Changing Passwords Periodically Doesn’t Increase Security

Does your organization or some financial website require you to create a new password periodically? This practice was recommended long ago, but some organizations haven’t kept up with current recommendations that discourage such policies. If you’re bound by a password expiration policy, you can use this article to encourage your IT department or financial institution […]

Read more

Help! My Account Has Been Hacked—What Should I Do?

How would you realize that one or more of your Internet accounts—email, social media, financial—have been hacked? (Some prefer the terms “compromised” or “breached”—you may hear them from support techs.) Unfortunately, there’s no telltale warning sign because “hacked” could mean any number of things. Here are some possible indications: People you trust report receiving email […]

Read more

After “Mother of All Breaches,” Update Passwords on Compromised Sites

January’s big security news was the Mother of All Breaches, the release of a massive database containing 26 billion records built from previous breaches across numerous websites, including Adobe, Dropbox, LinkedIn, and Twitter. It’s unclear how much of the leaked data is new, but it’s a good reminder to update your passwords for accounts on […]

Read more

Want to Password-Protect a PDF? Follow These Best Practices

We periodically field questions about password-protecting a PDF to prevent the wrong people from reading it. Lawyers want to ensure that drafts of legal documents don’t fall into the wrong hands, financial advisers want to keep confidential financial information private, and authors want to prevent their writing from being shared broadly on the Internet. Others […]

Read more

What Should You Do about an Authentication Code You DIDN’T Request?

We strongly encourage using two-factor authentication (2FA) or two-step verification (2SV) with online accounts whenever possible. The details vary slightly, but with either one, after you enter your password, you must enter an authentication code to complete the login. Although it’s always best to get such codes from an authentication app like 1Password (which enters […]

Read more

How 1Password Is Designed To Keep Your Data Safe, Even In The Event Of A Breach

In the wake of LastPass’ security incident in December 2022, clients have asked me how vulnerable their 1Password password vaults would be, if the vault were stolen. The short answer is that the vault would be very secure. For more details please check out 1Password’s recent blog post about how 1Password protects your data. Additionally, … Read more

Regain Access To Your Airport or Time Capsule

Have you forgotten or misplaced your Airport or Time Capsule passwords? If so, you should consider using the Soft Reset feature that Apple builds into Airports and Time Capsules. You could also review my previous Tech Tip about retrieving your Airport password from your Keychain which could save you from having to perform a Soft Reset. I should … Read more