Thursday, June 28, 2012

More on Pa$$w0rd$...

OK....you get it.


You need some secure passwords.


You need something hard to guess, but easy to remember. (That's an oxymoron right there.)


You need to protect your accounts.


But how to do that easily?


Here are some tricks and ideas to use to generate passwords that get really strong really fast. Think of this as taking your passwords to the gym to bulk them up....minus the smelly towels.

  • Take an ordinary word, but start replacing letters with symbols. This trick involves makes you password tremendously more complex to crack, but just nominally harder to remember.

If your password is the word strength , you can toughen up that password by replacing letters with similar looking symbols.

  1. Change the s to a $
  2. Change the e to a 3 (because a capital E looks like a 3 in the mirror....also a reminder of the gym).
  3. And for emphasis on all your heavy lifting, drop an explanation point at the end !
Your really simple-to-crack password of 

strength (crackable in about 3.5 minutes)

just became the exponentially more difficult

$tr3ngth! (crackable in about 35 days...way more buff, right?)

Password cracking programs know these same tricks and will try commonly substituted characters. But even so, this simple change makes you a much less desirable target.

  • Use something easy for you to remember, but completely obscure to anyone else.
This trick is a sweet one, because you can "nerd out" on something you love, and justify it. Let's say you follow baseball. On the day you select a password, pick the batting average leader and make it into a password.

Here is the leader board for the day I wrote this blog entry. You might use a first initial, last name and batting average.

Your password is CRuiz.362 Finally, that statistic you store in your brain has a justifiable purpose. And when the time comes to change your password, just look up the new batting champ, and you likely will have a new name and number at your fingertips.

Or you select the division leader, and how many games back the last place team currently stands. Or use the name of the last major movie you saw, with the actors name, and the number of stars you would have given it. You get the idea. Just find something that sticks for you.

I use this one myself...not so much the batting or movie part, but I have a methodology of picking passwords that guarantees something unique on any given day based on my life events, and is still meaningful and easy to remember for me.
  • Treat passwords like your underwear: Change 'em often.
Enough said, right?


The trick to strong passwords is this: No password is infinitely secure. You will always be breakable, just like someone can always break into your house. No matter how strong your security system, someone who wants in will find a way in.

The goal here is to make yourself a harder target. Just like a pick-pocket will target the guy flashing his wallet and money around and skip over those harder to get, you can do something similar with a smartly-chosen password.

Now then....don't you feel stronger? And you haven't even touched a dumbbell...



Friday, June 22, 2012

Passwords are NOT Secret Words

Thinking on passwords....make sure you don't give away your password quite like this...


...and click on the image if you need to indulge.

Sunday, June 17, 2012

Your Password shouldn't be password

How important is your password?

In the wake of what happened a little while back at LinkedIn, pretty important. In case you missed it, about 6.5 million passwords were hacked and released on-line about 10 days ago.

The problem is not so much that someone can access your LinkedIn account. Yes, I suppose they could do dastardly things like change your work experience or write a funny recommendation for someone else. But truth is, LinkedIn passwords themselves are not that valuable.

And now there is a value attributed to those stolen LinkedIn passwords: $1. With $1, a criminal can grab a large Diet Coke from McDonalds or your LinkedIn password.

If someone has your LinkedIn password, it is quite likely they have much more. The trick is that you probably use your password over and over and over again...

...for LinkedIn.

...for Facebook.

...for your on-line banking.

...for your company e-mail.

Getting nervous yet?

A few ideas for making your passwords more secure:

  • Keeping your passwords varied, and not re-using them for at least one year.
  • Avoid Querty-based patterns (for example, 12345 or asdfghjkl).
  • Mix capital and lower-case letter formats.
  • Substitute letters and mix in numbers whenever possible.
  • Switch word orders.
  • and PLEASE don't use the word password

There was a time when I could very often guess passwords. There were three tricks:
  1. Use the word password 
  2. Use the name of a child or pet
  3. Flip over the mousepad.
Using just those techniques, I could break in about half the time. Seriously. Don't be that easy.

Secure those passwords, mix them up, and PLEASE CHANGE THEM every so often. I realize password changes are a pain.  But then so is fighting fraud and explaining that nasty-gram from your e-mail account didn't really come from you.




Sunday, June 10, 2012

More About the Cloud, and How It Helps The Sun Shine


Ever used Gmail?

How about Yahoo Mail?

Or that passing fad called Facebook?

If so, you've used the Cloud. In fact, many people have been using the Cloud for a long time without every quite realizing it. For some reason, web-based applications like these have not registered with most people as being in the Cloud. Only when applications like Google Docs replace softwrae that you install onto a computer that has traditionally been locked inside a PC (like Microsoft Word, Excel or PowerPoint) do people seem to twig to the Cloud angle.

Last time, I talked about why companies or schools might use the Cloud to power their computing environments. It frees business to focus on what they do best, and leave some of the very mundate and technical work of maintaining servers and drivers and patches and inventories to someone else, who will do it on a VERY large scale for a fee.

But what does the Cloud mean to everyday users who just want the sun to shine to have a good day.

Quite simply, the Cloud is a software application hosted in a central location and delivered via a web browser or other thin client. Rather than purchase and install the application on individual computers, people that use the application just access it from a computer..

..or a smart phone..

..or an iPad..

..or your friend's computer..

..or whatever device you happen to have.

Users--whether students or employees or everyday folks--just log on to access the application. The information in the application (like a Facebook update, or the fare for your airline ticket, or tomorrow's weather, or your bank balance) is not locked into a single computer that you tote around. Instead, it becomes available the moment you login, and how you login is up to you.

To the end user, the experience is essentially the same as if the application were installed on the user's hard drive. By having the application delivered as a service, however, people can update their Facebook status from any location, or check up on e-mail using most any device. HR managers can do payroll from the comfort of their living rooms; teachers can work on lesson plans after hours. What's more, users can utilize different devices without having to tote around thumb drives to port over updates, since the contents of the project are stored in the cloud. Want to share a photo? You can put it on a thumb drive and walk it around, or you can upload it to Facebook, Flickr, Picasa, etc. Which is easier? Usually the Cloud-based choices.
From us everyday folks who just want to check in, we are no longer tied to a specific computer with a specific set of software. If I have an access point--often called a thin client--I have access.
And, from an IT perspective, there's a beautiful upside: No longer do you have to update software on machines scattered around a business or campus. Does Facebook send you a CD every time it updates its interface? No, and whether you like Facebook's changes or not, this ability allows applications like Facebook to innovate much more quickly. No more patches, no databases tracking installs and software updates. And the nightmare of keeping track of thousands of software licenses? Gone.
This freedom of checking applications anywhere, anytime, from almost anywhere, is what allows me to go sit in the sun without lugging around a specific computer to do my work, or check in, or update my status or watch a cute video of puppies. 
Things are easier, faster, and more accessible. And free you up from the nightmare of maintaining it all. And that is how the Cloud helps the Sun to shine.


Sunday, June 3, 2012

Since When Did My Computer Start Handling Weather? Or What Is A Cloud?

What is "The Cloud" anyway?


You keep hearing about how "The Cloud" is changing computing forever, and you are wondering just when weather reporting and computing became related subjects. 


(Hopefully the techies out there will not cringe too much, because I admit I am going to oversimply this, but hey, that is the entire point of my blog.)


Truth is that if you ask 10 technical people what "The Cloud" is, you will get 10 different answers. But they will all tend to point in the same direction. The Cloud is the ability to use computing power and storage from powerful providers to make your life more simple.


The best analogy I have is the electric utility. At one point, our ancestors generated their own power. They built a windmill or water mill or something like it. With that came all the maintenance and energy of maintaining the power source. Then the electric utility was born. We attach a meter to the side of the house, measure how much power gets used, and pay for it. Period. We no longer generate our own power, we simply buy what we need from somewhere else that specializes in generating a LARGE amount of power and distributes it to a LARGE group of people or businesses as needed.


If I have a hot day and need more air conditioning, I do not figure out how to generate more power; I simply buy more power. Or if I am on vacation, I buy very little power. I no longer have to adjust up and down how much power I generate, nor do I maintain the whole infrastructure to generate power. So long as I have an electric line running to my home and an agreement to pay for what I use, I have power.


The Cloud is similar. If I need lots of storage, I can buy that from someone else (Google, Dell, Rackspace and Apple are examples) and I no longer need to buy a bunch of hard drives, and install drivers for them, and update them, and back them up. The Cloud provider will do all that for me.


This blog is hosted in The Cloud. I actually have no idea just where this text is literally stored. Perhaps Montana, or Oregon, or a few steps from the beach in Miami. And that is the whole point...I don't have to know. I just use it.


You are using The Cloud now. Facebook is essentially in The Cloud. Do you really know where your unfortunate pictures from last night are literally stored? No. That is Facebook's problem to manage, and they just let you access it (and they let all your friends see too! Lucky you!)


The Cloud is not in a single place, or on a particular computer. Rather The Cloud is an idea that you can simply use what you need rather than having to maintain a bunch of computer infrastructure in-house.


Businesses are using The Cloud to reduce their costs, because instead of maintaining a lot of infrastructure (and paying employees to run it), they buy Cloud capacity and leave all that hardware maintenance to someone else who does it on a LARGE scale. Depending on what they use, they pay fees and they get on with their actual business rather than deal with the infrastructure.


So don't be scared by The Cloud. You use it every day, and it helps you avoid maintaining a bunch of computers and lets you get to your important business (like removing that unfortunate Facebook photo.)