Android apps on your desktop: 

  • Click the Apps shortcut from the menu on the left. You’ll see a list of all the apps on your phone. 
  • Click the app you want from the list, and it will open in a separate window on your PC. 

Note that not every app will work with your mouse or keyboard, but many will. 

And here are a few more tips for interacting with your mobile apps on your desktop with your mouse and keyboard, according to Microsoft

  • Single click will behave the same as any single touch/tap interaction.
  • Right click anywhere on your phone screen to navigate to the previous page.
  • Click and hold will behave the same as a tap/hold interaction.
  • Click and hold and drag to select content.
  • Mouse scroll to move between pages vertically or horizontally.

 

source: cnet.com

 

 

Privacy is now a priority among browser makers, but they may not go as far as you want in fighting pervasive ad industry trackers on the web. Here’s a look at how you can crank up your privacy settings to outsmart that online tracking.

Problems like Facebook’s Cambridge Analytica scandal have elevated privacy protection on Silicon Valley’s priority list by showing how companies compile reams of data on you as you traverse the internet. Their goal? To build a richly detailed user profile on you so that you can become the target of more accurate, clickable and thus profitable advertisements.

Apple and Google are in a war for the web, with Google pushing aggressively for an interactive web to rival native apps and Apple moving more slowly in part out of concern those new features will worsen security and be annoying for users. Privacy adds another dimension to the competition and to your browser decision.

James Martin/CNET

Apple has made privacy a top priority in all its products, including Safari. For startup Brave, privacy is a core goal, and Mozilla and Microsoft have begun touting privacy as a way to differentiate their browsers from Google’s Chrome. It’s later to the game, but Chrome engineers have begun building a “privacy sandbox” despite Google’s reliance on ad revenue.

For all of the browsers listed here, you can give yourself a privacy boost by changing the default search engine. For instance, try DuckDuckGo. Although its search results may not be as useful or deep as Google’s, DuckDuckGo is a longtime favorite among the privacy minded for its refusal to track user searches.

Other universal options that boost privacy include disabling your browser’s location tracking and search engine autocomplete features, turning off password autofills, and regularly deleting your browsing history. If you want to take your privacy to the next level, consider trying one of the virtual private networks CNET has reviewed which work with all browsers. 

Chrome

Unfortunately, the world’s most popular browser is also generally thought to be one of the least private when used straight out of the box. On the plus side, however, Chrome’s flexible and open-source underpinnings have allowed independent developers to release a slew of privacy focused extensions to shake off trackers. 

Continue reading “HOW TO IMPROVE YOUR PRIVACY IN CHROME, SAFARI, FIREFOX, EDGE & BRAVE”