Blog Category


Security Mistakes

When COVID-19 was first discovered in 2019, most people thought their lives would remain unaffected by the outbreak, which eventually turned into a pandemic. Fast-forward to 2021 and most people that could work from home are doing so, and it is staying for the long haul.

The perks of working from home are numerous. You can roll out of bed in your pj’s and still make it on time for the Monday 9 am meeting. Having the comfort of your own home, avoiding the commute, saving money on those office lunches because you forgot your packed lunch…. I could go on. It’s not all perks though, as there are always thieves and scammers on the lookout and with most workers using their own devices and laptops, cybersecurity could range from financially devastating to easily avoidable.

Google Advanced Protection Program

We've recently heard that about a half-billion Facebook accounts were breached, and posted on hacker's forum for anyone to grab. We often hear the world's largest companies were hacked, and our personal data are leaked. A website like HaveIBeenPwned search data breaches, and tells you if your email or phone number has been pwned. It's not your fault that your personal data has been breached, but you'll be the next victim of identity theft if you don't protect yourself.

What is Webauthn?

Webauthn

We are accustomed to username and password pair to protect our accounts whether that is a computer, bank account, smartphone, or personal email. We also know that password is not the most secure authentication method available today, and there are so many hacks and data breaches that threaten our security. Learn how WebAuthn can enhance your online security.

Wi-fi Password

We've learned that SSID is the network name, and we use this name to know which wireless network we're connecting to. If you've established a connection previously, your computers and smart devices have saved the password in some location for later use. Next time you need a wireless connection, the device will automatically connect to the network it has connected to before. If you can't recall the WiFi password of your router, there are ways to find the password as they are stored in your Windows, macOS, and smartphones.

Brute Force Attack

Burte force attack is a method used to guess username and password combination continuously until the valid login is discovered. Hackers use password cracking software to guess all possible passwords for a known username to gain access to the target system.

What is a YubiKey?

YubiKey 2FA Dongle

The YubiKey is a hardware device that generates passcodes for 2-factor authentication (2FA). It is not a password manager and does not store username/password pairs for your online accounts. It is a pure 2FA device that generates HMAC-based One Time Passwords (HOTP) and Time-based One Time Passwords (TOTP) that you can plug (or NFC) into your smart device. The YubiKey is recognized as a human interface device (HID) and delivers password as if the keystrokes are coming from a keyboard.

What is Microsoft Autofill?

Autofill

Microsoft lagging behind Google and Apple on browser war, and also fell behind on the password manager debut. Microsoft finally completed its password manager beta testing, and officially released Autofill password manager that utilizes Microsoft Authenticator. This is good news for Edge users, but Chrome users on the Mac, Windows, iOS, and Android can also benefit from it. We all know creating strong passwords for online accounts is a hassle, and remembering them is even worse. More free tools like Autofill will help online users from steering away from using weak passwords and reusing the same password for multiple accounts.

What is Google Password Manager?

Google Password Manager

Google password manager is built into the Chrome web browser, and it interacts with the web forms automatically if you're using the Chrome browser. The first time you submit a login form, the Chrome browser will prompt if you want to store the username and password pair in a vault on your computer, and whether you want to sync them to the cloud on your Google account. The next time you visit the same site, once you enter the username portion of the form Google Chrome will auto-populate the password field. If you sync your passwords with your Google account, all the passwords are available on every device you use as long as you use Google Chrome and sign onto your Google account.

What is iCloud keychain?

iCloud Keychain

Apple's iCloud keychain is a password manager for macOS and iOS devices including Macs, iPhones, and iPads. Username/password pairs, credit card information, Wi-Fi credentials, and other personal data can be stored in iCloud, and shared amongst all of your Apple devices. Your personal data are encrypted with 256-bit AES, and saved in your iCloud, and transferred to and from iCloud to your devices encrypted so it is very secure. The data stored in your keychain can be accessed through Safari, and some third-party Apple apps but not with Google Chrome, unfortunately.

What is 2FA?

2FA

2FA (2-factor authentication) is a form of MFA where a user is required to supply 2 forms of authentication to allow access to the system. The traditional authentication system used the username/password pair to grant access to an account, but a growing number of hacking due to the use of weak passwords prompts the industry to offer an additional form of authentication to enhance the security of login access.