The Password is…..

The Problem

When working to secure our data we often overlook the most obvious of vulnerabilities, our passwords! We make our passwords easy for us to remember and in doing so they’re easier to break. First things first, a randomized 8 digit password is very strong. It’s made even stronger when providers require our passwords to have at least one uppercase letter, one lowercase letter, one special character, and one number. That process will generate 18,170,005,425,000 different passwords. If you were able to try 100 passwords a second, it would take you over 5,000 years to attempt every password! Surely, a randomized password would be almost impenetrable, right? Therein lies the problem, our passwords are not random. We compromise our passwords when we create them.

The characters we choose that compose our passwords are often words or numbers that have significance to us. For example, many numbers are often birth years, or just the number 1. Sometimes, it’s easier just to use a sequence of numbers like 123. By making the password relevant to us and easier to remember, we have made it easier to crack. In 2016 the 25 most common passwords made up about half of all passwords.

The Solution

Passwords are inconvenient. We’re supposed to have long, complex passwords and store them in our heads. To complicate our lives even further, we’re not supposed to duplicate our passwords for any site. While this may be ideal it’s also entirely impractical. The best way to maneuver through this seemingly impossible dilemma is to use a password manager.  LastPass and Dashlane are both excellent choices that provide users with the security of having a complex password without the vulnerability of writing it down or the inconvenience of forgetting passwords.

Take a moment to consider how many passwords you have. Do you use the same password for different accounts? Do any of your passwords contain numeric sequences? Are you vulnerable?

 

Sources:

https://keepersecurity.com/public/Most-Common-Passwords-of-2016-Keeper-Security-Study.pdf

7 Rules for Safer Online Shopping

For most people online shopping has become the norm.

Our busy schedules prevent us from trekking to the mall every time we need something, so instead we visit online retailers to fulfill our shopping needs.

Safe online shopping

But, not all online shopping destinations are created equal, and while many sites are trustworthy and legitimate, there are a number of fake online retailers that are just waiting to rip you off.

Luckily, a little online shopping savvy can go a long way to protecting you, your money and your identity.

Read through our online shopping rules below to keep yourself safe online.

  1. Stick to sites that you know & trust. Instead of starting your online shopping with a search engine, begin at a trusted retailer like Amazon, Target, Lowe’s or Macy’s. Search engines can lead you to places that are not trustworthy, especially if you venture past the first page or two of search results. Also, check the spelling of the site’s name (Amazon.com versus Amazn.com*). Many “copycat” sites try to get your money by looking “familiar”, and check the top-level domain as well (Amazon.com versus Amazon.net*). *These are fictitious examples.
  2. Use credit cards. Credit cards tend to be the safest option for online shopping because you have recourse. If an ordered item is never delivered or you find fraudulent charges on your card, the credit card company will work with you to remedy those issues and get you your money back. But, if you use a debit card or give access to your bank account, it can be a lot more challenging to get your money back after you fall prey to a scam. Check your statements regularly, and keep an eye out for suspicious activity.
  3. Keep a paper trail. Whenever you make purchases online, be sure to save any and all documentation that you receive via email in an email folder or, better yet, print hard copies of receipts, terms of sale, product descriptions, and any emails that you exchange with the retailer. Again, this will be helpful and necessary should you find yourself the target on an online shopping scam.
  4. Only shop with the “lock”. Any time you’re about to make an online purchase, look for the lock. Make sure that the site has SSL (secure sockets layer) encryption installed. You can determine if it does because an SSL url will begin with https:// (instead of http://). Typically, a little lock icon will also appear next to the site’s url or in the status bar; another indication of a secure site.
  5. Shut down your machine. Do you typically leave your computer running and connected to the Internet 24/7? While that may seem like no big deal to you, it means that you’re leaving your machine open to cybercriminals all day and night. This gives hackers the opportunity to infest your system with malware and commit cybercrimes. Instead, after making a purchase, turn off your computer and protect yourself and your money!
  6. Don’t overshare! Only fill out the necessary (i.e. “starred”) information when making on online purchase. No online retailer needs your birth date, social security number, or other unnecessary personal data to complete your transaction. Don’t make it easy for online criminals, instead be cautious, don’t over share, and you’ll protect yourself from identity theft.
  7. Use a secure connection. Don’t conduct your online shopping while using unsecured public WiFi. This is an open invitation to hackers, peeping Toms, and identity theft. Instead, wait to make online purchases from a secure network like your home or place of work.

If you want to further protect yourself, your money and your identity while shopping online, consider getting a VPN. For more details about how a Virtual Private Network can improve your online experience, visit Ghost Path.

The Actual Time It Takes Hackers To Crack a Password + Celeb Phone Hacking

How long does it take to break a password?Do you ever wonder how secure your passwords are?

In light of the recent celebrity phone hacking scandal which resulted in revealing pictures of 100 celebs being posted and shared online and via social media, you’re probably wondering how secure your own passwords are.

The hacker, in this case, “took advantage of a security flaw in Apple’s online backup service, iCloud. Many online services lock someone out after several unsuccessful attempts to log in, but not Apple’s Find My iPhone app and iCloud. That has been changed by Apple in the aftermath of the nude celebrity photo scandal. But with unlimited guesses, a computer program can generate and test thousands of potential passwords until an account is entered. It is called a brute force attack. The tendency of many people to choose weak passwords and to use the same password for each service helped. Once a celebrity’s Find My iPhone app password is discovered, the same password often can access iCloud. People might never know their accounts have been compromised.” (quote from CNN.com)

With that in mind, if your passwords resemble something along the lines of “123456” or “password” or you use the same password for all sites, you’re putting yourself unnecessarily at risk.

Smart hackers are adept at breaking codes in little time, and when you use a simple or common password, you’re opening yourself up to be the victim of online crime.

Here is the actual time it take a hacker to break a password:

  • Lowercase, 6 characters = 5 minutes
  • Lowercase, 9 characters = 2 months
  • Uppercase & Lowercase, 6 characters = 5.5 hours
  • Uppercase & Lowercase, 9 characters = 88 years
  • 6 characters with numbers & symbols = 8.5 days
  • 9 characters with numbers & symbols = 19,985 years

As you can see, adding a length and complexity to your passwords pays off BIG TIME.

Here’s a little tip, instead of using simple words for your passwords, use phrases. For example: “Time flies when you’re having fun!” becomes “TFlyzwhenurhavinFUN!”

A password like that won’t be cracked for millennia! 

And, be sure to use a different password or password variation for every site with a secure log-in.

For extra protection, look into a Virtual Private Network to protect your data and privacy on all your devices, anywhere in the world! Read more HERE.

For the full scoop on the celebrity phone hacking scandal, watch the video below.

Screen Shot 2014-09-05 at 10.38.23 AM

 

This post was inspired by an element of this infographic.

Back To School Online Safety Tips + Video

In between back-to-school shopping, end of summer activities, and gearing up for yet another school year, it’s important to talk to your kids (no matter what age!) about being safe online.

Screen Shot 2014-08-11 at 11.56.51 AM

Over the summer, warm weather, vacations, camp, and playdates keep kids busy (and offline), but the school year means that the Internet will yet again play a major role in their lives as they do homework, study, and do research for school projects. And, the more time they spend online, the more vulnerable they are to being preyed upon by cybercriminals.

To ensure that your kids are well-prepared for a safe and productive school year, use these guidelines below to discuss smart online practices. Then, watch the “Online Safety Tip” video with them — it covers some important topics, too!

1. Don’t Talk To Strangers Online.

This may seem like a given, but many kids view the Internet as a safe, protected place. And, because of that, they can often over-share personal data like their name, age, address or passwords. Teach your kids the importance of staying vigilant even when online, and you’ll protect not only them, but your whole family, from malicious threats.

2. Don’t Post Anything You Wouldn’t Want Your Parents & Teachers To See.

A great rule of thumb is to teach your kids not to post or share anything online that they wouldn’t feel comfortable with you or their teachers seeing. Even if they think they are sharing something in a private, closed forum, you never know who might “share” it, and who may end up seeing it in the end!

3. Use Long & Strong Passwords.

Inform your kids about the importance of using long, strong passwords for all their accounts. A hacker can crack a 6 letter, all lower case password in mere minutes. Instead, encourage them to use passwords that are 8+ characters long and include a combination of upper and lower case, numbers and symbols.

4. Monitor Online Conversations.

It’s essential to keep tabs on your kids’ online conversations via IM, email and social media. For this, you can use parental control software and also talk to your kids about appropriate vs. inappropriate online discussions. A sit-down family chat around the dinner table will do wonders!

5. Make Sure All Devices Have Security Measures In Place.

Kids access the internet in a variety of ways and at a variety of locations. That’s why it’s vital to consider putting safety precautions in place that will protect them in as many instances as possible. Install antivirus software with a strong firewall, and consider using a VPN to further protect your data and identity from cybercriminals.

Online Safety Tips: Send Kids Back-To-School With Cyber-Security

For more info about using a VPN to protect you and your children, check out GhostPath’s services HERE.

4 Less-Common Mistakes You’re Making Online That Are Putting You At Risk

Screen Shot 2014-07-15 at 10.29.47 AMWe all know that we shouldn’t use the same password for all our accounts or share our login information with others, but so much of our lives nowadays are spent online that it’s easy to develop some other bad habits that may be putting you at risk.

Everything we do, say or post online has the potential of being seen by hundreds if not thousands of people, and while the majority of those eyes are likely harmless, if your personal info gets in front of the wrong person, it could cost you your privacy, money and countless headaches.

Below are 4 less-common mistakes that you may be making online that are putting you at risk.

1. Saving your personal information

Many sites, such as online stores, credit cards and even banking sites, give you the option of saving your personal information for quicker login, transactions or purchases. But, despite the added convenience, anytime you save your personal data online you’re putting yourself at risk. Instead of saving your login information and maybe even your credit card number, opt to enter it yourself each time. Sure, it takes a few extra minutes, but it could save you thousands in fraudulent charges!

2. Using public Wi-Fi

Sure, it’s convenient and seems harmless enough, but any time you use public Wi-Fi you’re opening yourself up to potential hacking. Instead of compromising your personal data, avoid banking, accessing your credit cards or shopping online while connected to a public network.

3. Using your debit card for online purchases

When you use your debit card, you’re giving hackers access to your personal bank account. Instead of opening yourself up to the headache of trying to recoup your money after an online breach, protect yourself my designating one credit card with a low-limit for all your online purchases. That way, if it becomes compromised, you know exactly where to look and can easily remedy the issue.

4. Clicking links in emails

You should never, ever click a link or open an attachment in an email from an unknown or suspicious sender. Malicious links and downloads find their way into our inboxes all the time, but if you’re alert, you won’t become a victim of whatever virus is being spread. However, sometimes these links can even come from familiar email addresses, but that doesn’t mean they should be trusted. If you suspect a link might put you at risk, don’t open it — even if it came from a friend. Instead, respond to the email and ask if they truly meant to send it.

To further protect your data, personal info and privacy, consider using a VPN service. For more information about how a VPN can protect you online, visit www.GhostPath.com.

 

How Safety Savvy Are You Online? Take The Quiz To Find Out!

Few of us go a day (or more likely a few hours!) without going online, whether it be to check our email, do research for work, look-up a funny YouTube clip, peruse our social media accounts, or simply pass the time.

But, with so much time spent in cyberspace, we’re also putting ourselves at risk for hacking, identity theft and scams.

If you’re wondering how online safety savvy you are and if you’re putting yourself at risk, take this fun, 6-question quiz to find out.

Want to boost your online safety?

Sign-up for GhostPath’s VPN service & enjoy a 7-day money back guarantee!

Cybercrime Report: Are You A Target?

The Internet and computers have become an integral part of our everyday lives.

We wake to our smartphone alarm clock, check our emails over breakfast on our tablet, and settle in at our work desks in front of our computers to conduct the morning’s to-dos…and that’s all before 10am.

Yet, despite the convenience of all this modern technology, it also means that cybercrimes like hacking and identify theft are on the rise.

Norton released their report on cybercrime in 2013, and the data is quite compelling.

First off, though, let’s give a little context as to the depth of this report. Norton collected data from over 13,000 online adults ages 18-64 from 24 different countries.

Below are a few key factors that we found particularly interesting from Norton’s report:

  • 64% of cybercrime victims are male.
  • 66% are millennials (as compared to baby boomers).
  • Common theme noticed in victims: Almost 1/2 of victims don’t use basic precautions like passwords or security software.
  • Among smartphone users, 38% have been a victim of mobile cybercrime in the last year.
  • There are 378 victims per year, which is more than 1 million per day, which translates to 12 victims per second.
  • Risky behavior: 39% of social media users don’t log-out after a session, 25% share their passwords with family & friends, and 31% connect with people they don’t know.

Check out the entire report below:


The Norton Report 2013 

Protect yourself & your data.

Sign-up for a VPN service and never worry again! Register now, and get our 7-day money back guarantee.

Are You At Risk For Facebook Hacking?

Screen Shot 2014-06-02 at 12.06.52 PMDo you know if you’re at risk of having your Facebook account hacked?

If you’re like most people, you probably don’t really give Facebook hackers much thought as you peruse friends’ photos, post updates, and scroll through your Newsfeed. But, the truth is, social media hacking is a lot more common than you might think! And, if you’re not taking some basic precautions, you might be putting yourself at risk, too.

In 2011, 1 in 10 social network users reported that their accounts had been hacked, and in 2012 the frequency increased to 1 in 6. (Source: Norton Cybercrime Report 2011, 2012.)

In order to protect yourself, your accounts, and your personal, private information, here are 7 simple techniques that you can use to ensure that your Facebook account does not fall prey to hackers.

1. Never share your login or password information.

This may seem like a given, but you’d be surprised how many people freely share their logins and passwords with friends and family members. Though your family and friends likely have your best interest at heart, they may unknowingly post, share or communicate information about your account that could put you at greater risk.

2. Create passwords that are LONG and STRONG.

If you use the same easy-t0-remember password for all your accounts, this is a big no-no. It’s recommended that you change your password every few months and create passwords that are both LONG and STRONG. A great way to do this is to use an acronym of your favorite song title or lyrics. For example, if you’re a Billy Joel fan, you could transform some lyrics from his 1976 hit, “New York State of Mind”, into a great password such as ImInaNYSofM1976 — no one’s going to guess that!

3. Don’t click Newsfeed links.

Never click on suspicious looking links to games, apps and other ads that you’re unsure of that may pop-up in your Facebook Newsfeed, and avoid allowing 3rd party applications to access your information when you sign-up for something.

4. Add a second email.

In the “General Settings” section of your Facebook account, had a secondary email in case your account is ever hacked. In the event that your account is compromised, Facebook will send recovery info to both email accounts so you have a better chance of recovering your information quickly and restoring your account security.

5. Only “friend” friends.

Only accept and extend friendship to individual that you actually know. When you accept a stranger’s friend request, you give them access to your personal information, so it’s always best to never post any sensitive, personal or financial details about yourself.

6. Follow Facebook’s advice.

Facebook offers step-by-step instructions that you can follow that outline “How to Prevent Your Facebook Account from being Hacked”. They suggest enabling login notification, checking your active sessions, and enabling secure browsing. Learn how to do all 3 here.

7. Beef up your online security.

Using a VPN (Virtual Private Network) is a fantastic way to beef up your online security in general and will sure-up not only your social media accounts but all your online activity including emailing, browsing and accessing sensitive sites like banking or credit cards.

A VPN is kind of like a secure tunnel that contains all your data and info, and the tunnel is comprised of an encryption ring that hackers cannot decipher, meaning everything that flows through the tunnel, including your social media activity, is safe.

VPN’s are also extremely valuable if you routinely access your social accounts from low-security networks like coffee shops, airports, hotels, restaurants, or any other public WiFi hotspot.

For a risk-free 7-day trial of GhostPath’s premier VPN service, click here.

Watch Out! Do Not Fall For World Cup Scams

Screen Shot 2014-06-24 at 10.43.45 AMHackers and scammers capitalize on big events — and the FIFA World Cup is no exception.

And, as you would expect, there are a number of scams out there aimed at World Cup fans.

These scammers are hoping that eager soccer enthusiasts will let their guard down enough so that they can get their money, access their data, and steal their identities.

But, being vigilant goes a long way!

Here are some ways these World Cup scam artists try to trick you:

#1 Free Prizes & Tickets

Anytime you get an email promising free World Cup tickets — or free anything — from someone you don’t know, you should be on high alert. One of the more common free ticket scams encourages people to click a downloadable zip file which then unleashes a virus that enables your computer to be taken over by a remote administration tool (RAT). Others ask you to click a link or fill out a questionnaire with your personal information.

#2 News & Highlights Reels

Breaking news and World Cup highlight reels are being used to entice recipients to open malicious attachments and downloads. Again, be on high alert should you receive an email which encourages you to click or download something in order to access info about the cup.

#3 Free Online Streaming

These scams show up not only in your inbox but on social media sites as well. Often these scams will ask you to complete a survey or download & install software. Again, be cautious & use your head! If something sounds too good to be true, it likely is.

(There are ways to safely and securely live stream all the FIFA World Cup action online. Read more about that HERE.)