Many people think it's hard to have a good password because it should be complicated and, as a result, hard to remember. When you create a new Google account, you can read some nice tips that prove you can create a strong yet memorable password.
* Include punctuation marks and/or numbers.
* Mix capital and lowercase letters.
* Include similar looking substitutions, such as the number zero for the letter 'O' or '$' for the letter 'S'.
* Create a unique acronym.
* Include phonetic replacements, such as 'Luv 2 Laf' for 'Love to Laugh'.
And some things to avoid (that could be summarized as: don't use passwords that are easy to guess).
* Don't use a password that is listed as an example of how to pick a good password.
* Don't use a password that contains personal information (name, birth date, etc.)
* Don't use words or acronyms that can be found in a dictionary.
* Don't use keyboard patterns (asdf) or sequential numbers (1234).
* Don't make your password all numbers, uppercase letters or lowercase letters.
* Don't use repeating characters (aa11).
And, of course, the obvious: "never tell your password to anyone (this includes significant others, roommates, parrots, etc.), never write your password down, never send your password by email."
So, the next time when you create a new passwords, think of a quote you like, an old saying (maybe not in English or your native language), use punctuation and replace some letters with similar digits or other characters. You can also use short forms for some of the words.
There are many places where you can test show strong a password is. One of them is available if you go to Google.com, sign out and then click on "sign in". Choose "create an account now" and type your password. Google will indicate you if your password is strong, fair or weak. Then you can use the password wherever you need it.
If you can't come up with a new password for each new site you sign up, at least try not to use the same password you have for your mail account (many people sign up using the email address: myemail@yahoo.com and choose the Yahoo password). If that site has security problems and your account is compromised, your Yahoo account will be compromised as well.
Also, be aware that most browsers offer to store your passwords, so they can auto-complete them. Many times they are not stored securely and anyone who has physical access to your computer can find the passwords (for example, go to Firefox > Tools > Options > Security > Show passwords > Show passwords again). That's why it's a better idea to use password managers like Password Safe, KeePass, RoboForm, that store your passwords securely and can manage any kind of password. In Firefox and Opera you could also use a master password, but there are commercially tools that can recover master passwords.
A small summary and some other tips:
* create strong passwords that mix digits, punctuation, capital and lowercase letters by thinking at a memorable quote and making some replacements or using acronyms
* don't share your passwords with anyone
* don't use the same password for all your accounts
* try not to use the built-in password managers from your browser. Use safer tools, if you really need a password manager.
* change your password from time to time
* try to stay away from sites that don't use secure authentication (look for https in the address bar)
* sign out when you finish a session
Do you have other ways to keep your passwords secure?
Source:http://googlesystem.blogspot.com/2007/03/keeping-your-passwords-secure.html
Friday, July 3, 2009
Google Update Always Running in the Background? Not Anymore
Google open source blog informs that the google update the software used by Google Chrome and other applications for automatic updates, no longer runs in the background. "Until now, Google Update would always run in the background, functioning primarily as a reliable scheduler performing update checks at periodic time intervals. With today's release, Google Update now uses the Windows Task Scheduler to only run at periodic intervals."
I've checked the Task Scheduler and I've found that Google Update runs every hour. You can change how often it runs and even disable the task, but I'm not sure if other Google applications change your settings. "If this task is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This task uninstalls itself when there is no Google software using it," explains Google.
Since Google Chrome is regularly updated, it's not a good idea to disable the updater, thinking that you'll install the new versions manually.
The first good news is that you'll no longer see googleupdate.exe in the list of processes when you open the Task Manager. The second good news is that Google Update's team listens to users and constantly improves the software: Google Update is now open source and administrators can disable it using the Local Group Policy.
http://googlesystem.blogspot.com/2009/07/google-update-always-running-in.html
Wednesday, July 1, 2009
Google Tool Bars Improved Web Translation
Google Translate can be used to translate many web pages, but you can't use it for pages that require login and for Ajax-powered web applications. You won't be able to translate a Gmail message, a Google Docs document or a Facebook message without copying the text to Google Translate.
I've mentioned in March that Google Toolbar tests a translation feature that extracts the text from any web page and translates in real-time. The impressive feature is now available in Google Toolbar 6 for Internet Explorer and it works extremely well.
http://googlesystem.blogspot.com/
By default, Google detects when a page is not in English (or another preferred language) and it offers the option to translate it. Language detection doesn't send text from the current web page to Google's servers, but you'll need to send the text when you translate the page.
"When you visit a webpage in a different language than your Toolbar, Toolbar will display the translation bar near the top of your browser window and ask you if you'd like to translate the page. Click Translate to translate the page, or click Translate on your Toolbar. Click Show original or the x icon to close the translation bar and view the original webpage. If you change your preferred translation language, Toolbar will remember your language preferences and use them when translating pages in the future," explains Google.
Tuesday, June 30, 2009
New Google study on speed in search results
Googler Jake Brutlag recently published a short study, "Speed Matters for Google Web Search"which looked at how important it is to deliver and render search result pages quickly.
Specifically, Jake added very small delays (100-400ms) to the time to serve and render Google search results. He observed that even these tiny delays, which are low enough to be difficult for users to perceive, resulted in measurable drops in searches per user (declines of -0.2% to -0.6%).
Please see also my Nov 2006 post, "Marissa Mayer at Web 2.0", which summarizes a claim by Googler Marissa Mayer that Google saw a 20% drop in revenue from an accidentally introduced 500ms delay.
Update: To add to the Marissa Mayer report above, Drupal's Dries Buytaert summarized the results of a few A/B tests at Amazon, Google, and Yahoo on the impact of speed on user satisfaction. As Dries says, "Long story short: even the smallest delay kills user satisfaction."
http://glinden.blogspot.com/2009/06/new-google-study-on-speed-in-search.html
Specifically, Jake added very small delays (100-400ms) to the time to serve and render Google search results. He observed that even these tiny delays, which are low enough to be difficult for users to perceive, resulted in measurable drops in searches per user (declines of -0.2% to -0.6%).
Please see also my Nov 2006 post, "Marissa Mayer at Web 2.0", which summarizes a claim by Googler Marissa Mayer that Google saw a 20% drop in revenue from an accidentally introduced 500ms delay.
Update: To add to the Marissa Mayer report above, Drupal's Dries Buytaert summarized the results of a few A/B tests at Amazon, Google, and Yahoo on the impact of speed on user satisfaction. As Dries says, "Long story short: even the smallest delay kills user satisfaction."
http://glinden.blogspot.com/2009/06/new-google-study-on-speed-in-search.html
Sunday, June 28, 2009
Google Account Recovery Via SMS
Google added a new password recovery option: you can now associate a mobile phone number with your Google Account and Google will send a recovery code by SMS.
"Since most people use cell phones these days, we decided text messaging would be an easy, convenient addition to our password recovery options. To set up password recovery via your mobile phone, just sign in to your account and click Change Password Recovery Options. Enter your mobile phone number and current password and then click Save. If you lose access to your account for any reason, you'll be able to regain access by entering a code we'll send in a text message."
For now, the options is only available in the US, so you need to use a us proxy to see it. Google also updated the password recovery settings page to include all the account-recovery options: secondary email addresses, text messages and the security question.
Subscribe to:
Posts (Atom)
