Skip to main content

You've been Pwned!

Another day, another data breach. Emails, passwords hacked and put online for sale. The breaches have become so common that we don't pay attention anymore. Old news. Yawn. You get an email asking you to change your password. You go to the offending website, change your password and then forget about it - feeling safe in the knowledge that you've protected yourself from those fiendish hackers.

But wait. That's not nearly enough.

Ask yourself - do you use the same email and password combination on any other site? What about that cheepo.com service you signed up for 3 years ago using the exact strong password as your bank website?

The email didn't mention that, did it?

Here's the problem. Anyone can take your email and password combination and use it to get access to your secure bank website. "Hello sir/madam, welcome back. Take all you want. It's been great doing business with you. Bye".

So what can you do about it?

First, find out if your account has been compromised in a data breach.  Head over to the free service Have I been Pwned and test all the emails you use to log into websites. If any email has been compromised - you know that you will need to go to every site with the same email/password combination and change your password.

Second, make a list of all the sites you use. Update the passwords now. If you must use the same password on multiple sites (because you just can't remember all the different passwords you have to use) - then separate the sites by category - like finance, media, social etc. - and then use a separate strong password for each category. Unfortunately some sites insist on fixed length passwords which can limit your options.

Third, if the site is using two-factor authentication (2FA) - then use it. That will ensure that a breached password won't be enough to log in on its own.

Finally, start using a secure password manager like 1Password - a family account is cheaper per month than a Starbucks fancy mocha - and worth every penny if any service provider your use is compromised in the future.
If that proves too expensive, Google Chrome has a new strong password generator feature. If you let Chrome create the strong password, and Google sync is turned on - the password will be available from any Chrome browser you log in with.

Comments

Post a Comment

Popular posts from this blog

Host a static website on Google Drive (in 5 easy steps)

You need to host a static website but don't have the time, money or resources to set up a web server.  Perhaps you're learning to code or just doing a demo. Here's a way to set up a web site at no cost, in just a few minutes. Step 1. Create a new folder in Google Drive. From Google Drive, Click 'Create', select 'Folder' and enter the folder name. (I chose 'hybrid' for this example, but you can choose anything you want). Step 2. Share the folder. First select the folder you created (displayed in the folder list), then click the sharing icon. In the Sharing Settings popup, go to the 'Who has access' section and click 'Change' The Visibility options pop up will appear. Change the Visibility option to 'Public on the web'.  Although set by default, make sure that 'Access' is set to 'Can view'. Click 'Save'. The folder is now shared. Click D...
Post a Comment
Read more

How to get the BBC iPlayer running when you live outside of the UK

(subtext: Get the World's most famous detective on your favourite browser) The new series of Sherlock has started on the BBC. If you live outside of the UK and you are too impatient to wait for your local TV content provider to host it for you - then fear not !! These simple instructions will get you up and running. In addition to the iPlayer you can access most of the other UK TV channels using the same method. Note: you can use the same method to access content in other countries - such as Hulu in the U.S. How it works:  In simple terms, the BBC iPlayer, like other players, perform a check to determine whether your internet access is originating from the UK.  So the trick is to ensure that your access to the BBC website will originate from the UK. First you are going to use a free piece of open source software that was designed to keep your internet access anonymous. You will add a setting that will ensure that the software makes use of servers in the UK whenever ...
12 comments
Read more

Skip the grunt work: Use AI to turn raw data into Slides (Part 1)

Scenario You've got to create a presentation using data from multiple CSV files. Typically, this means merging files into a single spreadsheet, generating charts, and copying everything into your presentation—an absolute time sink! Let’s fix that. Here’s a free, no-code approach using Google Workspace tools and a sprinkle of automation. This is Part 1 of a two-part series. The Problem Simplified: Multiple CSV files in a consistent format (I used stock data). The goal: Combine into one Spreadsheet for easy analysis and charting. How: Instead of manual copy-pasting, we’ll automate the process using Google Apps Script and Chat-GPT for code generation. What You'll Need: Google Apps account: A free Gmail account will work perfectly. Access to Google Drive , Google Sheets , and Google Slides. Chat-GPT 's free edition for code snippets. Step-by-Step Solution: 1. Collect your data Upload the CSV files to Google Drive. Copy the Drive folder ID. The folder ID is the part of the URL ...
Post a Comment
Read more