Auto Complete Passwords: Safe or Dangerous?

a computer screen with green and black numbers on it

Auto-complete for passwords is a feature commonly used on browsers today. It is a mechanism that allows usernames and passwords to be automatically entered into a web form. Only around 20% of US internet users have unique passwords for each online account. Many people have to manage dozens of different passwords and see auto-fill as a convenient feature that cuts down on time. Others use a dedicated application to manage passwords outside of the browser. However, this is much more dangerous than many realize.

A hacker can easily trick the browser or program by placing an invisible form on a compromised web page. 

MARKETERS TRACK TOO

Surprisingly, this is not only done by hackers. Digital marketers often deploy this trick to track what websites users visit. Both AdThink and OnAudience are known to do this. Their goal is gathering data for marketing purposes, but IT professionals warn it would not be hard for them to steal passwords as well. 

ONE EASY AND EFFECTIVE WAY TO IMPROVE SECURITY

It is quite simple to disable auto-complete in a browser. Most browsers allow easy access to privacy settings and users can disable auto-complete within a minute. Below are instructions to accomplish this. 

For Chrome users

Go to the Settings window, go to Advanced, and then disable under Manage Passwords.

For Firefox users

Go to the Options window, click the Privacy tab, then under the History heading, select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”

For Safari users

Open the Preferences window, select the Auto-fill tab, and turn off all features related to usernames and passwords.

 Unfortunately, this is just one way hackers can get your information. Modern organizations with advanced technology require more managed measures against hackers.  

Contact us today at BluWater Tech for around-the-clock security assistance.

Auto Complete Passwords: Safe or Dangerous?

a close up of a wall with many different types of words

Auto-complete for passwords is a feature commonly used in browsers today. It is a mechanism that allows usernames and passwords to be automatically entered into a web form. Only around 20% of US internet users have unique passwords for each online account. Many people have to manage dozens of different passwords and see auto-fill as a convenient feature that cuts down on time. However. others use a dedicated application to manage passwords outside of the browser. However, this is much more dangerous than many realize.

A hacker can easily trick the browser or program by placing an invisible form on a compromised web page. 

MARKETERS TRACK TOO

Surprisingly, this is not only done by hackers. Digital marketers often deploy this trick to track what websites users visit. AdThink and OnAudience are both known to do this. Their goal is gathering data for marketing purposes, but IT professionals warn it would not be hard for them to steal passwords as well. 

ONE EASY AND EFFECTIVE WAY TO IMPROVE SECURITY

It is quite simple to disable auto-complete in a browser. Privacy settings in most browsers can be easily accessed and auto-complete disabled within a minute. Below are instructions to accomplish this. 

For Chrome users: Go to the Settings window, go to Advanced, and then disable under Manage Passwords.

For Firefox users: Go to the Options window, click the Privacy tab, then under the History heading, select “Firefox will: Use custom settings for history.” Then in the new window, disable “Remember search and form history.”

For Safari users: Open the Preferences window, select the Auto-fill tab, and turn off all features related to usernames and passwords.

 Unfortunately, this is just one way hackers can get your information. Thus, modern organizations with advanced technology require more managed measures against hackers.  

Contact us today at BluWater Tech for around the clock security assistance

Computer Tip Of The Day: Using Two-Factor Authentication

a person is typing on a computer keyboard

Two-factor authentication can provide your workplace with an extra foundation of security. It requires extra information beyond just a username and your password to access computer accounts.

Two-Factor Authentication for Emails

Two-step authentication will require a combination of a username and a password, in addition to an extra piece of information that includes a security code that will be sent to a mobile device. Adding an extra layer of security to an email account is one of the biggest improvements that can be made.

Workplace Social Media Accounts

We are aware of how popular social media accounts are in the business world, especially due to their ability to attract customers from across the world. It is important that the proper steps are taken to secure social media sites. Two-step authentication can also be used to secure social media accounts.

It is very important to always be cyber aware, even if you find it to be an inconvenience. The extra steps you take to secure your account can be the difference between having a successful business and a business that fails because it was not properly secured in the online world.

If there are various online accounts that need to be managed, it is greatly important that you take the proper steps to secure online accounts, customer data, and other vital business information.

Two-factor authentication will generally include one or more of the following:

  • One of your physical characteristics, such as your fingerprint.
  • A one-time security code that can be sent to your mobile device or email address that you will enter after you have entered your username and password. The login process will not be completed until the security code has been entered.
  • Another layer of security that can be used for identity verification is challenge questions. When choosing challenge questions, we encourage you to choose questions that may be difficult for others to answer. Avoid choosing simple challenge questions that hackers can find answers to by searching online, especially on social media.

Two-factor authentication is becoming a popular choice for many account holders in all industries. Contact us today for more information on two-factor authentication and how you can become more cyber aware.

Best Security Practices for Good Password Protection

a computer screen with the word security on it

Best security practices: Computer security is crucial. Depending on your business, you may have security measures that are required by law for the protection of personally identifiable information, but you need to ensure your information’s protection regardless of the surrounding statutes. Get antivirus programs, secure your building physically, and have good password management. Here’s how to securely take care of the latter:

Train your employees on good password strategies. 

Most people know not to use Password123, but after that, there’s not a lot of education about best practices. Require a full range of alphanumerical and special characters, and make sure the characters are randomized instead of individual words. A general strategy is to pick three random words from a book or article that have no significant meaning: the words are linked together in the user’s mind to make them easier to remember but make no sense to potential hackers. Even then, it can be difficult to remember these passwords, so have your employees combine them with two-step logins or a secure keylogger.

Set a mandated schedule for updated passwords. 

Even employees with the best of intentions won’t stay up-to-date on a self-regulated schedule for replacing passwords. Instead, link the profiles together and require password changes every 30-90 days. This works even better if you add a setting to prevent recycled passwords.

If your network has mobile access or a two-step sign-on involves using a phone, use software that makes employees password-protect their phones. 

Most people already have passwords on their phones, especially since they have credit card information. But make it a requirement so no one can steal an employee’s phone and get access to your system.

Passwords are the most universal form of security in business but they can also be the weakest. Make sure your employees use strong passwords and choose new ones regularly. For more computer tips and IT support, go to Bluwater Technologies here.