"123456" pick up sticks....

“123456”

What do you think about when you read those numbers? Me? I see what my bank account should look like $123,456 (I aspire to be a 1%er) but alas, it is only $12.34.  That’s OK though, I will EARN my way.  I digress. This particular set of numbers, according to SplashData.com, seems to be one of the most common passwords that people seem to use.  HUHHHH???? WHATTT!!! OK, I get it, there are some people who just don’t get it or are too lazy to understand the importance of SECURITY when it comes to one’s personal data, but it can’t be that difficult to understand! When you leave your home, don’t you take the time to use a key to lock the deadbolt etc.? Then why would you not take the time and create a complex password for all your computing needs?

According to SplashData’s article “Password” unseated by "123456" on SplashData's annual Worst Passwords list, “password has lost its title as the most common and therefore Worst Password, and two-time runner-up "123456" took the dubious honor. "Password" fell to #2.”

I have a friend who is a farmer; he has a degree and makes a very good living for himself.  He does most of his book keeping the old fashioned way using ledger books etc.  I asked him why he doesn't use a computer and he told me “I just never got around to figuring out how to use one.” I thought to myself, he must be an anomaly an oddity, surely there can’t be that many people who can’t use or don’t know how to use a computer? (I have a feeling; the 123456 password would be his.) After reading this article, I see my assumptions are not correct.  There must be thousands or tens of thousands of people who don’t get it, so 123456 it is for their “defense against the dark arts” (Sorry, watched Harry Potter this weekend).

With all the hub bub in the news lately in regards to cyber security incident’s, you would think that people would wake up and realize they are in danger “Grave Danger” (Harry Potter again) and do a little research on good ol computer security measures especially password safety.  If you are one of these folks, please Check out the article by Robert Siciliano (2011) titled 15 Tips To Better Password Security from McAfee.com.  He has several, well 15, tips to better familiarize yourself with better password protection.

Now a word from our creator...

“A prudent man foresees the difficulties ahead and prepares for them; the simpleton goes blindly on and suffers the consequences.” Proverbs 22:3

References:

SplashData. (2013). "Password" unseated by "123456" on SplashData's annual "Worst Passwords" list.  Found at http://splashdata.com/press/worstpasswords2013.htm

Rowlings, J.K. (2007) Harry Potter and the Order of the Phoenix.

Siciliano, Robert. (2011). 15 Tips To Better Password Security. McAfee.com.  Found at http://blogs.mcafee.com/consumer/15-tips-to-better-password-security

 

 

Does the government have to run it?

“The House of Representatives approve Cyber security funding increase” or so it goes… According to an article in Homelandsecuritynewswire.com (Jan 20, 2014) the congress has allocated $447 million of our tax dollars to the Defense Department Cyber command unit.  I have mixed feelings about this only because I know the government can’t seem to run anything correctly and even efficiently.  So I look at the $447 million number and double it because, well… It isn’t their money it’s ours so they will once again spend like tomorrow was never coming and waste most of it.  To be clear, I do think that it is a good idea to have a centralized department to maintain our nation’s cyber security but can’t we partner with private firms to do this for the government?  In my opinion, having a private firm run this program would save US the tax payer more than if good ol Uncle Sam did it instead.  OK, my fiscal conservative side is showing I’ll back off…. According to the article, “The funding jump is mostly attributed to the growth of cyber mission forces, Pentagon officials told Nextgov on Tuesday.  In March 2013, about 834 active duty military and civilian personnel were on staff, Cyber Command chief Gen.  Keith Alexander told lawmakers at the time. The goal is to grow cyber forces by 2,000 personnel annually, until 2016.”  This looks to me that our government is starting to shift their collective focus on the nations cyber safety and cyber defenses instead of the conventional theaters of war we have been pursuing over the last several years, especially since the number of cyber incidents has almost doubled over the past few years.  I will say, this statement is a good thing for folks like me who are going to school just for this reason.  Our talents will be in high demand and very marketable… Now the Capitalist in me comes out.

Parting shot:

Our nation is under attack by a people who we cannot see, have really no idea where they are or really what they want until they strike.  It is our nations interest to find the best and brightest stars in this area and put them to work thwarting the onslaught of the advancing hoards of hackers and Hacktivists, etc. I just have an uneasy feeling when the government is the one in charge of the program.  It seems like the “C” students always seem to run things.

References:

House approves $447 for Cyber Command. (Jan, 2014) homelandsecuritynewswire.com

http://www.homelandsecuritynewswire.com/dr20140120-house-approves-447-for-cyber-command

Stay Informed.. Educate yourself and don't be a victim.

This week in my class, we are discussing many security issues, one of them being Security Awareness.  We were asked to design flyers that would be used in a business or even a school that would make a poignant point about some type of security that we all should deal with.  So, I made a few, one about the importance of computer security and not letting your “Stuff” get compromised and another about the need to be almost street smart and not being fooled by the wolf in sheep’s clothing.  Both of these themes are very important to me because they both deal with educating yourself before you put yourself out there.  It is so important that you have a secure and safe network so you can do what you need to in today’s online world. It seems that a week doesn’t go by when I don’t get a scam e-mail or now even a scam text on my cell phone about some “ACCOUNT ISSUE... Please call us at…” and “Oh a rich uncle in Nigeria that I never knew about….” And it is only going to get worse as troubles in our economy continue to escalate. The sad thing is that people actually fall for this garbage.   

A few years back, I went to a nieces apartment down in SoCal (BOO Dodgers!!) and saw that she had a nice Linksys router set up for her network and I asked her how she was securing it? She tilted her head a bit and said wha??? Huh? I then said “Did you change the default password and SSID?” again, a glazed unappreciated glaze… A friend hooked it up and left it totally unsecure and get this…. She does her online banking on a PC on that network.  I almost lost it, so, the good uncle I am, I scolded her, lovingly of course, and spent the next few hours setting up her network.  I tried to explain to her how important it is to stay secure and even used the comparison of locking your house; you don’t just leave your door open all the time so anyone can come in do you? Especially in greasy sleazy L.A.

Laker losers….

Parting shot:

My point to my rant is, we all need to get up to speed, stay up to speed and do what we have to do in order to stay safe offline as well as online.  Educating yourself is the best defense a person can have.  The Internet has so many resources to look at and use in order to get off on the right foot. Stay informed.

“Education costs money, but then so does ignorance.” Claus Moser.

"I promise to eat less and encrypt more"

HAPPY NEW YEAR!!! “Should auld acquaintance be forgot…..”  

I’ll stop… Truthfully, I thought it was “Should OLD acquaintance be forgot…” By the way, what does that mean?  Anyway, it’s a new year again which means it’s time for all of us to once again make promises to ourselves and our love ones and then forsake most if not all of them, casting our promises aside like yesterday’s rubbish.  We all mean well, but in these times of rush, rush rush it is very hard to stay focused on what NEEDS to be done since we constantly get bombarded with… Well, life.  I know that going to the gym or walking the dog more is beneficial but so is protecting your assets, your identity, you’re STUFF.  I always try and keep my personal info out of the hands of people who want to use it wrongly, but truth be told, I fail from time to time.  But this year “I vow to be more vigilant with my personal information!” and the Target hack has really got me thinking.  I usually only use one credit card for purchases but on occasion have used my debit card too.  This really isn't a good idea to do because if fraudsters drain your bank account, the bank may reimburse all the charges but you most likely will be on the hook for any overdraft charges that occur as a result of the fraudulent goings on.  DON'T USE YOUR DEBIT CARD FOR ANYTHING BUT THE ATM!!

How about encryption? We all should use this one.  E-mails are one of the biggest concerns to me.  I recently bought a house and I must have sent 20+ e-mails to and fro to various lenders and realtors etc. that had some very personal info and attachments on them.  Each time I hit send; I gulped, closed my eyes, did the sign of the cross and prayed for mercy.  Encrypting ones data really should be a no brainer.

Back it up… I know another no brainer but how often do we actually do it? I try and do it monthly but since I have 3 PC’s at home that I am in charge of, I occasionally forget.  This is one of the most important things we should do and it should be done weekly.  If you lose your device or it is compromised in some fashion, a solid backup can really save your behind and get you back on your feet quickly.

Finally, I am going to utilize a password manager.  I have wanted to do this for some time now but just haven pulled the trigger yet.  I found a great article in Informationweek.com written by Dino Londis (2013) that discussed his thoughts about this topic and even gives several options that you can consider.  If you are interested, check out the link below, it is a good read.

Parting shots: It seems that a day doesn't go by where we don’t hear something in the news about XYZ Company getting hacked or ABC group claiming they did some nefarious deed to XYZ etc. We all need to do our part to protect our assets and be vigilant so these clowns have a much harder time getting the goods…

“Run Silent, Run Deep” A novel by Edward Beach Jr.

Cited:

Londis, Dino. (2013). 10 Top Password Managers.  Informationweek.com.

http://www.informationweek.com/security/risk-management/10-top-password-managers/d/d-id/1109759?