Lastpass – The only password Manager You Will Ever Need!

How often does this happen to you?
How often does this happen to you?

I’ve got more passwords than I can count. Work email, Personal email. Facebook, Twitter. Instagram. Snapchat. Pinterest. LinkedIN, Online Banking. Every single credit card. The Patient portal for my doctor’s office (and my childrens portals as well). Netflix, Hulu, Plex, Reddit, Ancestry,  Xbox One, Playstation 4, Verizon for cable, Sprint for my cell phone,  Online shopping at Amazon, Kohl’s, Target, Old Navy, Home Depot, Sears, eBay… it’s easy to forget all the places where we have online accounts. and how many passwords we’re using.

in fact, the average computer user has over 130 passwords to remember. And the worst thing you can do from a security standpoint is use the same password for every site because it makes a hackers job much easier.

pcoverhaul-lastpass 0001

Lastpass is a web based app that allows you to save all your different passwords in one vault, out in the cloud,  and set one master password to get that vault open.  Your password vault is encrypted so even the team at LastPass can’t access your passwords. Set one secure password for the vault and never worry about remembering each and every site password ever again. I suggest a long phrase that’s easy to remember and type. For example, I might choose Chara33BigZchamps2011 or Gronkspike87NEpatsSBx4

With my one master vault password, I can log in and access literally 1000’s of passwords I would certainly have forgotten. This is especially true for those sites you only visit once or twice a year.

pcoverhaul-lastpass 0009

Another nice feature included in Lastpass – you can create multiple profiles containing all your contact info, like the stuff they ask for every time you sign up for a website – and lock them down with the vault password too.  My PC Overhaul profile has my name, street address, phone number, credit card, date of birth and credit card numbers for the business. When I go to a site to buy parts for a customer, the checkout process is simple. I click on my PC Overhaul profile in lastpass and it fills all that information in for me. And you can have as many different profiles as you want. I have a profile for work, another for personal purchases, and a 3rd for web forums (using my spam email account).

Lastpass also has the ability to create randomized secure passwords for you. This is handy if you always plan on using Lastpass to log in to sites, but won’t be helpful otherwise.

Once you have it installed, whenever you go to a site with a saved password, lastpass offers to autofill the username and password fields for you. You enter the vault password and can choose not to be prompted for the vault password for a period of time.  If you know you will be in front of the computer for 3 hours, you can set it to leave the vault open for that long, and after that time anyone with access to your system will be asked for the master vault password again to get in.

pcoverhaul-lastpass 0008

There are literally dozens of handy features to lastpass, especially considering it’s a free app, I highly recommend you check it out.

Lastpass

 

Multiple Antivirus Products

Many people like the idea of having more than one antivirus product on their computer at the same time, but it’s actually a bad idea.

Antivirus programs search your system for working-in-a-computer-repair-shop-i-see-this-way-too-often-28841
programs that are monitoring and sending information about your computer. And the other antivirus product will be doing just that. You end up with two (or more) antivirus products going to war, trying to disable and remove one another.

And when a virus is found, the multiple antivirus products may both detect it, but only one can remove it. This can lead to reports of viruses still being installed that are actually long gone.

Not to mention, because of the way they function, (scanning every file and process running on your computer and every connection to and from the internet)  antivirus programs can slow your computer down. Running two or more of these programs which are battling with one another for control of your system will bring most computers to a standstill.

You’re better off installing a full antivirus suite (I prefer Bitdefender), or a regular antivirus product and a companion anti-malware program like Malwarebytes.

 

Facebook App Permissions

Over the years you may have unknowingly given Facebook apps access to your personal information and photos.

Every time you install an app on Facebook, you agree to give the app access to certain parts of your profile. It makes complete sense that Google maps needs to access your location, or Instagram would need to access your photos.

google-maps-location-pcoverhaul

What we tend to forget are all the other apps we’ve given various permissions to over the years. Every quiz you’ve ever taken, or that old favorite app, “See who looked at your profile”, may have had access to your profile for YEARS.

For example, I opened up my apps on the left and chose the “Cities I’ve Visited” app (which I only used once).  Let’s take a look at what this app has been able to see on my Facebook profile.

cities 01

cities 02

cities 03

cities 04

This app can see virtually everything on my profile, and it needs to be removed.  By clicking the privacy at the top right of my Facebook page, I can access the Privacy Checkup.

pcoverhaul-privacy-checkup-facebook

 

Hit “Next” to go to step 2 where you can review your approved apps.

pcoverhaul-privacy-checkup-facebook-step2

I’ve scrolled through to find the “Cities I’ve Visited” app. Click the X next to the app to remove it.

pcoverhaul-privacy-checkup-facebook-step3

You can repeat the process with as many apps as you’d like, and when you’re done, click next and then finish to exit the Privacy Checkup.

 

 

Internet Crimes

 

‘Your PC may be infected!’ Inside the shady world of antivirus telemarketing | PCWorld

Tech support schemes have barely slowed despite legal action by the FTC. Some adware programs display messages to people suggesting their computer is at risk, even though the adware programs aren’t designed to detect security problems.

Source: ‘Your PC may be infected!’ Inside the shady world of antivirus telemarketing | PCWorld

 

Virus Removal Services

Thousands of new computer viruses and malware programs are created daily.  Even with virus protection, one third of computers worldwide are infected with some form of malware. It’s a common problem and the majority of computers I work on have some form of virus, spyware, malware, or a combination of all 3 installed on them.

If you suspect your computer has a virus, but aren’t sure what to look for, here are a few common signs your PC or laptop may be infected.

•  The computer is slow to start, or programs take a long time to load, or don’t load at all.

•  Your home page has been changed  and/or your web searches are being redirected to a strange site.

v9com

•  The internet suddenly stops working on your computer, but other computers or devices like phones and tablets can connect without a problem.

no-wireless

•  Pop up messages, especially a large number of pop ups, could indicate some type of infection.

popups

•  Toolbars!

toolbars

•  Warnings of virus infection from antivirus software you don’t remember installing. These fake antivirus programs ARE the virus. After running a scan, they prompt you to pay via credit card for the full program to remove the virus- which they infected you with in the first place. Even after paying to “register” the infection usually remains on your computer.

purchase-page

•  Ransomware is a newer type of infection that locks down your computer, hides your files and demands payment to grant you access to them again. Older versions (FBI, Department of Justice) will pretend to be law enforcement who have locked your computer down due to illegal internet activity. Newer ransomware like Cryptolocker and CryptoWall are almost impossible to decrypt.

cryptowall

There are hundreds of other symptoms but these are some of the most common. If your computer exhibits these symptoms or just doesn’t seem to be running as well as it should, give me a call. I have over 15 years experience and deal with thousands of malware infections each year.

 

CryptoWall 3.0

Simply put, this type of virus is devastating. CryptoWall (and the rest of the CryptoLocker variants) will encrypt (lock) your files and demand a ransom to get the key.

cryptowall

Files affected are usually photos, documents, music, and movies.

So far, there’s no way to crack the encryption (unlock the files) without paying the ransom, and there’s no guarantee the hackers will give you the key even when you’ve paid. The ransom can be anywhere from $400-$600 and with every new variation it’s going up.

pcoverhaul-cryptowall2.0

The best way to prevent infection is to have a current backup of your files. Once the virus is removed (or once you wipe and reload the computer), you can restore your files. Most antivirus programs can remove the virus, but that won’t help you get your files back.

 

Can Mac’s Get Viruses?

I’m sure you’ve probably heard that Apple products like MAC computers, iPhone’s and iPad’s can’t get viruses. If you work in computer repair, you hear about this all the time. Many of my customers tell me they will get a MacBook when they replace their computer because they are tired of getting infected all the time on their Windows based computers. A virus is just a program running on an Operating System, like all other programs. So is the Mac Operating System so secure that you really can’t get infected on a Mac?

First, a virus maker is likely to choose the platform that gives them access to the most potential victims. As this chart from NetMarketShare.com shows, over 85% of computers are still running some form of Windows.


Also, probably due to the fact that there are so many more computers running Windows than OSX, most programmers learn to code for Windows computers. And most of the tools and scripts that virus makers use in constructing malware are designed to target Windows.  These may be some of the reasons why Windows has been targeted far more than Apple’s Operating Systems.

The Mac Operating Systems, starting with OSX 10.0 (Cheetah) are based on UNIX. The UNIX permission structure prevents unauthorized execution of software, which makes it harder for viruses to infect your Mac. Windows will try to run a program any way it can, even if it’s being redirected by a virus, but UNIX will stop a virus in its tracks if it detects an unauthorized redirection. As great as this is, it doesn’t make your Mac computer immune. To infect a Mac, the viruses just need to be written well enough to get around the UNIX code. Not as easy as coding a virus for Windows, but do-able.

 

Starting with OSX 10.8 (Mountain Lion), Macs have a host of built in protection from malware, including  Gatekeeper. These additional measures make your Mac more secure than a computer running Windows.

install-alert

It would be easy to become over confident in all this security if you own a Mac, but that’s a mistake. There have been several major Mac  virus outbreaks in recent years, and with more and more people using Apple products like the iPhone and iPad, there will surely be more to come.

There was also the recent hacking of Apple’s iCloud. There’s some concern that malware could be copied to your computer using your iCloud account or Apple ID.

As computerhope points out:

Although the Apple OS is more secure than many versions of Windows, any software, plug-ins, or other add-ons that are installed onto the computer and connect to the Internet can introduce their own security vulnerabilities. The most common ways to attack a Mac computer is through a third-party browser and browser plugins like Adobe Reader, Flash, and Java. Today, most Mac users have these plugins installed and enabled on the computer, and, in doing so, compromise the overall security of the system.

 

Avast_1_-_Avast_is_free_to_download_and_has_a_talent_at_spotting_Mac_malware

So even though you may have a Mac, please make sure you have an antivirus product installed. If you’re not sure what to use, here’s a review from Macworld UK.

 

 

Infinit- File Sharing App

Infinit – This very useful little app lets you “send any file in less than 4 seconds”.

pcoverhaul- infinit 2

Simply create links to your files that can be shared anywhere on the web-  Facebook, Twitter, via email, SMS messages or online forums.

pcoverhaul- infinit 1

You’ll have a dedicated inft.ly webpage for your files and you can grant access to anyone you choose. Infinit uses P2P Bitorrent technology so your files are not stored on a server where they can be accessed by any unauthorized users (like the recent celebrity icloud hack).

pcoverhaul- infinit 3

Here is a more complete list of features-

pcoverhaul- infinit 4

 

It’s fast, free, and unlimited, so check it out.

 

 

 

How safe is your online data?

You may have heard about the latest celebrity phone hacking scandal involving stars such as Jennifer Lawrence, Ariana Grande and Kate Upton. The photos were stolen from Apple’s iCloud service, and not the phones themselves. Many of the celebs had already deleted the photos and videos from their iPhones, some of them a year or more ago, but they still had those files backed up on iCloud. Hackers use a variety of methods to get into iCloud accounts, from brute force attacks to trying easy to guess passwords, since iCloud would not lock you out if you guessed wrong a certain number of times.

screen shot 2014-05-19 at 9.54.52 am-1

In the case of these particular celebrity photos, they have been floating around on the “dark net” for quite some time before they were finally leaked publicly.

Though it hasn’t yet been confirmed that the pictures came from iCloud accounts, reports have speculated that the hackers used a recent tool called iBrute, which can repeatedly try different combinations of passwords on Apple’s Find My iPhone service until one of them works. Once Find My iPhone is breached, it is possible to access iCloud passwords and view images and other data stored in a user’s iCloud account. Apple had previously allowed an unlimited number of password attempts on the Find My iPhone service, but it has since limited it to five attempts, making the iBrute tool ineffective. [TheVerge]

You may or may not have intimate photos and videos you want to protect from prying eyes. Even if you don’t, think about all the sensitive information you may have in your email and private messages on Facebook and other social media sites. There’s probably some stuff in there you’d rather keep to yourself.

So what can you do to protect your private files and conversations online?

First, accept that virtually everything we do now electronically can be hacked or compromised. It may only be  a curious spouse, but it could be an ex, a co-worker, or a professional hacker.  The best way to keep someone from gaining access to sensitive data  is not to put it online in the first place.

For data that you DO share, the first thing you should do is have a complex password that nobody can guess. “Password”, “123456” or your telephone number are not going to cut it. As this Password Strength cartoon by Randall Munroe demonstrates, substituting numbers and symbols for letters is still easy for a sophisticated software prgram to crack. 

Password Strength cartoon by Randall Munroe

For example, Bruins?Win?Habs?Lose! will not be easily cracked by hacking software and is easier to remember than Bru1n5W#nH4B5L0s3. Phrases make a password more complaex without being too hard to remember. And if remembering is an issue, try a free password manager like LastPass.

Another thing you can do is enable two step verification. This means in addition to knowing the password, the person trying to get into the account has to have access to some kind of device like your phone. where a code may be sent to verify your identity.

ZDnet has this great info on how to set up two step verification for some of the most popular services:

Apple iCloud

  1. Login to My Apple ID.
  2. Pick “Manage your Apple ID and sign in”
  3. Select “Password and Security”
  4. Under “Two-Step Verification,” select “Get Started,” and follow the instructions.

Note: Be aware that when you change your Apple ID to two-factor authentication, it’s a one-way journey. You can only change your password afterwards by using the two-factor method.

Dropbox

  1. Sign in to Dropbox.
  2. Click on your name from the upper-right of any page to open your account menu.
  3. Click “Settings” from the account menu and select the “Security” tab.
  4. Under “Two-step verification” section, click “Enable.”
  5. Click “Get started” and follow the instructions.

Note: You will need to re-enter your password to enable two-factor verification. Once you do, you’ll be given the choice to receive your security code by text or to use a mobile app.

Google Drive

  1. Login to Google from this link.
  2. Enter your phone number.
  3. Enter the code that you’ll get from either a text or a voice phone call.
  4. Follow the instructions.

Note: You will need to get a new code for each PC or device that uses any Google services. For some services, such as Gmail when accessed on an Apple device or by a mail client or some instant message clients, you’ll also need to set an application specific password.

Microsoft OneDrive

  1. Login to your Microsoft Account.
  2. Go to “Security & Password.”
  3. Under “Password and security info,” tap or click “Edit security info.”
  4. Under “Two-step verification,” tap or click “Set up two-step verification.”
  5. Click “Next,” and then follow the instructions.

Note: Microsoft may require you to enter a security code that the company will send to your phone or email before you can turn on two-step verification.

Many other services now offer two-step authentication. Here are ZDNet articles detailing how to set it up onFacebookTwitter, and Google.