Daily Cup of Tech

As any SEO marketer will tell you, your personal brand is critical.  If someone else is using it, it can be a huge issue that can cause you money or, even worse, your reputation.

One way of checking to see if someone is infringing on your brand is to check whether or not your username/screen name is being used by someone else.  Dialusername will allow you to check your username on all of the following social media sites in one fell swoop:

• Digg
• Gmail
• Uservoice
• Xing
• Yahoo
• Yotify
• 12seconds
• Behance
• Blogger
• Brightkite
• Colourlovers
• Corkd
• Dailymotion
• Delicious
• Diigo
• Disqus
• Ebay
• Etsy
• Favtape
• Ffffound
• Flickr
• Friendfeed
• Funnyordie
• Hellotxt
• Hexday
• Identica
• Ilike
• ILikeTotallyLoveIt
• Imageshack
• Isfingawesome
• Jaiku
• Koornk
• Kwippy
• Lastfm
• Linkedin
• Livejournal
• Magnolia
• Meemi
• Mixx
• Multiply
• Myspace
• Odeo
• Pandora
• Picasa
• Plurk
• Posterous
• Pownce
• Rejaw
• Smugmug
• Soundcloud
• Steam
• Stumbleupon
• Technorati
• Tinyurl
• Tipd
• Tipjoy
• Tumblr
• Twitter
• Typepad
• Ustream
• Vimeo
• Virb
• Visualizeus
• Vox
• Wakoopa
• Wordpress
• Youtube
• Zooomr

All you need to do is enter your preferred username and click on the check button to see if your username is available or being used by someone else.

Trackback link - http://www.dailycupoftech.com/2009/03/23/check-to-see-if-you-are-being-impersonated/trackback/

According to Microsoft, these are the ten laws of IT security:

• Law #1: If a bad guy can persuade you to run his program on your
  computer, it’s not your computer anymore
• Law #2: If a bad guy can alter the operating system on your
  computer, it’s not your computer anymore
• Law #3: If a bad guy has unrestricted physical access to your
  computer, it’s not your computer anymore
• Law #4: If you allow a bad guy to upload programs to your website,
  it’s not your website any more
• Law
  #5: Weak passwords trump strong security
• Law #6: A computer is only as secure as the administrator is
  trustworthy
• Law #7: Encrypted data
  is only as secure as the decryption key
• Law #8: An out of date virus scanner is only marginally better than
  no virus scanner at all
• Law #9:
  Absolute anonymity isn’t practical, in real life or on the Web
• Law #10: Technology is not a panacea

I have to admit, these are all pretty rock solid.  What would you add as law of security?  Put it in the comments.

Trackback link - http://www.dailycupoftech.com/2009/03/15/ten-laws-of-it-security/trackback/

I’ve been on people’s cases lately about having strong passwords.  There are really two issues related to strong passwords:

1. Creating strong passwords
2. Preventing strong passwords from becoming weak

What Makes Passwords Weak?

Let’s start by looking at what makes passwords weak. Then, we can strengthen passwords by avoiding these issues.

Common Dictionary Words

If a word is in the dictionary (including those in other languages) then chances are it is in a brute force attack dictionary.  This means that it is really just a matter of time before your password is hacked.

This also includes variations of dictionary words:

• reversed words (e.g. drowssap)
• mixed capitalization (e.g. PaSsWoRd)
• character/symbol replacement (e.g. pa$$word)
• removed vowels (e.g. psswrd)

Based on Common Names

Common names are, just that, common.  This makes them easily guessable.  So, “bobpassword” is probably not a good idea.

Based on User/Account Name

Let’s say you have a user name of “username1234″.  I would not suggest using any of the following passwords:

• password1234
• username12345
• username5678
• user1234name

Too Short

If your password is under seven characters, it is not long enough.  ‘Nuff said.

Based on Keyboard Patterns

A password that is just a series of keystrokes along the keyboard is probably not the best idea for a password.  Check out some of these passwords on your keyboard and you will quickly see why they are bad news:

• qwerty
• 1qaz2wsx3edc
• 0-p[l;,.
• !@#$1234
• z,alqp1-

Only Use One Symbol Type

It is really tempting to create a password that is all letters.  Let’s face it, this is how we are wired!  But, it also greatly limits the number of possible passwords.  For example, if you have a seven character password made up of only lower case letters, there are 8,031,810,176 possible passwords.  But, if you add in uppercase letters, numbers, and punctuation characters, there are suddenly 64,847,759,419,264 potential passwords, making the password significantly more difficult to discover!

Difficult to Remember

I am going to give you one password that would be practically impossible to crack!  Ready?  Here it is:

\Oj?Ix4MH%xy}5xTpu@+NkMZ2)C09IE:Rrr}6E7;$::]aH|YH8`]U38%cHUe\lL|w?D6ms:T.mT9L”YV0$#843Rl-$xkA9JQV|Z7-eG]”T+O&glxb]{xW9*D^5′f.}4x[(;b}_bEXQQ;y<”VcY:FVah1,Q%’Cv=h8Ktq~=?~’7Bgt6c}w)n&mtPyUJfiXy”3R>J5″ZD2clmW?@D$T0″eL#’v09X({MVc(c!>{k4N[@’;`CA0oK5$3N{)apz*l’A;lbRpu^eiI06T_5″|%>XfBiyKYpVcvq4p”EL<(\W8wNP,54SIg27Ub|wJ”%#NOt*{0_RHeYZ,+AJ)~XsyppsJ)B|P/\xi’IGX^2[.6

Now, all you need to do is memorize it and you are set!

I can guarantee you that nobody will ever use this as their password!  It is simply way too long!  If you can’t memorize a password, then it is as good as useless!

Strong Password Characteristics

So, now that we know what makes a weak password, how do we make a strong password?

Strong passwords should all have the following characteristics:

• contain at least one of each of the following:

1. digit (0..9)
2. letter (a..Z)
3. punctuation symbol (e.g., !)
4. control character (e.g., ^s, Ctrl-s)

• are based on a verse (e.g., passphrase) from an obscure work where the password is formed from the characters in the verse. e.g., “Iafyd$,t,ta!” is derived from the phrase “If at first you don’t succeed, try, try again!“
• are easily remembered by you but very difficult (preferably impossible) for others to guess

Making Strong Passwords Weak

Even if you have a strong password, there are a number of things that many people do to make it less effective:

1. Recycling passwords.  Do not use the same password over and over again when you need to change it.
2. Recording passwords.  As tempting as it may be, putting your password on a sticky note on the side of your monitor is a definite no-no.
3. Using The Same Password On Multiple Systems.  Almost everyone is guilty of doing this.  You come up with a great password and then proceed to use it for your e-mail, computer account, Facebook, etc. password.  While this makes it really easy to remember the password, if someone figures it out, then they have access to everything!

Password Creation Worksheet

As a way to make your life easier, I have created a worksheet that you can download and print off that will help you to create a strong password.  I have also included a completed example.  I strongly recommend that you print a number of these worksheets out and have them handy the next time that you need to create a password.

If you are looking for a good starting phrase, may I suggest a nice, long quote from your favorite movie?

Related articles:

• Tonyvirtual: How tough do you think your password is?
• How Long Does it take for an Home Computer to Break your Password
• Cracking Passwords Test
• Password Management/Generators And Tips
• Dictionary Attacks 101
• Passwords: Most People Do It Wrong

Trackback link - http://www.dailycupoftech.com/2009/02/17/creating-and-keeping-strong-passwords/trackback/

I am not in the practice of posting broadcast e-mails that I receive from well-meaning friends and family but I did receive one from my mother today that I thought was interesting. These are three examples of how people had their credit card information stolen. I realize that these could very well be urban myths and I can not verify if these actually happened but they do convey a very important message: Be paranoid about your credit cards!

Here are the stories and some online resources to help you protect yourself from identity theft:
Read the rest of the story…

Trackback link - http://www.dailycupoftech.com/2007/04/27/stories-of-identity-theft/trackback/