Open post

Another damn password?!?!?!

One of the most common statements I hear from users is "Another Password??? I hate having to remember all these passwords". I want to give some tips I use for making a good password. What is a good password? Well it was one that you should feel confident enough people cannot guess in less than 3 tries or use a brute force to compromise. There are two basic forms of Brute Force attacks on passwords. The first one is a dictionary attack, a "bot"(automated routine) hits your password field entering basically a dictionary of common words in hopes one will work. The other type of Brute Force involves just hitting a password with every possible combination of letters and numbers. For example; A, then AA, then AAA, then AAAA,  and so on cycling till it gets to ZZZZ or 9999, trying to find every combination to try. Even keeping it simple with 4 digits and using numbers and letters, upper and lower case, it takes a ton of time. To add special characters would even take longer with all the possible combinations. So this is why we like to use a password that has Numbers, Letters in upper and lower case and even special characters.

So this comes to the reason for this post, a way to teach you have to make a secure password you can remember. So the first thing to do is come up with a word that is at least 8 characters you can remember. Could be a word like FLINTSTONES, that reminds you of when you were a child. Now lets make that a complicated password that you can remember. We will start with some simple reworks by retyping it as Flintstones, now it has upper and lowercase letters, but it is still pretty simple. A simple little trick is to change letters into numbers that look like letters. For example i=1(one), or o=0(zero), or e=3(three). If we rewrite it again, it is now Fl1ntst0n3s. OK this is a bit better, but we can go better yet. What special simples look like letters? These are always some of my favourites; s=$, n=^, a=@. Now with these, let us rewrite our password again, Fl1^t$t0^3$. Our password is still Flintstones, so you already know this, but we have just written it with 'bad handwriting'. With these little tricks even your name can become a complicated password. Check out some of these examples; John Smith=J0h^$m1th, your pet even Mr. Cuddles=Mr.Cuddl3$, another one that I do NOT recommend but I will show you as an example is Password=P@$$w0rd(this one is known by a lot of the malicious people out there, although if you were to change that to "I Hate Passwords"=1H@t3P@$$w0rd$" would be a doozy for security. 

Well I hope this little tip helps you feel better about passwords and your security,

@^dy(Andy)

Open post

But it is my name…?

In the past I have always tried to protect the best interests of my clients, and one of the items that I put on the top of my list, is helping them register their own domain name. Many web designers and webmasters, feel it is easier to assist clients by taking ownership of a clients domain name, and in the process add a bit of service fee for that service. I have always been worried that for if some reason I was ever incapacitated indefinitely, anyone can be run over by a bus. So I have always made a practice to help clients setup a domain name with a registrar and they also will pay the renewal fees. Your name is yours, why would want to lose it because of a complication in your web designer/masters life? You maybe concerned about the technical part of owning your domain name, but any person with technical experiencing including a new web designer/master should be able to help you change your settings to push your domain to the appropriate servers. You also now are in a position to change web designers/masters at any time without any obligation, unlike if someone else owns your name.

So the question to a lot of people is how likely is this really to be a concern? Well years ago when I first got into assisting clients with domains, one of my first clients, had a couple who ran a web design company and they unfortunately had started into a messy divorce, and not only had stopped talking to each other, but all their clients as well. There was definitely some struggles and we were able to resolve and move the ownership. Now we jump forward almost a decade later, and some other clients of mine had a web designer/master who became very very sick and kept hoping he was going to recover, but unfortunately he never was able to and passed away. The family had no technical knowledge and his record keeping was not the easiest to follow, and to add to things, he used different registrars here and there with different credentials. Some of his clients I am still struggling to find their domains names to help them move over to their own registrar. So if you think it can't happen, that is like thinking, your computer will never crash and you do not need a backup. Make good backups of your computer and also make sure you are the owner of your domain name, there  is no need for your web designer/master to own your name.