Monday, February 3, 2014

10 Worst Password Mistakes That We Make Often

10 Biggest Password Mistakes People Make

Posted by  in Not the Top Lists | 0 comments
10 Biggest Password Mistakes People Make
Jan 4, 2014
I do keep my all precious things and hard copies in lockers as all people do but when we talk about online security, one of the coolest techniques to have your online security conceded and offer yourself to ferocity by a hacker is to have a bad password. All of us should know the dense passwords that entire stand between us and a possible security instance. Still, a part of that many people end up influenced with a virus or with an immense credit card notice because they decayed to track the ABCs of password safety. For a brief consideration, here are the 10 biggest password mistakes people make:

10. Applying an observable password
10. Applying an observable password




A number of people use some obvious passwords e.g. ‘1234567’, Imissu’ and ‘princess’. Hence your individual name is also a mutual optimal and off course anybody annoying to hack your account will check for these easy-going choices.

9. Practicing the same password everywhere
9. Practicing the same password everywhere





People reuse their same password for many accounts.  Though this habit is suitable for the user, it likewise means that one account breach interprets into several account openings. Therefore, if you use a similar password for your Gmail, online bank account and eBay as well, you are alluring hackers to comfort themselves to your personal life.

8. Not consuming extra safety features
8. Not consuming extra safety features





One of the mostly avoided mistakes is that many people don’t use the additional safety services while many services offer two-factor verification, where as well as demanding a fixed password, you also need additional one-time password, which can be referred via text message or bred via a hardware security nominal. Google bids that option when signing into your account. In this way, even if somebody discerns your main password, they quiet won’t be able to admittance the service.

7. Having a too short password
7. Having a too short password





Sometimes people create a short password to keep it in their minds every time but they forget that a lengthier password is more secure as compare to a short one as every additional character makes the password tougher to blemish. A password containing 20 characters might be inflexible to remember, but 12 characters are certainly feasible.

6. Sharing passwords with others
6. Sharing passwords with others






I have many friends and all of them are trustworthy. We share almost our all belongings with each other but I never share my password with any as it seems to share your too personal locker-keys. But I have observed many fellows who trusted their buddies in the matter of password sharing and the conclusion was lose, fake and prangs as well.
5. Not using safe browsing terms
5. Not using safe browsing terms






Whenever people become online on open networks and don’t use HTTPS, it’s riskily cool for those with criminal committed to snip their passwords. So, always check out the HTTPS Everywhere extension to exploit security.
4. Using “secret” queries that many people already identifies
4. Using “secret” queries that many people already identifies






The “secret questions” are the interrogations that sites ask you when you sign up for a check in situation your password is ever lost or you want to alternate your account info. There are many renowned examples of accounts that have been hacked for the “hackers” have security inquiries that are very easy to reply simply by observing their social media accounts.

3. Not keeping machine up when others use it
3. Not keeping machine up when others use it





It happens for several times that someone asks if he can hurriedly use your machine to become online, and your answer is “yeah! Why not”. I congratulate your friendliness, but make sure you defend your secrecy as your friend or asking fellow might establish something you’d slightly they didn’t.

2. Not varying passwords habitually
2. Not varying passwords habitually






Sometimes a number of people don’t change their passwords regularly whether frequently changing passwords guarantees that you’re fewer helpless. So, set manually a calendar appointment to appraise your passwords and keep it up.

1. Not to apply a password administrator
1. Not to apply a password administrator






The prime mistake ranking here 1st as is not to use aPassword Manager. Using a password supervision system confirms that you can attain most of the other objectives on this list effortlessly. There are many password managing systems out there; find one you’re contented with and practice it. Likely writing passwords in any file document or an account could be also dangerous as anyone can have access with an ease. Any information that is easy to find, such as your birthday, as part of your password is conveniently reachable. Hope this list of 10 biggest password mistakes people make will help you all while applying passwords or sitting online at any strange network.
Posted by at No comments:
Labels: , , ,

Sunday, February 2, 2014

Public Wi-Fi also a spying tool, Snowden documents show in new Canada scandal

  1. Here’s a new and potentially explosive twist to our ongoing surveillance saga: according to CBC News, documents obtained by NSA leaker Edward Snowden show that the Canadian signals intelligence agency has been using public Wi-Fi, such as that found in some Canadian airports, to spy on travelers.
  2. This is big because the Communications Security Establishment Canada (CSEC) is not supposed to spy on Canadians, just like its partners in the other “Five Eyes” espionage ring – the U.S., U.K., Australia and New Zealand – aren’t supposed to spy on their citizens.
Posted by at No comments:
Labels: , , , , , ,

Webmail Forensics – Digging deeper into Browsers and Mobile Applications

  1. Almost everyone who uses the Internet has a web-based email account. Many people have two or more, so the likelihood of a forensic investigator coming across a case involving webmail communication is very high. While law enforcement examiners can ask service providers for the email contents through a court order, corporate and non-government examiners have to rely on what evidence is left on the computer or mobile device.
  2. The three largest webmail providers are Google’s Gmail, Microsoft’s Hotmail/Outlook.com, and Yahoo Mail. Together they account for well over one billion users. Each provider offers some unique features but they’re generally all quite similar in implementation from a forensics standpoint. This article will discuss how webmail artifacts are stored and investigated on a PC or laptop, mobile devices, and other applications that support and store webmail evidence.

Internet Explorer

Since Internet Explorer (IE) is installed by default on most Windows installations, it’s likely the most commonly used and should always be searched when looking for webmail—or any browsing artifacts for that matter. Depending on the version of Windows and IE installed, the evidence will be stored in different locations. The locations are listed below:
  • WinXP – %root%/Documents and Settings/%userprofile%/Local Settings/Temporary Internet Files/Content.IE5
  • Win Vista/7 – %root%/Users/%userprofile%/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5
  • Win Vista/7 – %root%/Users/%userprofile%/AppData/Local/Microsoft/Windows/Temporary Internet
  • Files/Low/Content.IE5
  • Win8/IE10 – %root%/Users/%userprofile%/AppData/Local/Microsoft/Windows/History
Note: Internet Explorer 10 is available on Windows 7 as well. If IE9 was installed and then upgraded to IE10, there will be two sources of evidence (the index.dat file from IE9 and the database within the webcache folder for IE10).

Mozilla Firefox

Firefox is a very popular browser and also stores its cache data in various locations based on the operating system installed. It’s installed as the default browser on many Linux distributions and is available for MacOS-X as well.
  • WinXP – %root%/Documents and Settings/%userprofile%/Local Settings/Application Data/Mozilla/Firefox/Profiles/*.default/Cache
  • Win7/8– %root%/Users/%userprofile%/AppData/Local/Mozilla/Firefox/Profiles/*.default/Cache
  • Linux – /home/%userprofile%/.mozilla/firefox/$PROFILE.default/Cache
  • MacOS-X – /Users/%userprofile%/Library/Caches/Firefox/Profiles/$PROFILE.default/Cache/

Google Chrome

Google Chrome is also one of the top 3 browsers used today. It is available for Windows, Linux, and MacOS-X. Google also makes the Chromium open source project available to Linux users and runs very similar to the regular Chrome package with some minor differences .
  • WinXP – %root%/Documents and Settings/%userprofile%/Local Settings/Application Data/Google/Chrome/User Data/Default/Cache
  • Win7/8 – %root%/Users/%userprofile%/AppData/Local/Google/Chrome/User Data/Default/Cache
  • Linux – /home/%userprofile%/.config/google-chrome/Default/Application Cache/Cache/
  • MacOS-X – /Users/%userprofile%/Caches/Google/Chrome/Default/Cache/
Check out full article at  http://articles.forensicfocus.com/2014/02/01/webmail-forensics-digging-deeper-into-browsers-and-mobile-applications/
Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Comments (Atom)