When it comes to passwords, we all deal with them somehow. We have to because passwords are just about everywhere these days. Whether you have yours on a spreadsheet on your PC, or written on a piece of paper (or lots of little sticky pieces of yellow paper), or you have that one super password you use on every site, or you have a few favorite passwords and mix in a resend password on the sites you don’t visit much, you are managing your passwords somehow.

sp_hacker-who-are-you-protecting-yourself-from

So, what’s the problem, different strokes for different folks, right? Actually, not really.

Security depends on personal habits and using tools to protect yourself from actual threats.

The stress is on using the tools, and using them correctly.

I suppose it’s tempting, if the only tool you have is a hammer, to treat everything as if it were a nail.

Abraham Maslow (you know, that guy who’s famous for his hierarchy of needs)

Not all dangers can be treated the same way. When it comes to your passwords, are you using the right tool for the job? Let’s take a look at some of the threats that people tell us they worry about.

  • A geeky teenager at his computer terminal playing FPS (first person shooter) video games late into the night while hacking into his neighbors’ bank accounts.
  • Gangs of scary men in faraway countries who bombard people around the world with phishing emails full of amazingly beloved offers, unexpected bank notices, and bad grammar.
  • Crews of super high tech bad guys (like in the movies) running banks of powerful computers that hack governments of countries, and corporations around the world.
  • Family members, neighbors or friends who see something they shouldn’t even be looking at while visiting your home, because they’re nosy or because you forgot to put something away before they dropped by.

All of the above are actual threats, but are ad hoc password methods in the opening paragraph going to protect you?

  • There are kids out there trying to hack into the accounts of neighbors, teachers, and friends. One thing these local hackers have in their favor (in a bad way for you) is that they know their targets. They know the name of the neighbor’s dog, and other personal information that people often use as passwords. That gives them a leg up when trying to break-in to your email account.
  • The bad guys – and gals, too! – with bad grammar are still out there bombarding us with phishing attempts. If you are entering the data they ask for after clicking on a link in an email, you’re at risk of a phishing attack.
  • High tech means lots of computing power. This level of technology gives them the capability to simultaneously launch targeted attacks on high-value targets, as well as broad attacks on millions of people around the world. For them, everyone is a target. No one is under the radar. When it comes to cyber stealing, the bad guys’ motto is “every bit counts.”

Think about it: it’s really hard to break into government and corporate websites and security systems, so, if you’re a bad guy, you’re going to go for all the little fish you can while trying to catch the once-in-lifetime corporate or government whale.

  • People you know who are in your home usually don’t have any bad intentions of snooping around, but they might not be able to help themselves if the opportunity comes up – like seeing a list of logins and passwords on your desktop, or finding out something personal in an email you left open on your PC when you left the room.

A password manager like Sticky Password is your best chance of protecting yourself from all these threats and more. You get the benefit of long-and-strong unique passwords for all of your accounts that security experts say is a key way that they protect themselves. And, a password manager gives you encrypted storage of not only your passwords, but even personal data like credit card info.

With auto form filling and anti-phishing protection, you’ll always enter the right login and password, and only on the correct website! That’s one less worry to have the next time you get a suspicious email from your bank that says “click here to enter your password because we’d like to check it!

National Cyber Security Awareness Month (October)

It’s already November, but for one more Thursday, it’s still National Cyber Security Awareness Month.

Awareness is a critical part of the learning process. Awareness is the ability to recognize the circumstances of a situation so that you know what to do. Awareness is like the deliberate practice that we’re familiar with in sports (muscle memory), cooking, self-defense and other areas of our lives. Awareness is that voice in the back of your head that raises a flag that something isn’t quite right. Awareness is being able to react reflexively when something’s wrong instead of having to think about it. We’re fans of StaySafeOnline.org and StopThinkConnect.org for all they do to raise awareness of #cybersecurity.

The team at StopThinkConnect.org hosted another #ChatSTC on the topic of Building Cyber Resilience in Critical Infrastructure.

#ChatSTC Twitter Chat: Building Cyber Resilience in Critical Infrastructure