You are here: Home / Blog

The Perils of Passwords

January 25, 2010 By Regina Fried Leave a Comment
safe

One of the most popular articles in last week’s NY Times was “If Your Password is 123456, Just Make it HackMe.” You’re probably laughing right now, but take a look at the article, and you might stop laughing when you realize that your favorite password — the one you thought was so clever — is actually on the list of most popular passwords.

There’s no question why we choose easy-to-remember passwords, even when we know we shouldn’t. Now companies are forcing us to choose something a bit more complicated than, say, “password” (number 3 on the list). Recently Twitter banned subscribers from using 370 of the most popular passwords. You can see a list of banned passwords here. Security experts have lots of advice on how to choose passwords; see the Times article for some tips and browse the comments for reader suggestions. At the least you should follow this advice:

… bowing to the reality of our overcrowded brains, the experts suggest that everyone choose at least two different passwords — a complex one for Web sites where security is vital, such as banks and e-mail, and a simpler one for places where the stakes are lower, such as social networking and entertainment sites.

One tool that can help is the Secure Password Generator located at PC Tools, which will generate a random password; there is a secure version located here. Just remember to note the password somewhere so that you’re not locked out of your favorite site the next time you visit.

Photo: rpongsaj

Filed Under: All Things Web Tagged With: security

Tips For Using Twitter

January 19, 2010 By Regina Fried Leave a Comment
Twitter Logo

Still not using Twitter because you don’t understand its value? Is Twitter, “just for people who think they’re so important that the world needs to know what they’re doing every second of the day”? (Thank you, anonymous man who sat behind me the other day as I waited for the movie to start. I hope you don’t mind that I’ve quoted you.) Well, people do tweet about mundane things. But they tweet about important things, too. (I hate the verb/noun “tweet” — but that’s the term, and I’m going to use it.)

Over the past few months, I’ve waded — very slowly — into the Twitter pool, and I’ve discovered that it’s a valuable place to gather information or to connect with people who have interests similar to mine. I’m hoping that using Twitter will help me to promote my business, but I’m not focused too much on that. Because who will listen to what I tweet if all I’m talking about is “Me! Me! Me!”?

So to those of you who are reluctant to join Twitter, here are three ways that I’ve been using it successfully:

  • Ask a Question — need information and don’t want to get lost in voice mail purgatory or wait for an email answer? Use Twitter to ask your question. Chances are the company/organization you’re trying to reach is on Twitter. Chances also are that they’ll answer quickly because they’re there to promote and protect their brand. They want to keep you happy.
  • Ask a Question, Part II — Visiting a new city and don’t know where to stay/eat/go? Thinking of buying a new cellphone and wondering which one to get? Post your question on Twitter, and you’ll get answers from fellow Twitter users who are happy to help.
  • Connect — looking to “meet” people who share your personal or professional interests? Use Twitter’s search function, and find people to follow on Twitter. Contrary to what you think, you’re not the only one interested in [insert interest here].
  • Connect, Part II — attending a conference or symposium? Again, search Twitter and connect with other attendees. The event itself may have a Twitter account. You can make plans to meet pre-conference or trade information about events associated with the conference. Use a hashtag to narrow your search.
  • Complain — Did your favorite company really screw up? Are they ignoring your emails or have you been waiting on hold forever? Let them know via Twitter that you’re unhappy. Don’t be nasty; simply state your case and ask for help. Tweets are public. People can see your complaints. The company you’re trying to reach knows this. They want to solve your problem.

What are you waiting for? It’s time to join the conversation. Sign up for a Twitter account today.

You can find me on Twitter here.

Do you have questions about this post or about using Twitter? Let me know in a comment, and I’ll answer promptly.

Filed Under: Social Media Tagged With: Twitter

Before You Change that WordPress Theme

November 2, 2009 By Regina Fried Leave a Comment
caution

This post straight from the “Do As I Say, Not As I Do Hall of Shame.”

Changing themes in WordPress is so easy. Simply install the theme, activate it, and voila! You’ve changed the look of your site.

But before you hit that “activate” link, there’s one very important thing you should do: deactivate your plugins. Your current theme may use certain plugins that conflict with the new theme you want to use. If you don’t deactivate the current plugins, when you activate the new theme, your site may completely disappear. You won’t see your login page or your admin panel or anything. If this happens, don’t panic. What you need to do is connect to your site and delete the offending plugin(s).

You can connect to your site using FTP or through an interface offered by your web hosting company. Find the proper directory — all plugins are located in the following WordPress directory:  wp-content/plugins — and delete the plugin. If you’re unsure of how to do this, or do not know how to connect to your site, contact your web hosting company and see if they can help. You can also ask for help in the WordPress forums.

Finally, if all else fails, restore your site using the back-ups you made of your database and files. This assumes, of course, that you’ve backed-up your site. You have, haven’t you?

Filed Under: WordPress

How To Tell If Your Website Has Been Hacked

July 8, 2009 By Regina Fried Leave a Comment

In my previous posting, I discussed how users who don’t upgrade to the most recent version of WordPress can leave their websites vulnerable to hacking. But all types of websites can be hacked — not just those built with WordPress.

“If you own or manage a website, you are responsible for that website’s security. Compromised websites can infect visitors with badware, and are commonly blacklisted by search engines, web browsers, and security vendors. Many legitimate websites are the targets of malicious hacking attacks, during which code linking directly to badware is inserted onto an otherwise innocent, but poorly secured, website.” (StopBadware.org)

On a regular basis, all website owners/administrators should check their sites for badware by using these tools:

Hopefully, your website will pass these diagnostic tests. However, if you do find badware, you’ll need to remove it. You can find tips for doing this at StopBadware and BadwareBusters.

WordPress users can find tips on keeping WordPress installations secure at “Hardening WordPress.”

Once you’ve removed the badware from your site, you should request a review of your website from the services that have issued warnings: Google, StopBadware, and/or SiteAdvisor. If you don’t, visitors to your website may see the following warning: “This site may hurt your computer.”

Filed Under: All Things Web, WordPress Tagged With: Google, security, web tools

One Great Reason to Upgrade WordPress

July 6, 2009 By Regina Fried Leave a Comment

If you’re using WordPress, sooner or later you’re going to log in to your site and see this horrifying message: “WordPress 2.X is available! Please update now.”

You might have a flashback to previous disasters with software upgrades (does the blue screen of death ring a bell?) and decide that your site is working just fine thank you very much, and you don’t need to upgrade.

That would be a mistake. I’m not saying you should upgrade the minute a new version of WordPress is released; I usually wait a few days to make sure all the obvious bugs are worked out before I upgrade my installations (one good way to do this is to read what others are saying or complaining about on the the WordPress forums).

But why, if your site is working properly, is it necessary to upgrade WordPress? What about security? Are you concerned about that?

Older versions of WordPress have known security issues. With each upgrade, the folks at WordPress address these problems. But the evil hackers of the world are hoping that you won’t upgrade WordPress, that you’ll keep using the same version you’ve been using for the last 18 months so they can access your blog and install malware.

Now tell me which is scarier:

  • The thought of upgrading WordPress?
  • The thought that someone can hack into your site?

Really, I sympathize because I always feel a little pang of fear before I upgrade any software. But WordPress makes it easy to upgrade with the automatic upgrade (just press the button and go!). Or you can upgrade manually, if you prefer; instructions can be found here.

However you choose to upgrade WordPress, don’t forget the most important rule of upgrading: make a backup copy of your database and your WordPress files before you upgrade. Don’t skip this step. That way, if anything goes wrong with your upgrade, you’ll be able to restore your site.

Filed Under: WordPress Tagged With: security
« Older Posts
Newer Posts »