password safety

A large percentage of the population are android OS based smart phone owners, well that is because its user friendly or is it just a trend. Well that’s for you to discover.

But have you ever wondered; which android lock screen method is the best? Never crossed your mind? Well it should be your concern amidst this fast paced technology wave because your smart phone some way somehow its part of you and it’s your life.

Patterns, PIN codes, passwords, fingerprints, voice sensors...of course you have made a choice of your favorite android lock screen method but is it SAFE? Let us discover the strong and weak points of each of these methods.

PIN number

Well if you fall in this category and your thinking no one will ever guess, think again! PIN numbers are a classic weak points. Let’s face it, most of you use a length of 4 or 5 digits( birthdays, birth years, quadrat 0000, or 4444) otherwise more than those (since it takes a maximum of 17 digits) will take time unlocking your phone if at all you do not forget them thus we end up using 4 or 5 digits; TRUE or FALSE?
Word of advice, never use numbers connected to you personally like credit PINs,. So think simple but effective when using your digits.

Passwords

I gather that most of us have email accounts that when initially creating them you’re prompted to have a complex password. Simple yet complex and by that I mean a mix of capital letters and small ones plus numbers and special characters. The bar will light green indicating strong password and you’re good to go. Well you’re all good till when you forget the password. Complex passwords are hard to remember thus we resort to something personal to you like a name or number a place. Again this makes it easy for a password to be cracked or rather hacked.

password safety

Long complex passwords also take a long time typing in your phone that is why people resort a short pattern that would just draw or simple letters to punch in. I mean this kind “R3cAled#” compared to drawing a “Z” on the screen; it even takes time to create cause you have to put some thought into it. Wikipedia advises that creating gramatically correct sentences is one way of having strong and easy passwords for example “twenty 16 is a year of GreAtness”. I came up with that but had to put a lot of thought into the sentence I wanted.

My word of advice…. I got nothing because personally I would not be in this category. So do what Wikipedia advises

Point pattern

password safety

Most used, most popular and above all easiest to remember and easiest to crack that is because you and a stranger over there might have the same pattern. An easy peek while somebody is drawing a pattern is enough to master it especially if you left the visible lines of your pattern. Patterns can be arranged in a grid of 3 x3 with a minimum length of 4 points and maximum being 9 points. The possible number of patterns is 1,624 if 4 points are used and 140,704 if 9 points are used.

The best and abstract patterns have 7 or 8 points unlike the easy ones like Z or L. And again the reason why it’s easy to hack this despite a small peek while somebody is drawing , oily fingers or finger smudges easily give away thus easy to trace the unlocking path. (Check out smudge attack).

Fingerprint

password safety

Fingerprints are unique even those of twins or your very own similar index fingers. They will never ever be the same. This security measure is durable unique and complex enough. The best part is you do not have to memorize because the phone does that for you in order to identify you and the time used to unlock, just a few seconds.

This is good until when the sensor becomes unreliable then you are locked out of your phone and then we are back to the previous measures but not to worry always set an alternative measure just in case the sensor becomes unreliable.

Smart Lock

Google introduced Smart Lock for Android 5.0 and up Smart Lock, intelligent unblocking systems that "read" the situation to know if you need to unlock the device or don't. If you have Android 5 or 6, you can activate Smart Lock from the Security settings. Now this is what I refer to as a smart phone being smart and brilliant. Knowing what I want or do not want. Could life get any better with technology? Duh!! Of course it will and it is happening

password safety

Its working is simple: you can establish places, Bluetooth devices (such as a smart watch) and situations when you don't need to unlock the screen. You can also make Android detect your face or voice so it knows that the owner is present but can be easily attacked if a malicious person takes control of your devices or threatens you. That's why payments via Android Pay mandate the use of traditional codes.

All in all every lock screen has its weak spot and it is entirely up to you to ensure that you try to understand them and have your phone secured by avoiding weak codes, sharing passwords, making sure people around you don’t pry while your drawing your pattern (otherwise master drawing it without looking and no one can tell that your drawing….that would be cool). Be cautious and create unique and easy to remember codes, PINs (more than 4) well-chosen and difficult to remember

wordpress security

WordPress.com has published a blog post informing their users that they've decided to utilize the Let's Encrypt project - a free service that makes it fairly simple to add HTTPS to your website - to add HTTPS to every website with a custom domain hosted on their platform. The emphasis is on custom domains because for the last couple of years, any of their users utilizing a subdomain under the wordpress.com domain already had HTTPS enabled.

Secure EmailA new proposal has been submitted to the the Internet Engineering Task Force, a major internet standards organisation. The proposal, which had input from engineers working at Google, Yahoo, Comcast, Microsoft, LinkedIn, and 1&1 Mail & Media Development, will ensure emails are encrypted before they're sent. If the destination doesn't support encryption or their certificate is invalid, the email won't be sent and users will be told why.

Most emails that are sent today are sent in plain text using SMTP. This offers no protection against man-in-the-middle (MITM) attacks, meaning a hacker could easily read your messages. SMTP STARTTLS tried to address the need for encryption but is not widely used and has numerous flaws. In addition, users get no warning when an email they're sending falls back to using plain text.

android malware

Researchers working for the ESET security company, have uncovered a new trojan that’s targeting Android users in Australia, New Zealand and Turkey. The malware is trying to steal important login information for major banks and financial institutions, and then steal money out of those accounts.

Yesterday security researchers at ESET announced they were tracing a new type of malware that’s quickly spreading across Android devices. The piece of software originally gets on users’ phones by masquerading as Adobe’s Flash Player.

Once installed, the trojan looks for financial institution apps that may be installed on the user’s device. These include the major bank chains available in Australia, New Zealand and Turkey, as well as few social apps likes Skype. Once it identifies these apps it downloads fake login screens for each of them from its control and command (C&C) server.

apple

Apple Inc customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks Inc told Reuters on Sunday.

Ransomware, one of the fastest-growing types of cyber threats, encrypts data on infected machines, then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data.

Security experts estimate that ransoms total hundreds of millions of dollars a year from such cyber criminals, who typically target users of Microsoft Corp's Windows operating system.

Palo Alto Threat Intelligence Director Ryan Olson said the "KeRanger" malware, which appeared on Friday, was the first functioning ransomware attacking Apple's Mac computers.

"This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom," Olson said in a telephone interview.

An Apple representative said the company had taken steps over the weekend to prevent attacks by revoking a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macs. The representative said he could not immediately provide other details.