Managing complex passwords

So I was recently silly enough to suggest that people have a unique complex password for each website and account that they have. Since making this recommendation, a number of people have asked me, ‘how on earth do you remember that lot?’

So, here is a potential solution to this little problem…
Firstly, select and memorise a complex password that contains upper and lowercase letters, numbers and symbols. Right, so you’re going to find it difficult to remember S5£amzB92!. So you need to come up with a memorable solution and there are a number of ways to do this.
One way is to simply pick a word, stick a capital letter on the front, a number on the end and a final number. It kind of works, but ‘Password1#‘ doesn’t really cut it. So the next evolution is to start changing things around a little. For example, swapping numbers for letters, like a 0 for an o. This gives us Passw0rd.
Next we need to introduce a symbol. So how about Pa$$w0rd.
Now we need to make it unique. This can be the the tricky bit, but how about using something from the website you are accessing, for example the two letters, and putting them on the front of your password. This might give us a Google password of goPa$$w0rd, or a Yahoo password of yaPa$$w0rd.
All of a sudden, we have a complex and unique password that is easy to remember.
OK, so you might want to give a little more thought to the original basic word. Another method is to take a passage of text and use the first letter from each word. For example, there’s a famous song called, “With a Little Help from My Friends (Beatles)”, so this might give us ‘walhfmf(b)‘. Change the l for a 1 and you have your easy to remember base password… wa1hfmf(b).

OK, so it’s not exactly straight forward, but it is slightly more secure than using the name of your favourite pet for every site you have ever visited.

The Internet: Where’s your data?

It is widely known the Internet is a global resource operating everywhere, in our homes, schools, workplaces and our pockets. In fact, it can be accessed from almost every place on earth – and even locations further out into space. But what about the data being accessed? Where is that stored and who is accessing it.

When looking at this, the results are interesting.

Let’s start by investigating the users. Who they are and where they are. The world’s population is now centric towards the East in locations such as India and China, with the Western world a bit behind. This is confirmed online also with China represented by about 568 million Internet users from a population of 1.3bn, and India represented by 153 million users from a population of 1.2bn. These highly populated ‘developing’ countries have had a massive uptake on Internet usage, but they still have a way to go. On the other side of the coin however, the USA has 255m Internet users from a population of 316 million.

From this it is clear the majority of web use is in the Far East. So what are they all doing? Where is the data that they all consume each and every day?

Well, this is where it gets very interesting.

Brazil (yes Brazil) has the third largest number of Internet hosts, with 26 million. In second place is Japan with 64 million hosts. However, leading the pack by a country mile is our old friends the USA with a whopping 505 million Internet hosts. That’s more hosts, providing services to the internet than the USA has people.

This clearly shows that the USA is still very much at the forefront of web services. I don’t know for sure, but I would estimate that most of these hosts are owned by companies located in Northern California.

So what does all this mean. Well, put simply – I have absolutely no idea – other than:

  • Yes, it’s an interesting fact.
  •  Yes, the USA is still the Daddy. If you make the link between web hosting and innovation, the bulk of the web is still being developed by our friends in San Francisco Bay area.
  • The bulk of consumers are from the Far East and they are consuming services from the USA.

So, does it really matter? Well I think it does in the long-term. Countries, companies and consumers are increasingly nervous about data being stored in other countries. Whether they are worried about other governments ‘having a peak’ or issues relating to the export of data.

People increasingly want their data stored in their own country. Blackberry have suffered problems with this issue in the past when their storage of BBM data caused large scale problems in the UAE, Saudi Arabia and India, with some counties blocking all users from using BBM in protest.

This is an increasingly important consideration for our education customers. As schools look at using web hosted teaching and administration solutions, they are thinking about where their data will actually be stored.

The good news is that providers are getting smart to this, with several providers now ‘guaranteeing’ that their data will be stored in a certain region and not others. Microsoft, for example, are transparent in where Office 365 data is stored and will ensure that is stays in a region that is appropriate to you. For information, UK customers have their data stored in the EU and the backup data centres are based in Holland and Ireland.

Staying Safe On-Line

We all do loads of ‘stuff’ on-line, we book holidays, read the news, chat to our friends and even buy our groceries. Sadly, it also seems that every day there is another online company gets hacked and compromising it’s customer’s username and passwords.

So what’s the answer, should we just stop using the web? Well realistically, that just isn’t going to happen is it, especially as the Internet is cram packed full of educational tools and resources. internet use in schools is on the up and whilst there are mechanisms in place to protect users from the obvious, there will always be potential threats on the internet.

The following is my top tips to a safe on-line life:

Dodgy emails

Responding or opening emails from people you don’t know is always a risk. Be very careful with emails offering you something free, or emails that want you to click a link. Never respond to an email from your bank asking you to re-validate your user-name, password or bank details. If a bank sends you an email, they normally have a security validation with in the email, for example they will tell you the last part of your postcode in the email (something that can not be faked).

There is a whole range of what I call the ‘zip file emails’. These emails appear to be from people you mitt just deal with, such as Fedex, the Inland Revenue or your bank. They all have a zip file attached. Sadly, opening the zip file will likely bring yo a word of pain.

Use your instinct, if an email looks dodgy then it probably is. Just delete it.

‘Keep me signed in’

We all click the button on login to a site to ‘keep me logged in’, with so many passwords these days it just makes our life so easy. Never, ever, click this button on a shared PC, for example a PC in a classroom or library. Only use this function on your own PC – and even then, just think about the data that on the site.

It wouldn’t be great if some else sat at a PC after you and revisited the sites you were on… as you? Imagine what they could do on your Facebook account, or worse.

Keep your software up to date

Many internet threats exploit weaknesses or holes in software coding. Software vendors continually update their software to keep it secure, so make sure you keep ‘auto-update’ enabled. It might be a bit of a pain to re-boot your PC when Microsoft send you a security patch, but it will keep you safe – so just do it. It’s also important to make sure your virus signatures are up-to date, so once again keep them up-to date.

Naughty Content

If you went to a large city on holiday, there would be areas you would avoid. You would stick to the respectable areas and avoid the less-desirable parts. Guess what, the web is just the same! As soon as you go looking for free software, downloading music or movies or other porn you are entering the Internet’s Ghetto. A place where any website you visit may contain a hidden surprise such as a virus or a trojan. My best advice, stay away.

Clearly, our Internet solutions include a robust content filtering solution to manage this situation, but users with mobile devices will always use the internet away from the site.

Don’t give your Bank details away

Easier said than done, especially when you are shopping. However, once again try to stick to respectable sites. One tip is to use paypal, or a similar payment site. Using a payment site means that the end supplier never has your card details, just giving you that added level of protection.

Connecting to ‘Free Internet’ Connections

If you’re out and about with your laptop and looking to connect to the web, be careful of free wi-fi solutions. Connections with a wireless name such as ‘free internet’ should be approached with caution.

There will always be threats out there and it’s very difficult to be 100% safe, but thinking about the above and acting upon potential risks will help keep your web-world safe.

Fibre connectivity reaches 1.4Tbps

British Scientists working with Alcatel-Lucent and BT have broken a new record for data transmission. The test was between the BT tower in London and BT’s research center in Suffolk.

Using a fibre link, which used existing fibre infrastructure, data rates reached a speed of 1.4 terabits per second. That’s enough to download 44 full length, high definition movies in just 1 second.

It will be some time before we see anything like this in our homes or workplaces, with most of our customers currently enjoying between 50 and 100mbps internet connectivity.

Second Hand Personal Data

A survey by the ICO discovered that over 10% of second hand computers contained personal information.
Researchers purchased second-hand computers online and were staggered by the number of computers that contained personal information, emails and pre-saved internet passwords. What’s more, some held enough personal data so as to allow identity theft.
PCs store all sorts of stuff these days, in addition to your photos and documents there’s your email (and it’s settings), your browsing history and probably a while bunch of passwords held in cookies or the browser’s keyring.
As such, the advice from everywhere is clear, when you decide to dispose of a computer make sure you delete all your data, and delete it properly. If you’re not exactly sure how to do this, here are a few pointers…
The first, simplest and most enjoyable, method is to physically ensure your data can’t be used. For most PCs this means removing the hard drive and having a few minutes of destructive fun with some screwdrivers and a big hammer. Don’t get carried away though, you only need to remove the hard drive, so the rest can still be sold – albeit at a lower price with your worries in tact. If you want to sell the full computer, or give it away a member of the family or a friend then distraction is not a good option, unless you buy a new drive.
Completely wiping the drive comes in a good second. With this method a software programme is used to fill every data storing part of the drive with guff data. One programme that I have previously used fills the drive with ’1′s, then ’0′s and then repeats this cycle 3 times. For larger drives, this will take an eternity but it does work and will certainly erase your data. ‘Boot and Nuke’ and ‘kill disk’ are popular software tools for wiping disks, but there are many out there. Some are free and some not.
If you are determined and don’t think you have the skill yourself, then there are specialist (and non-specialist) companies that can undertake the task for you. However, it does mean giving your drive to someone – which may introduce another risk. So it would probably be easier and cheaper to destroy the drive and buy a new one.
If you are selling or giving the PC away, you will need to re-install the operating system. So go hunt the original media you received or created when you get the PC.
Oh, and without teaching granny to suck eggs, don’t forget too back up or transfer your data first…