Pro Activist Computer Support

Category: Uncategorized (page 1 of 3)

Password Management 911


From here on out, I recommend using a password management software to learn your passwords and store them securely. Then you can use the built-in password generation function to create and remember very long and complex passwords which would otherwise be impossible to remember.

Once you have a good software program to easily learn and securely remember all your passwords, you will still have one password which you will be responsible to remember yourself: the password to get into the password software itself.

Here is how to create a secure password which you can remember:

-Write down a list of several random words.
-Each word should be at least four characters long.
-Avoid proper names, such as of pets, relatives or sports teams, since either you or the people you know have probably already divulged such information on Facebook and the like.
-Avoid picking phrases from literature, since there are hacker scripts which look for that. (However; you might decide to pick a book you like and pick words from random positions on random pages.)

Start writing your password beginning with one of those words:
-Before or after each word, insert either a number or symbol. (It’s okay to repeat an element!)
-Avoid the numbers 0 and 1 since they can be confused with the letters “oh” and “el”.
-Capitalize some of the characters.
-Use 3-5 words.
-Type your password into a document to see if it is easy to type quickly.
-Adjust your password for ease of use.

Write down the final version of your password before you enter it into a website or program, then:
-Write the final password
-Then transcribe the password by looking at the written version, rather than typing what you remember.
-Once you have created your password, log out and log back in. (This avoids issues with both misremembering and mistyping a password.)
-Keep the password in a safe place you can easily remember, such as a household safe or a safe deposit box.
-Avoid attaching it to your laptop or any part of your computer (such as monitor or keyboard) or anywhere in your workspace, such as in a desk drawer.
-Practice using your password several times a day until you are sure it is memorized.

Here are some interesting resources for you to look at when thinking about how passwords work and how to make them better:

Graham Cluley discusses password rules and password management software –

N3v$r M1^d password rules. Get a password manager to generate and remember your passwords instead

Dr. Mike Pound demonstrates how quickly scripts can crack passwords and explains in simple terms what that means –

In 2013 (seven years ago) a security researcher loaded Wikipedia into a password cracking algorithm and found this password “Ph’nglui mglw’nafh Cthulhu R’lyeh wgah’nagl fhtagn” which is a quote from a book by H.P. Lovecraft –
https://arstechnica.com/information-technology/2013/08/thereisnofatebutwhatwemake-turbo-charged-cracking-comes-to-long-passwords/

And here’s a little humor – https://www.youtube.com/watch?v=2tJ-NSPES9Y

Surge Protectors 101: What to do after a power surge.

I was recently on-site at a client’s after they had three power-related outages due to windstorms. In all three outages, a power strip was affected. One surge protector had turned itself off, and two had burned out. (The picture above shows the brown stains from ionized metal and plastic vapors which were caused when the power tap burned out.)
=
While you can’t prevent power spikes, you can make sure that any damage falls on a good quality surge protector rather than your cell phone or computer.  The first step is to ensure all equipment is plugged into a quality surge protector. Electricity will find ANY path to ground, so if even one of your devices is plugged directly into the wall, then the voltage can flow through it into the computer and then throughout the network cabling, potentially damaging multiple devices and systems. A good motto to live by, is “if any equipment is unprotected, all of it is unprotected.” (Please note that “power taps” don’t offer this same level of protection.)  

If you already have a surge protector, check the light on it to ensure the protective parts are still functional. After absorbing a certain amount of damage, the surge protector stops working and turns into a power tap. You will still have the illusion of protection, but if your surge protector doesn’t have an indicator light, or if it is over 10 years old, it is time to replace it!

Here is a review of one option that I recommend which auto-shuts off when it burns through the protection.  To purchase this APC protector, click here

Additional options may also be found at Lowe’s Hardware.

If you are interested in learning more about surge protectors, this is a good article by CNET

Additionally, sometimes people use battery backups for their servers, and even sometimes for desktops.  If you have a battery backup, it makes sense to purchase a spare battery for it so you can quickly repair it when the battery gets used up or stops functioning.

I believe it’s also important to mention that surge protectors are not a solution for all devices. Some devices don’t need surge protection, and some are actually a source of electrical noise themselves. For example, if you plug a space heater, fan, shredder, microwave, refrigerator, or vacuum cleaner (…or really any appliance in general) into a surge protector, it can actually damage the surge protector and reduce it’s lifespan.

This newsletter is meant for informational purposes, but as always, I’m here to support you. Please call me if you would like assistance in selecting surge protectors for your business, or would like for me to review your current power set-up.  

Andy

Check your clipboard!

Do you know who has access to your clipboard?

Smartphone apps are repeatedly reading and accessing your saved clipboard data, which may include all sorts of sensitive information. This privacy invasion is the result of these apps repeatedly reading any text that resides in your clipboards (which computers and other devices use to store data that has been cut or copied from things like password managers and email programs). For reasons that have nothing to do with the services the apps are supposed to provide, smartphone apps as diverse as TikTok and New York Times are pulling personal data from your clipboard in an attempt to spy on your other phone activity.

Initially, these activities had only been observed on iOS platforms, but it is now known that they occur on Android platforms as well.  Regardless of your device choice, it’s a good idea to avoid copying sensitive data unless absolutely necessary, and to clear out the clipboard when you do copy valuable info.  Many of us use the clipboard to copy and paste passwords, while password apps such as LastPass use direct mechanisms. This is yet another reason you should switch to a secure, easy-to-use password management system.Additional information can be found in these articles and blogs:
Schneier Tech Blogs: iOS and Android
ARS Technica Article 
EnGadget Article

This post is meant for informational purposes, but as always, I’m here to support you. Please call me if you would like assistance in clearing your clipboard, or to review best practices for saving data to your clipboard. 
Andy

News About Newsletters…

Staying in touch with your current or potential clients is more important than ever.  Whether it’s communicating new hours of operation, changes in accessing your offices, or any other news about your business is crucial.  However, sending out a newsletter or marketing campaign correctly, and making sure the intended audience is reached, are even more important.  

Based on my research, as well as personal experience with my own clients, I’ve discovered that most people will mark your newsletter or email campaign as spam – rather than unsubscribe – even if they signed up for it (and liked it at one time).  As well, the dead addresses in your distribution lists might be re-animated by GMail, Yahoo or Hotmail in order to catch spammers who still have those addresses in a database.   

One way to fix this is to sign up with both Outlook.com and GMail in
order to claim, or vouch for the legitimacy of your domain. You can register through Gmail to validate your identity, as well as to learn how you can better control your email blasts to ensure that fewer of them end up in the oubliette.

Both these linked articles below are from email marketing companies, but they offer plenty of good advice for people doing a lot of email marketing:

How Spam Filters Work (And How to Stop Emails Going to Spam) [ca. 2018]

Where Do Boring Marketing Emails Go to Die?  [ca. 2016]

This post is meant for informational purposes, but as always, I’m here to support you. Please call me if you would like to discuss the best email campaign options for you and your business.  

Andy

New Billing Policies

Due to the majority of my client support work now being done remotely, I have been forced to change my billing procedures.  For phone support, I previously only charged for calls longer than 15-minutes.  I will now begin billing for phone support after 5-minutes.  Client phone support billing will now be in 5-minute increments instead of 15-minute.  And, any support requiring remote access will be billable from start of call.  Thank you for your understanding of these changes.  Please don’t hesitate to contact me with any questions or concerns.

On another note, I spent some time this weekend on the phone with Comcast to better understand the ways in which they (and other utilities) are helping their customers during the Covid crisis.  My rep at Comcast has helped his small business clients move to smaller office spaces, reduce broadband service levels to cut costs, and has even waived early-termination penalties for business that needed to stop their services altogether.  If you’re interested in learning more, send me an email or call me directly to discuss, as I can offer some good advice on lowering your monthly bill, as well as who to contact at Comcast.

I also have many tools for remote access and remote control support. I recently setup Zoom for my grandma in her farmhouse in rural Wisconsin so she could get more company from distant relatives – all by remote control. If you have family needing tech help, let me know and I can arrange for it!  

This newsletter is meant for informational purposes, but as always, I’m here to support you – especially during these challenging times.  Please call me if you would like to discuss the best options for you and your business to continue to successfully work remotely, and best utilize my services.  

Andy

Scams…again??!!

I know it is exhausting to be constantly viligant about emails, but sometimes you can fall victim to a scam or virus even from trusted senders. 

Unfortunately, it is becoming all too common that you or your business might be sent an invoice, letter or invitation via email – possibly to be listed in a bogus directory, pay an invoice, or to renew your website domain name – that is really a phishing scam.These scams take advantage of the fact the person handling the administrative duties for the business may not know whether any vendor purchases, advertising or promotional activities may have actually been requested.

Many email-based ransomware scams use fake invoices as attachments to infect your computer. As an example, if you receive an unexpected bill from a utility provider, do not open the attachment.  

Using information they have obtained by hacking your computer systems, a scammer posing as one of your regular suppliers will tell you that their banking details have changed. They may tell you they have recently changed banks, and may use stolen letterhead and branding to convince you they are legitimate.

They will provide you with a new bank account number and ask that all future payments are processed accordingly. The scam is often only detected when your regular supplier asks why they have not been paid.Fake invitations will often include a form to be filled out, and ask for your business contact details with an approval signature. You might be led to believe that you are responding to an offer for a free entry, but the form you are asked to complete is a disguised invoice or contract with the amount owed hidden in tiny print.

Some things you can do to protect yourself and your business:

  • Always check that goods or services were both ordered and delivered before paying an invoice, and always read the fine print carefully.
  • Try to limit the number of people in your business who are authorised to make orders or pay invoices. Make sure the business billing you is the one you normally deal with.
  • If you notice a supplier’s usual bank account details have changed, call them to confirm.
  • If you receive a telephone call or ‘invoice’ that comes from a publication you have never heard of, do not pay or give out your details until you have looked into the matter further.
  • Keep written records of your authorisations for advertising or directory entries. If you receive an invoice or a telephone call, you can go back to your records to check it.
  • If you are happy with your current domain name registration provider, simply ignore any other ‘renewal’ or ‘registration’ letters that you may receive from a different company. If you do want to switch domain name registration providers—make sure you know the full costs, terms and conditions of the offer before agreeing.

Recently, one of my clients was forced to format and rebuild their entire infrastructure of 2 servers and 20 laptops from the ground up. They were down for 2 full days, and it took weeks to get back to normal. Don’t get caught, get prepared!

Your New Year’s resolution for 2020:

Upgrading your wireless network…It’s not as painful as joining a gym, and will save you from holiday headaches!

As with other electronics, your network gear has computer chips that need to be replaced every 5 years or so.  But, what usually happens is your network equipment gets put into a dark corner, only to be located again when something goes wrong. 

Small businesses often make the mistake of purchasing wireless network devices the same places a home user would – at Best Buy or Amazon.  Selecting the cheapest solution, i.e. Cisco, Netgear, or TP Link, but not necessarily the right solution, with the quality you expect and need, in a work environment.  

I recommend upgrading to a Ubiquiti unified solution.  Not only is their gear substantially higher quality, but they record and chart the status and history of all the network equipment in your office. With your Ubiquiti equipment connected to their web-based console, you can analyze traffic patterns throughout the day to identify bottlenecks and outages. 

Your business networks need to be able to handle higher traffic, particularly during your busiest times, which is when they are most likely to go down.  In order to help prevent any downtime for your business, I would love to talk to you about how we can upgrade and install your new Ubiquiti wireless network.

STRATEGY & PLANNING

Technology is ever-changing, 
and so is your business.

Which is why its important on a yearly basis to take a longer view of the technology decisions that could help shape the future of your business. 

Annual meetings should be held with your IT professional to plan for technology updates, equipment purchases or system upgrades that may benefit your company. While it may not seem like a traditional time of year for budgetary planning, it’s never to soon to start reviewing your technology needs.  And, Summer is a slower time of year in the IT world, so it gives us time to make well-thought-out decisions on products!  For instance, I can help you plan your phase out of Windows 7 well in advance of it’s end-of-life in April 2020.

I’m heading out of town tomorrow for a short vacation (returning on June 8th), but I will reach out to my clients after I return to schedule your reviews.  

This newsletter is meant for informational purposes, but as always, I’m here to support you.  Please call me if you would like to discuss the best options for you and your business.  

Andy

Ransomware Episode: My 15 minutes of fame on local TV

This past fall, Joe Smith and Julia Anderson interviewed me for their Smart Money TV program at Tualatin Valley Cable Access TV.  Joe and Julia were well informed and presented me with a lot of insightful questions about areas of security including ransomware, backups, passwords and online banking.  It was so much fun.  I have never been interviewed before, but I felt very well-prepared and they were so attentive that I warmed up quite quickly.

If you are interested in a general overview of where you should begin thinking about your network security, I recommend watching my short (18 minute) video interview with Joe and Julia at TVCTV.

Tortoise

Slower than molasses in January?

When you notice your computer is slower than you’d like, then it helps to ask “How is it slow?”  There are three main ways a computer can act slowly and each one comes from a different set of possible sources.

The first kind of slowness is slowness getting started.  If your computer takes a very long time to start or reboot, but once it finishes booting it works normally, this is slowness getting started.  It is typical of older computers with slower or dying hard disk drives.  But it may also be due to a lot of software loading at boot time, such as complex security systems, Adobe down-loaders, backup utilities, Spotify, and so forth.  In bad cases, you may find that it takes a long time to open a program or document but then the computers works normally until it is time to save the document.

The second kind of slowness is slowness on the Internet.  If your computer acts normally when working in Word or other local software, but web pages take a long time to load, this is slowness on the Internet.  It is typical of computers connected to slow Internet connections. But it may appear with certain types of malware infestations.  Ensure you have a top-tier professional-grade anti-virus product, such as Symantec (Norton), ESET, Kaspersky or Trend Micro.

The last kind of slowness is general slowness.  If your computer is slow at everything and particularly slow when there are many programs open or many tabs open in your web browser, this is general slowness.  It it typical of older computers with low RAM, although some types of malware infestations could eat into the RAM in ways that get hidden from the system performance monitoring tools. But this sort of slowness may also appear where the motherboard and other components are starting to degrade.

Those are the three ways a computer can act slowly.  Hopefully this will help you think about your computer performance and how to improve it.  If you suspect malware, try a scan with Malwarebytes Anti-malware.  If that finds nothing, then consult with your local computer technician, and be sure to specify how and when you notice the slowness plaguing you.

Olderposts

Copyright © 2020 Pro Activist Computer Support

Theme by Anders NorenUp ↑