Tag: HaveIbeenpwned?

Posted on

Prevention and protection from Scams

And so we turn to passwords and online security. I’ve dealt with this at some length previously in a post entitled “Keeping safe online” which I last updated in May 2023, and although much of it is still relevant and most, if not all, of the links are still working, I thought to write something from scratch, rather than do another edit/revision.

I’m going to skip to the content at the end of the article referred to above and pick-up the theme of Passwords, Passkeys and Two-Factor Authentication (TFA).

First-of-all – you want a fright? Try typing your favourite password(s) – you do have more than one, don’t you? – into this website.

Secondly, check to see just how vulnerable your email address might be, using …

Screenshot

… go to haveibeenpwned? – and if you want to know what pwned means, and how to pronounce it, look here. If a service you use is in this list, you seriously should change your password!

Another approach is to use a tool that looks at your “digital footprint” to examine where you might be exposed. Such a tool is this one from Malwarebytes.

So that’s got your attention, right? You really need to deploy/use a Password Manager to hold your passwords – preferably one that is usable/consistent across all your devices. Two such products are 1Password and Dashlane. Both of which get very good reviews.

The alternative to using a Password Manager application is to use the password security offered by your browser. In Apple’s case this is iCloud Keychain – which stores the passwords – with its associated Passwords app; in Google’s case this is Google Password Manager. Both of these now offer support from one ecosystem to the other – so multi-platform users can choose one or the other. Microsoft also offer a Password Manager using the Edge browser, but its features are possibly not as well developed as those of Apple or Google, nor of dedicated password manager applications such as 1Password or Dashlane which score best with users who have a mixture of Microsoft, Apple and Google devices and applications.

And now we have Passkeys. When assessing whether you want to move to a Password Manager, you MUST check that the chosen one supports Passkeys as defined in the FIDO Alliance …

… and the key to its success and inter-operability is its integration with biometric signatures. So Passkeys are the platform for increased and improved internet security and should be welcomed with open arms – for Apple, for Google and for Microsoft.

If a Passkey can’t be employed on your favourite website, or even if they are, you may be asked to use 2FA (two-factor authentication). Using this means that when you’ve typed in your username and password you’ll be challenged to provide a code from a mobile phone, an authenticator app such as Google Authenticator, or go to another app (particularly if its a Google app), and do that extra second step (hence 2FA) to authenticate you are who you are.

We’re entering the passwordless world. It’s long overdue!

Finally, some other links to help you navigate the digital security world.

7 phone apps you need to secure right away – if you value your privacy – this could have formed the basis of an article in itself. It’s important to just check you’re doing the best you can to secure your favourite apps.

Best antivirus: Which? Best Buys and expert buying advice – a review for both PCs and Macs of anti-virus software – of course you could just be relying and using Windows Defender (for Windows) or nothing at all (if on a Mac), both of which are acceptable decisions, which then leads into …

Everything you need to know about cybersecurity basics – an inventory of terms, some with links to free tests, and the option to purchase tools. The definitions of terms are good.

Online learning events from the u3a – especially a recurring event “Staying Safe Online – A u3a Presentation with Q&A”

Posted on

Notes from Zoom Meeting – 23rd April 2020

I thought it might be a good idea (correct me if I’m wrong) if in addition to any posts that might be generated from the meeting – which I was delighted to see 14 members attended – that I wrote a couple of notes about it.

Covid-19: The main topic of conversation was the difficulty in getting deliveries arranged for shielded people. David H related how his wife had only just (after 6 weeks) received a letter to tell her that she should be considered to be vulnerable and thus shielded – we have other members who are also in that category. Anyway, the problem is getting in touch with a Supermarket to get you on the list for priority deliveries. In Wales that’s compounded by the fact that the letter does not contain a NHS number (as I understand it) and yet the supermarkets require that information. Duh!

It would appear in England that those in the vulnerable category are getting free drops of food – even if they don’t want, or need them and it’s impossible to opt out easily. [We have a friend that’s arranged to take them to the local food bank.] It also appears that the supermarkets are responding off the peg so-to-speak and are approaching customers to offer deliveries even if they’re not regular customers and they would prefer their regular supermarket to reach out to them. Again duh!

This is an unfortunate set of circumstances. On the positive side the number of click’n’collect slots from our local Sainsbury’s seem to have increased – even if the alternatives picked off the shelves for us, are not what we would have wanted – how do you interpret a request for an oatcake into a ginger biscuit????

I’ll put this into the Covid-19 Topic – so please comment there and update my understanding – if I’ve got it wrong!

[Update eConsult]: I forgot this when I wrote up the notes at first. Just a quick note for you to see if your GP Surgery’s website has a link to eConsult on it – as well as My Health Online which you can sign-up for to get repeat prescriptions and book appointments … sometimes! Anyway eConsult gets you to fill-in a form that explains your symptoms as best you can, and asks if you have a preferred doctor from the practice who you’d like to ring you back. My experience was that I got a call back within a couple of hours. Really much better for non-serious consultations that you think can be handled without a face-to-face session. I can see that things will never be the same again. I can see that I’ll be asking my doctor to “zoom” me after I’ve first filled in an eConsult referral. Interesting times!

Screen capture on Windows: Apparently there is piece of software called Snipping Tool in Windows that does the trick, here’s an article that shows a number of ways of solving that issue. On the Mac, you can use a combination of key strokes to Copy screens, or sections of screens to the Clipboard, from which you can Paste the contents to a program. Here’s an article that shows you how to do this on a Mac. On an iPhone you can capture your screen and take a picture that goes to your Camera Roll in this way, and can create a screen recording like this, on Android you take a screen shot this way.

Digital HDS Antenna: Well, it appears Christine that the Dragons Den might well have been taken in by this product sometimes called TV Fix, but also DigitalHDS and TV Brite. The reviews are not good. Let’s pass on …

Sharing Notes between iPhones: Yes you can do that Don, and yes it might be useful for creating shared shopping lists – always useful at a time like this – but my recommendation would be to use Evernote which means you’re not restricted to just a Mac, you can use it on a Windows and also from the web, and share notes that way as work on them collaboratively. Evernote has replaced a word processor for most of my notes taking and writing. Gets 5* from me, and I pay for it too now!!

Have I been pwned?: Another use case for this very handy website that tells you whether your email address has been hacked is a check on your password – just click on this link and supply your “favourite” password to see if it’s out in the wild!

Problems with Nest and Google accounts: An issue we couldn’t really provide an answer to. In fact, I had difficulty understanding (not Margaret’s fault, I’m just not familiar with the product). Paul suggested that maybe trying to use a different email account with the device might allow you to get admin rights back. I really don’t understand this, so I suggest that Margaret might put it up as a Topic in our Forum – perhaps someone outside the Group might be able to help?

[Update We will fix your PC]: Forgot this in the first write-up of the notes. I’ve put a “plug” for Neil in the Computer etc. Forum.

Creating a Zoom meeting: I promised to produce a quick video showing how you can Schedule a meeting as a host, rather than just be on the receiving end. Here’s the video.

New website: I demonstrated the features of the new website using the Screen Sharing facility in Zoom. In feedback to this it was suggested that perhaps there ought to be a facility to add a Photograph to a Profile – I promised to look into this. If you have a WordPress account, this gets picked up automatically, but it should be possible to optionally add a Profile picture. I also pointed at the way of creating a Movie using Quicktime Player (goto Method 2) on the Mac. I’m sorry, but I can’t find an equivalent, easy way of doing it on Windows – it must exist!

Finally, by way of light relief, here’s a video I had thought of showing with you at the end of the call. The Project Manager’s nightmare. Enjoy …