Skip to main content

You've been Pwned!

Another day, another data breach. Emails, passwords hacked and put online for sale. The breaches have become so common that we don't pay attention anymore. Old news. Yawn. You get an email asking you to change your password. You go to the offending website, change your password and then forget about it - feeling safe in the knowledge that you've protected yourself from those fiendish hackers.

But wait. That's not nearly enough.

Ask yourself - do you use the same email and password combination on any other site? What about that cheepo.com service you signed up for 3 years ago using the exact strong password as your bank website?

The email didn't mention that, did it?

Here's the problem. Anyone can take your email and password combination and use it to get access to your secure bank website. "Hello sir/madam, welcome back. Take all you want. It's been great doing business with you. Bye".

So what can you do about it?

First, find out if your account has been compromised in a data breach.  Head over to the free service Have I been Pwned and test all the emails you use to log into websites. If any email has been compromised - you know that you will need to go to every site with the same email/password combination and change your password.

Second, make a list of all the sites you use. Update the passwords now. If you must use the same password on multiple sites (because you just can't remember all the different passwords you have to use) - then separate the sites by category - like finance, media, social etc. - and then use a separate strong password for each category. Unfortunately some sites insist on fixed length passwords which can limit your options.

Third, if the site is using two-factor authentication (2FA) - then use it. That will ensure that a breached password won't be enough to log in on its own.

Finally, start using a secure password manager like 1Password - a family account is cheaper per month than a Starbucks fancy mocha - and worth every penny if any service provider your use is compromised in the future.
If that proves too expensive, Google Chrome has a new strong password generator feature. If you let Chrome create the strong password, and Google sync is turned on - the password will be available from any Chrome browser you log in with.

Comments

Popular posts from this blog

How to get the BBC iPlayer running when you live outside of the UK

(subtext: Get the World's most famous detective on your favourite browser)

The new series of Sherlock has started on the BBC. If you live outside of the UK and you are too impatient to wait for your local TV content provider to host it for you - then fear not !! These simple instructions will get you up and running. In addition to the iPlayer you can access most of the other UK TV channels using the same method. Note: you can use the same method to access content in other countries - such as Hulu in the U.S.

How it works:  In simple terms, the BBC iPlayer, like other players, perform a check to determine whether your internet access is originating from the UK.  So the trick is to ensure that your access to the BBC website will originate from the UK.



First you are going to use a free piece of open source software that was designed to keep your internet access anonymous. You will add a setting that will ensure that the software makes use of servers in the UK whenever making requests…

Create an Alexa Skill for your Amazon Alexa or Echo Dot

So you've bought an Alexa Dot and you want to create your own voice app - but you are wondering how difficult is it to build, how do you build the app and how much will it cost to run?  If you have basic programming skills then building the application is really easy. If you have written a function or script in Microsoft Excel or Google Sheets - then you can build an Alexa voice app. I'm providing all the basic stuff you need to get started ...

Note: This post is not intended to give you an exhaustive guide to building a skill. Instead it aims to give you the overview to get up and running quickly. Amazon provides a build-it-yourself walkthrough (here), samples (here) and a free course on Udemy (here).  I recommend starting with the free course then following the walkthrough.

How much does it cost ? It costs nothing to build and run a simple Alexa app. $0 / £0 / €0.  Zero.  Furthermore the app is hosted on Amazon's cloud, it's secure, load balanced and managed for you …

Watch the BBC iPlayer and ITV Player when outside of the UK on Ubuntu

This is a follow up to my post of a year ago. The instructions are simpler than last year's post. If you want instructions for the Mac go here.

I re-imaged an old laptop last year with Ubuntu (12.04 LTS).  If you've never tried Ubuntu before, head over to http://www.ubuntu.com/download  to try the latest version. The installation is straightforward and you can install it without affecting your Windows image (if that's what you're running). Not only is this fast (boots in seconds) it also has better support for a wider range of devices - specifically Wifi.

To run the BBC iPlayer on Ubuntu, do the following...

Step 1: Download tor from this site : https://www.torproject.org/.  The download button should detect your operating system. For Linux the direct link is here. Alternatively you can use the command line and enter sudo apt-get install tor.

Step 2: Unpack the tor tar.gz file. Open the folder that was extracted. On my machine it's called 'tor-browser_en_US'.…