It’s probably fair to say that most New Year’s resolutions are not tech-related, but the incidents of hacker activity that seem to be hitting closer to home every day probably warrant a few, especially when it comes to passwords and PIN codes.

While you’re clearing the decks and getting reorganized for a new year, consider whether any of the following are true for you:

  • Your online passwords for websites and your email are all the same
  • Your online passwords haven’t been changed recently, if ever.
  • Your online passwords are short and simple (just letters and numbers)
  • Your ATM card PIN code is the same one you had last year at this time.
  • The answers to your security questions (e.g. “Where did you go to high school?”) are easily guessed or googled.
  • Your online accounts are all linked to a single email address.
  • If you can answer ‘Yes’ to any of the above, let me very politely suggest that you are at this very moment exposing yourself to very real and unnecessary risk.

Death of the Simple Password

Most people will agree with the first three bullet points without too much persuasion. It’s pretty obvious that simple passwords are easily guessed by hackers with fast hardware and sophisticated cracking programs. And if all your passwords are all alike, you’ve made their job of invading and owning your world so much easier. Good passwords follow these rules:

  • At least 8 characters in length.
  • Include a mixture of upper and lower case letters and numbers.
  • For websites that allow them, include special characters like !?_()[], etc.
  • No common dictionary words or terms (love, letmein, 123456, qwerty, abc123, 111111, baseball, etc.)
  • No family names, names of your pets, or birthdays.
The usual mental roadblock to following these rules is a fear that the passwords will be difficult to remember. Thankfully, there are good tools available to help with that (see below), and if you are just a little bit creative you can take words or short phrases that are meaningful to you and just dice them up a bit.  For example, “I love to ski” might become “1L0v32SkeE”.

PINned Down

Unfortunately, there’s not much you can do with the PIN codes on your bank and credit cards except use different ones for each card and occasionally change them. Even twice a year would be better than zero.

Beyond the Password

The danger of simple security questions and linked accounts are a bit less obvious, so let’s look at two short examples to illustrate:

David Pogue is a technical writer for the New York Times. Hackers successfully used his security questions to gain access to his digital world. The questions were:

  1. What was your first car?
  2. What is your favorite model of car?
  3. Where were you on January 1, 2000?

To answer to the first two questions, the hackers merely used Google. They found a blog post David wrote that answered both questions. Regarding the question about Jan 1, they simply guessed “party”, a very logical guess for New Year’s Eve. With that they were in, and by the time they were finished, they had even locked David out of his kitchen iMac.

The problem with linking all of your accounts to a single email address can been seen in the much publicized case of Matt Honan. The salient point from his own personal account was this:

It wasn’t password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions [to gain access to my account].

Essentially, the hacker convinced an Apple customer support person to give him access to Matt’s iCloud email account without answering the security questions. Once inside, it was a simple matter to lock him out by changing his password and then request password resets from his various other online accounts (Twitter, gmail, etc.), all of which all flowed back to his iCloud email address. At that point it was over.

OK, I’m convinced, but what can I do?

The best defense is to be a hard-to-hit moving target, meaning, use multiple complex passwords, and change them frequently. Also, make your security questions are obscure enough that they can’t be easily guessed or googled. These things are very easy to do, but unfortuantely they’re also very easy not to do. Indeed, the reaction I get most often to this is “that’s too much hassle”. Relatively speaking, however, I think we can all agree that it’s a lot less hassle than being hacked. Moreover, there are tools to help you manage it. I use 1Password. It’s expensive, but it’s worth every penny, and it runs on every device you are likely to own, be it Windows, Mac, iOS, or Android.

So while you’re cleaning house for the new year, why not beef up your security. You’re worth it!

0 comments

Have you ever marveled at the knots you’ve seen and wondered both why a certain knot was used as well as how to tie it yourself? Look no further that What Knot to Do in the Greater Outdoors (“What Knot”) by Columbia Sportswear.

What Knot App

Big Idea: Step-by-step instructions for tying knots useful in outdoor activities

Price: Free

Developer: Columbia Sportswear Co.

Quick Take

What Knot is a utility app that teaches you how to tie 72 different types of knots that you might useful (and possibly life-saving) when you’re out hiking, backpacking, fishing, hunting, boating, climbing – anything that uses rope, really. The knots are broken down into the six categories of bends, hitches, loops, bindings, stoppers, and specials. For each knot, What Knot provides some background information on the knot, why and when you’d want to use it, and then 4-5 beautifully done drawings that step you through the tying process. In addition, What Know includes a glossary of knot typing terms and a handy diagram of rope parts to quickly get you up to speed.

Under the Hood

As complexity goes, the app has a very simple and elegant design. It is tab-based, using a set of seven tabs split across two different screens to help you quickly discover and access the features. Navigating between the knot categories and individual knots is done using a pair of standard iOS “wheel style” picker controls. By my estimate, there are over 350 hand-crafted drawings, in addition to rest of the app’s very nice artwork. Check out the “dirty screen” effect the artist has created on the “Into” screen. You’ll swear your phone is smudged, which it probably will be while you’re out in the wild tying knots.

The Good

This app is the latest member of my “Monster Master List” of apps too handy to be without. Clearly, this is the app to have in your pocket if you need to tie real-world knots, but you weren’t raised by wolves, Longshoremen or professional mountain climbers. The explanations and diagrams are simple and clear, and you will be successful in tying these knots in fairly short order, especially if you tend to be visually oriented.

The Bad

The price. But it’s free? Exactly. Kudos to Columbia for not lacing What Knot with in-app advertising, as makers of free apps tend to do, but unlike so many free apps, What Knot actually brings some real value. And that value is worth something greater than zero. Charging nothing for it undermines the value that good software delivers and sends the wrong message. The artwork alone probably cost the developers a small fortune. A drop in the bucket for a Columbia most likely, but not all software comes from folks with deep pockets. Good software is worth paying for. If people become conditioned to getting it for free, there will eventually be a lot less of it available.

The Ugly

None.

Rating

Two-thumbs up!

0 comments

Practical Christmas Tech For Your Mobile Phone Friends

December 13, 2013

Most of us recognize the need for some sort of case for our mobile phones. It’s not a question of if we will drop our phones, but when, and onto or into what. Often the choice ends up being a compromise between what we feel is enough protection vs. what won’t annoy us while we’re [...]

Read the full article →

Seven Questions To Ask Before You Plan Next Year

December 11, 2013

Before diving into setting goals for next year, I think it’s very helpful, if not imperative, to look back over the past year and take stock of how things panned out. Reviewing what happened last year is crucial to making the adjustments necessary to avoid living your own personal Groundhog Day. This year I’ve done [...]

Read the full article →

iPad Air Quick Thoughts

October 24, 2013

I’ve been asked several times today what I think of the new iPad Air.  Here’s my quick take: The Good Same screen size, less weight, and thinner. All good there. Same battery life, which is amazing given it has less space for battery cells. A7/M7 processors. Nearly twice as fast as before and with twice [...]

Read the full article →

Why Your Voice Matters

March 27, 2013

With the total number of titles in the App Store now nearing 1 million, it’s more than a safe bet there are numerous variations of apps that do essentially the same things. For simple proof, I just searched for “to-do list” apps and found 2,144. If I were a developer aspiring to create such an [...]

Read the full article →

The Anti-Purpose of Technology – Are You a Victim?

January 11, 2013

The purpose of technology is to make life better. With certain notable exceptions, man has been developing technology to make life safer and more enriching from the time of the wheel all the way to SpaceshipTwo. Regarding handheld devices however, particularly smartphones, the blessings of technology have brought a curse that deserves some thought. How [...]

Read the full article →

Why You Should Still Buy Paper Books

September 10, 2012

Let me say at the start that I love digital books. In fact, I will probably read over 20 digital books this year. I use the iBooks and Kindle apps across my all my iDevices and Macs. I love the way I can stop reading on one and pick up on another where I left off. [...]

Read the full article →

App Design Lessons From an Old Car Maker

August 3, 2012

Over the years when my father-in-law and I would talk about cars, he would invariably remind me that between Chevy, Ford, and Dodge, in his experience, Chevy had always had the most advanced electronics in their vehicles.True, false, or otherwise, I find myself today driving mostly Chevy products, and having a terminal fondness for gadgetry, [...]

Read the full article →

How to Pick an iPhone App

July 13, 2012

  There are literally hundreds of thousands of apps in the iTunes App Store store (OK, over 500,000 actually). The large majority are games to be sure, but there are also tons of non-games apps that can turn your iPhone or iPad into an invaluable productivity tool that fits you perfectly. Since Apple doesn’t allow [...]

Read the full article →