McNeo 3 Posted June 16, 2012 With the constant threat of online security breaches I thought I'd share a few tips and tricks with everyone. Just a little background. I've been working on computers (hardware and software) since I was about 8 years old (16 years ago! :o). I've got over 7 years of real professional experience in the IT field doing help desk, diagnostics, and just pretty much everything computer-related. Now; some of you know, some of you don't: Yes, I am a computer hacker with a legit FBI profile. It was a rough time in my life the occurred nearly 5 years ago, but thanks to that experience and my change in attitude I am now happily working in the legit Information Security field. So, with that, here's my brief rundown of a few very simple things you can do to protect yourself: Passwords Use different passwords for EVERYTHING. This was, if one of your passwords gets exposed, the hacker has access to only that account and no others. "But that's a lot of passwords to remember" you say. No. It's actually very easy... First, make a static group. Example: Use the first 2 letters of your street "Un" for University Ave. Then, choose a 4-digit number: 1234. You know have a very easy to remember string that will be in EVERY password "Un1234" that is still seemingly random and unique. Next, develop a pattern. Example: Use the second-to-last character of whatever you're logging into ("gmail" = "i", facebook = "o", etc). And/Or: Use the length of what you're logging into ("gmail" = 5, "facebook" =8"). So now you have "i5" for gmail and "o8" for Facebook. Finally, combine them. Using a static group and a pattern you will have something that is easy to remember, but it will result in a unique string for everything. Gmail="Un1234i5" Facebook="Un1234o8" xenoGamers="Un1234r0" Steam="Un1234a5" Protips: Incorporate symbols into you pattern by using "*" instead of "8" or "#" instead of "3". Also, mix up the capitalization. Secret questions NEVER answer a "secret question" honestly. A lot of chain-mail friend-to-friend questionnaire things are based on popular "secret question" topics. Also, a lot of those questions can be answered after just a few minutes of online research. Instead, stick with a pattern or unique phrase that you'll remember in case you do forget your password. Example: Pick a phrase and a number. If your phrase is "See Jim jump" and your number is 5, you could answer all "secret questions" using the 5th word of the question. If the question is "What was your favorite teacher?" then your answer is "see jim jump teacher" This way, you can choose unique secret questions for everything, and have unique answers, but still be able to easily remember the answers, without actually answering the question. Use two-step verification Google (gmail) and Facebook are two of the major sites I know of right now that offer two-step verification. Basically, how it works, is if you log in to your account from an unknown or unsaved device it sends a text-message code that you must also enter. Once you enter the code you can choose to save the device (which I recommend for home computer only). Once the device is saved you won't need to enter the extra code when using THAT device, but all other devices will require the extra code. This way, even if someone does somehow get your password, they can't log in to your accoutn without having physical access to your cell phone. Privacy Set your accounts to private. I don't care if you're the "cool kid trying to show off" or the horny teenager looking for a girl to bang. Only share your info with trusted friends. Even I have plenty of Facebook friends (and family!) who are "acquaintances" so they can't see all my info. If you want them to have personal info they should be enough of a friend that they can just ask or you can just give it to them if the need it. Change it Change all your passwords and secret questions/answers every 6 months. Once you develop the skill of making patterns as described it's really not that much work to come up with new stuff. Keep a handwritten hard copy of your "pattern" just in case you forget. For the password example previosuly mentioned, I would write "First two of street + 1234 + second-to-last-lett + length". If anyone stumbles across that slip of paper they'd have no idea what they're looking at, but you'd know what it means and recognize it as you password pattern. Don't be afraid I've shared a few things here to help you secure yourself, but I don't want to scare you. Typically hackers are out there for some sort of personal ordeal, or to merely affect a large number of people. Most hackers who are interested in stealing information are going to go after businesses, banks, etc. where a lot of information can be gathered from one breach. Getting info on one person typically isn't worth the risk unless it's something personal. If you're smart about what you do, you're actually surprisingly safe on the internet. McNeo out. Share this post Link to post Share on other sites
Angrehorse 3 Posted June 16, 2012 Request for sticky @Aegean! Share this post Link to post Share on other sites
SniperPenguin 0 Posted June 16, 2012 That is very helpful and thanks for sharing McNeo! Share this post Link to post Share on other sites
MuffinMonster 4 Posted June 16, 2012 Well, now I feel like an idiot having every password for every website being the same thing except for paypal. Share this post Link to post Share on other sites
Dazon 0 Posted June 16, 2012 Request for sticky @Aegean! I agree Share this post Link to post Share on other sites
MineCrack 62 Posted June 17, 2012 Maybe you should go into detail on malicious programs people might use to hack you? Also include dangers on the web (Drive Bys/Exploit kits). Share this post Link to post Share on other sites
