No Surprises: Worst Passwords of 2014

January 21, 2015 at 11:25 pm (1Password, Applications, Productivity, security) (, , , )

Yesterday, SplashData announced its annual list of the 25 worst passwords (read: most common) on the internet. The list is compiled from over 3.3 million leaked passwords. Having worked at an Apple store for five years, the greatest offenders were no surprise to me. During those first few months at Apple, I was constantly amazed at the number of customers who used many of these top passwords.  Not surprisingly, many of these folks were hacked. The most common offenders were (are you ready for it?) “123456”,  “password”, and “qwerty”. Other commonly used passwords that are easily guessed by hackers, or by someone you know who might like to get into your account for nefarious purposes, include names (yours, your significant other, your favorite pet), favorite sports (baseball, football, golfer), favorite sports team (yankees, steelers, rangers), and favorite superhero (superman, batman). Hackers commonly use a “dictionary crack” which takes only a short time to run. If you use a word or words from the dictionary with no letters or symbols to break it up, your password can be easily guessed by the program.

Because of so much publicity surrounding data breaches this past year (Target, Home Depot, and many others), people are finally starting to pay attention and use slightly stronger passwords.  However, simply substituting numbers for some letters (3 for E, 4 for A, etc.) is really not enough anymore.  While “P4ssw0rd” is better than “password”, it is still easily guessed. It would be better to use something like “P4$$w)rd”, which is still “password”, but with substitution of numbers and symbols. Another big risk that people take is using the same password for all their sites.  If your login information was accessed during a data breach, all the hacker needs to do at that point is start using that login information for the common banks. If you reuse passwords (use the same password for your Target account that you use for your Bank of America account) then the hackers have just gotten both your Target account information and your banking information. Now do you see why reusing passwords is a bad idea? 

DilbertPasswordInstructions

Here are a few tips to make your passwords stronger: 
1.  Use a combination of upper and lower case letters, numbers, and symbols.  Most sites have a minimum length, but it can vary from 4 to 8 characters up to 14 to 18 characters or more.
2.  Do not reuse passwords. In other words, don’t use the same login information for multiple sites. 
3.  Use two-factor authentication when possible.  Many sites like Facebook, Twitter, Google, Battle.net, and others, are using this method, which is like having a security door in addition to your main door. Each time you log into the account, you are sent a code to your phone to enter after entering your initial credentials. It changes each time you login, so a hacker would have to have access to your device at the time of the login attempt in order to get the code.  
4.  Wait for it.  You know it’s coming.  Use a password manager such as 1Password for the best possible security.  Not only does 1Password store all your login information for every site you visit, but it will also generate strong passwords for you (and you can set criteria, such as length, number of characters and symbols,  etc.), and you only have to remember your master password.  The app remembers all your other passwords for you. In addition to login information and passwords, it also stores secure notes, attachments, software information (serial numbers and software keys), network information, banking info, and more.  It works across platforms, and is always in sync.  Best of all, the next time there is news of a data breach somewhere, and everyone is scrambling to change their passwords, you can sit there with a smug grin on your face knowing that you don’t have to worry about it. Do you have any tips or tricks to add?  Do you want to tell us the ‘best worst password’ you’ve used (or heard of)? Let us know in the comments. 

Advertisements

Permalink Leave a Comment

Help! I Forgot My Apple Password

December 15, 2014 at 9:09 am (1Password, Apple, Applications, How-to, iPhone/iPod Touch, security) (, , )

Back in the old days when I worked at Apple, there was hardly a day that went by when we didn’t get at least one person at the Genius Bar who had forgotten their Apple ID or Password.  They would frequently swear up one side and down the other that they knew what it was, it had always been that, and Apple was just wrong.  Uh-huh.  Right.  But, things happen, and sometimes it happens to the best of us.  Like my dad.  He is a pharmacist, one of the most intelligent men I’ve ever known.  But, bless his heart, he is not the most tech-savvy guy around.  Don’t get me wrong, he tries.  Oh, how he tries.  But, as much as I’ve tried to gently guide him and help him, I still end up going over about once a week to provide a little tech support (usually just to reset the router).

Not long ago, I was doing some routine upgrades when the box popped up for the Apple ID and Password.  I entered it, and immediately was informed that I was mistaken.  Frowning, I thought I must have entered it wrong.  I re-entered it, and got the ‘no dice’ message again.  “Dad”, I called out over the balcony, “have you changed your Apple Password without telling me?”.  He responded that he had not, so I opened my all-around favorite app, 1Password (I know, you’re shocked). I pulled up Pop’s info, only to find that the password listed was the same one I’d tried without success.  So, at this point, what to do?

There are a couple of things that one can do in this instance.  You can always contact Apple support.  This might be best for folks who are not tech-savvy.  Had I not been around and available, I would have sent Pop this route.  To get in touch with Apple’s support team for Apple ID issues, you can use this link:  https://getsupport.apple.com/Issues.do
You click a selection to let them know if your issue with your Apple ID is related to iTunes, iCloud, or “other”, where “other” includes Apple ID and password issues, as well as issues related to your security questions, game center, face time, messages, and more. When you select your issue, you’ll then be given a choice to schedule a call with Apple support.  You can call them or they will call you.  This cuts down on a long hold time for you.  A schedule is displayed, and you choose your preferred time, in fifteen minute intervals.  For instance, if I wanted to call this morning, it shows me that there are 6 appointments available between 9:45am and 11:15am.  I select the one I want, enter my contact information, then sit back and wait for them to call me.  You can call them as well, but during times of high call volume, you might have to hold for a bit.  Letting them call you is definitely the easier option.

If you have an iDevice (iPhone or iPad), you can easily recover or reset your account information.  Simply open the Settings app, then scroll to iCloud and tap it. At the top of the iCloud settings, you’ll see your name and email address.  Tap on the email address.  A box will appear for you to enter your password.  Underneath the box, tap on the blue text that says “Forgot Apple ID or Password?”  You will then have two choices:  If you don’t remember your Apple ID, tap the blue text that says “Forgot your Apple ID?”  Boxes will pop up for you to enter your name and email address to recover your Apple ID.  If you know your Apple ID but don’t remember your password, enter your email address then click “Next”. Then tap whether you want to reset your password by email or by answering your security questions. After that, you should be able to reset your password and log in to your account as usual. 

My Apple ID

You can reset your password from the “My Apple ID” site using your web browser.  Under the blue “Manage Your Apple ID” link on the right side of the page, click on the option to “Reset Your Password”.  You will have to enter your email address and correctly answer the security questions to complete the process and have your password reset. 

There is a little-known secret that allows you use your web browser to search multiple email addresses to try to find an Apple ID that you may have forgotten after changing your email from one account to another. Go to Apple’s iForgot site, enter your name, your current email address, and up to three former email addresses.  Answer the security questions to verify that you are really you. This should be enough to find your Apple ID.  You can follow the other steps to reset your password if needed.  Now you can log in as usual. 

Once you recover your Apple ID and password, please put the information into your 1Password app.  If you aren’t using it yet, there’s no better time to start.  Check it out at their 1Password website. Start using 1Password and have all your user names, passwords, login info, secure notes, and more right at your fingertips.  Best of all, you only have to remember one password (you know you wondered where the name came from) from now on.  The app remembers the rest. It’s accessible anywhere, and syncs across all your devices. Get it now, and never have to fill out another form to recover ID and password information.  Think of all the time you’ll save! 

If you have any trouble, you can always refer back to the link to get in touch with Apple’s support team.  They will help get you back on track in no time. 

Permalink Leave a Comment

1Password App Extension Coming in iOS 8

August 6, 2014 at 9:48 am (1Password, Apple, Applications, Current Events, iDevices, iPhone/iPod Touch, Productivity) (, , , )

One of the really cool things announced at Apple’s WWCD this year was the addition of app extensions for iOS 8 (iOS is the operating system that runs our iDevices).  When you log in to an app on an iDevice, you have to do the copy and paste dance of going to 1Password (or your notes or wherever you have your login info), go back and forth between the screens a couple of times, until you submit the info and successfully log in to the app…unless you use the same password for everything, but you don’t do that, right?  Because that’s just wrong, and setting yourself up for a world of hurt.  So, the announcement about app extensions was fantastic!  Because now, you won’t have to do that do-si-do anymore.  There is a short video at 1Password’s blog where you can get a look at the coolness of it.  More info will be coming soon, but I can’t wait for this feature.  Be sure to let your favorite app developers know that you want them to use the 1Password extension with their apps. 

Permalink Leave a Comment

Where do you keep your Passwords? No More Sticky Notes!

June 8, 2014 at 11:31 am (1Password, Apple, Applications, Current Events, iDevices, iPhone/iPod Touch, Productivity, Products, shareware) (, , , , )

I realize I’ve been hyping the fantastic 1Password app quite a bit lately.  There’s a good reason for that.  It’s the best.  If you care anything about your data, you owe it to yourself to protect it.  That means using 1Password. 

 

Friends frequently ask me what 1Password is, what it does, why they need it, and many other questions.  I’d gotten my “elevator spiel” down to about a minute or so, but I was afraid of being inconsistent, or leaving out something important, (especially with all the new features added recently), or just freezing up (it happens sometimes). But, now there is something even better. 


Now there is a real video, complete with snazzy soundtrack, that can be clicked and watched again and again. Keep watching until you realize that you cannot go another minute without the muscle that 1Password provides.   

 

Enjoy this brief video, then head on over to 1Password and pick up a copy today.  


Permalink Leave a Comment

Apple iDevices Held for Ransom Down Under: Don’t Reuse Those Passwords, Mate

May 29, 2014 at 2:13 pm (1Password, Apple, Applications, Current Events, iDevices, iPhone/iPod Touch) (, , , )

Something interesting happened in Australia recently when Mac, iPhone, and iPad users were hacked using Apple’s Find My iPhone feature to lock devices and send ransom messages to the owners. They demanded a $50 “unlock fee” to be paid via PayPal payment from the owners. 

 

While it wasn’t immediately evident how these hackers gained access to the devices, it was soon ascertained that they obtained the information from a data breach. Because many people reuse passwords, it is likely that the hackers found people who used the same passwords for the accounts from the data breach and their Apple ID, which then allowed them control of  the iDevices. 

 

Apple made a brief statement to let people know that iCloud was not compromised.  They also advised those affected to change their passwords. They can also go to their local Apple store or call Apple Care if they need additional assistance. 

 

This reinforces the sensibility of utilizing two-step authentication whenever possible, and reminds users to never reuse the same password across accounts. It also reiterates the need to use a good password manager such as 1Password to create strong passwords for all your accounts. Until next time, be safe with those passwords folks. Friends don’t let friends reuse passwords.  


Permalink Leave a Comment

Start Your New Year with Day One

January 1, 2014 at 6:43 pm (Applications, iDevices, iPhone/iPod Touch, Personal, Productivity, shareware, writing) (, , , , , )

Happy New Year!  Another year beginning, another year ending, resolutions to make, resolutions to break.  I’m not being pessimistic, just realistic.  In the past couple of weeks with the old winding down and getting ready to give way to the new, I’ve had several friends ask me if I still journal, and if so, what app I use.  

I have always jotted down thoughts here and there, since I was a kid and got my “First Diary”.  You remember those, right?  They were little books with a cardboard flap and a couple of flimsy keys that anyone with a pair of scissors or a paperclip could get into; but we were young, so we thought it was locked up tight.  But, how things have changed.  Well, sort of.  They still make those for the kiddies, but our adult selections are so much better.  Most of the ones you actually write in no longer have locks, and are made of leather, pleather, vinyl, card stock, etc. and can be found ruled, as a grid, or blank.   

Day One Icon

But, for those who have transitioned to the digital world, (wait for it…), there’s an app for that. (You had to know it was coming). Actually, there are a lot of apps for that now, and quite a few good choices. But the one that has won my heart is the award-winning Day One.  It is a truly wonderful app for Mac, and there is a universal companion app, which is an excellent standalone app in its own right, for the iPhone and iPad. 

It is incredibly easy to get started, and you won’t even have to read any how-to guides to get up and running.  Their tag line is “Record life as you live it”, and the app’s design makes it easy to do just that. The interface is simple, clean, and minimalistic. Data that is automatically entered includes date and time, location, weather, photo EXIF, activity (walking, biking, running), and music playing. There is tagging and Markdown support, as well as customized reminders that you can set to be sent daily or weekly at certain times. The app really shines with its organizational abilities, as you can view past entries using the calendar, maps, photos, timeline, and more. Day One’s Mac version has a nifty little Menu Bar quick entry feature where you can (just like it sounds) make an entry right from the Menu Bar without opening the application. That’s great for a quick notation, or even a longer one when you’re not attaching a photo. Automatic backups keep your data safe as well.

Your entries can be synced from your Mac to and across your iDevices using iCloud or Dropbox.  I will say that I tried to use iCloud, and I really wanted to use it to save my rapidly filling Dropbox space.  But, I kept having issues with it, and in the end, it was just easier to disable iCloud syncing and go with Dropbox.  I haven’t had the first issue since the switch.  

Entries can be shared by emailing to friends and family or posting to social media sites such as Twitter and Facebook. Day One also creates individual webpages at dayone.me for any entires you want to publish. I’ve seen examples of it used for almost anything you can imagine, for typical writing and journaling, for research, for reviewing books, movies, and other media, as a work journal and timekeeper, as a travel and mileage log, as a prayer book and inspirational guide, and much more. 

I must say that it is a joy to use Day One.  I use it for jotting quick notes about events or captioning a photo, as well as making more personal longer entries or capturing special events. I’ve also been using it to log geocaching adventures, as well as ideas for my own devious geocaches to hide.  Give it a try and let me know what you think.  

You can get more information about Day One at its website here.  The Desktop version for Mac is available thru the Mac App Store for $9.99 and the Universal version for iPhone, iPad, and iPod Touch is $4.99. Now go jot down all your resolutions, then use Day One to write about them. Once you start using it, you’ll be likely to continue.  Enjoy!

Permalink Leave a Comment

Tips and Tricks: Some (Slightly Snarky) Google Help

December 23, 2012 at 12:40 am (Apple, Applications, How-to, Humor) (, , , )

Most of you guys know what it’s like to have family members always calling you with mundane questions about things.  They are usually along the lines of “How to I…..” or “I can’t figure out how to …..”.  Frequently, these involve their remote, computer, printer, iDevice, and so on.  They’ve obviously never heard of Google, or any other search engine since the days of AOL.  How many of you have a t-shirt (or want one) that says, “No, I will not fix your computer”? So, you know what I mean, right?

Folks always seem to call at the most inopportune times.  Do you help them with their issue, or tell them to look it up themselves?  Well, some slightly exasperated developers at Google have helped us out with this conundrum. LMGTFY to the rescue. “Let Me Google That For You” is a nifty little assistant that lets you show someone else how to use Google.  So, rather than outright telling them to look it up for themselves, you can let Google be the smart@ss and tell them to look it up for themselves. 😉 Nifty, no?

LMGTFY Stickers 1

Here’s how it works:

Go to www.lmgtfy.com.  There’s a box below the search box that says “Type a question, click a button”. Type in your query and submit. It then creates a link and the box tells you to “share the link below”. You can copy and paste it for sharing,  or shorten it or preview if you like. The resulting animation shows you typing the query into the box, shows Google’s search results, then the box says, “Was that so hard?”.  Gotta love it.

Here’s an example.  I searched for “LMGTFY”.  Here’s the results:

http://lmgtfy.com/?q=LMGTFY

Give it a shot and see what you think.  Of course, what they do once they get results is another story.  Good luck!

Permalink Leave a Comment

Try Clarify for quick “how to” instructions

August 22, 2011 at 4:06 pm (Apple, Applications, How-to, Productivity, shareware) (, , , )

There’s a new kid in town to make life easier when you get emails, texts, and phone calls from friends and family asking, “Hey, can you tell me how to do (task of the day) real quick?”.  It’s an application called Clarify from Blue Mango Software. You might be familiar with them for their terrific ScreenSteps application that’s been around for a few years and is invaluable for those who write technical instructions, software manuals, and the like.

Clarify is like a lighter version of ScreenSteps. In fact, the process is very similar, so anyone who has used ScreenSteps will be able to use it right out of the gate, and those who aren’t accustomed to it will be able to use it in mere minutes. It’s that easy and intuitive.

Blue Mango says they streamlined the application to be more of a screen capture tool and is primarily for “reducing round trip emails”. Rather than having to send multiple emails back and forth to re-explain, or clarify, your instructions, you can easily do it in just one email using this software.

I did a quick “How to create a how-to using Clarify” in about 2 minutes.

The following is what the user interface looks like within the software while you’re creating your document.

CreateHowToThis next screenshot is what the finished product looks like on the Clarify-it.com sharing site, where you will send folks to view the how-to information. It looks very nice and polished. It can also be exported as a pdf file.

FinishedProductThere is a free public beta available now so you can try it out. The price will be $29.99 when the application is released. It’s available here: http://www.bluemangolearning.com/clarify/ .  Give it a go then leave a comment and let me know what you think about it.  What other methods do you use for this type of communication? Email? Skitch? Something else? Let’s hear your ideas below.

Permalink Leave a Comment

You’ve Purchased HOW Many Apps???

June 18, 2011 at 1:45 am (Apple, Applications, Humor, iDevices, iPhone/iPod Touch, shareware) (, , , , , )

I stumbled across this Mac application recently after seeing one of my friends, @chartier, tweet about it and thought I’d share it with you so we can all be staggering around in disbelief at the sheer number of apps that we have purchased (and how much we’ve spent on them!). I’d been trying to find a program like this after a friend and I were discussing how many apps we’d purchased for our iDevices. After seeing David’s tweet, I decided to download it and give it a go.

The application, by WetFish Software, is called App Store Expense Monitor. It’s a free app (donations accepted).  It’s just a straightforward zip file for your Mac. Run it, and the program finds all the apps in your iTunes Mobile Applications folder. It tells you the App, Developer, Category, and Price of the apps you’ve downloaded.

AppStoreExpensesInfo

It shows the current price of the app, although you can edit the price to reflect what you actually paid for it — good for those that might have been free or that even (gasp!) cost more when you purchased it than they do now.

It can be exported as a CSV or XML file.  I did have to change the path so my Mobile Apps folder could be located, as it wasn’t quite in the standard spot. However, this was easy enough to do, as it just involved choosing the desired path and selecting it in the options.

Try it and see what you think.  You can download from their website here:  http://wetfish.de/software/osx/app-store-expense-monitor/ . I have 342 apps totaling $593.57.  Leave me a comment below and let’s compare purchases.

Permalink Leave a Comment

Get Your Cache On

April 28, 2011 at 11:06 am (Apple, Applications, Geocaching, iDevices, iPhone/iPod Touch) (, , )

Geocache

We’ve been having some nice weather this spring, and that can only mean one thing….geocaching!  Although fall is by far my favorite time for  geocaching, spring is a great time as well. It’s getting warmer, but the pesky mosquitoes, ticks, no-see-ums, and other undesirables (can you say  snakes?) haven’t come out enough to put a damper on things yet. We had a few great finds in San Francisco a few months back, and I’m still  looking for just the right place to drop off a couple of trackables that we picked up in the city by the bay. I’ve also been scouting around for some  good hiding places. It’s really no fun to be able to just walk right up to a cache…it’s a lot more fun if there’s at least a little bit of a challenge  involved.

For those who think a “real” GPS is needed, I can honestly say that my iPhone 3GS with Groundspeak’s official Geocaching app  (http://www.geocaching.com/iphone/default.aspx) has been nothing  short of amazing.  They have added some splendid updates to this app over the past several months, and it is truly all you need. Granted, if you  get way out in the boonies, you’ll probably have a hard time getting a signal. In those circumstances, maybe a dedicated GPS would be better. But, being mildly disabled, I’m not able to hike the rough terrain as I once could, so those areas are usually off-limits to me. I’ve used the Magellan GC with okay results, but I still prefer my iPhone. I can do everything I need to do right from the app, including posting photos and field notes, viewing maps (Google Earth street view, topography maps, and satellite views), recent logs, and more.

One of my favorite features is the simulated compass arrow that lets you know when you’re closing in on your find. You can just feel the adrenaline rush when it goes from 100 feet to 50 feet to 20 feet, then you engage your senses and start looking for the treasure. A couple of my favorite finds have included a small cannister attached to a piece of rebar that was stuck down inside a yellow concrete parking lot post, a test tube container hanging from a tree branch, and a piece of cable secured to a utility pole that contained a log when you unscrewed the coaxial cable connector. The “in plain sight” award goes to a modern sculpture at a local university that had a large ammo can sitting atop the same-color sculpture. If you didn’t know what you were looking for, you would easily miss it.

Geocaching is a great activity for young, old (but young at heart), and everyone in-between. It gets you outside, makes you think, and can be done alone or with others. So, get up, get out, and start hunting. Be sure to let me know in the comments what your favorite types of cache are, and what type of device you prefer. Happy Hunting!

Permalink Leave a Comment

Next page »