Ok..so I’m using complex passwords so we’re all good, right?

Nah. You’re on the way to being a lot more secure than you were when you were using the same password across all web sites but you’ve not completely reduced the risk.

Add A Little Extra To Your Authentication….


There are two elements that you use to log onto most websites; your username (typically email address) and a password.  So after reading my last blog you’ve changed all your passwords but it’s still possible that someone has managed to get it through a hack or social engineering.  You can add an extra layer to that authentication by introducing 2 Factor Authentication (2FA).

2 FA for most websites comes in the form of introducing your mobile number phone in the process.  You log onto the site using your username and password which then prompts the site to send you a text with a code.  You enter this code on the website to verify it’s you and then the device you’re using is now authorised.

This means that to impersonate you the hacker needs access to your mobile to intercept the text message.  It’s not impossible but it’s a lot harder.  I’m guessing if there is a hacker out there with the technology to get username, password AND text messages then you’re probably James Bond and the Chinese government are after you.

Not all websites use 2 FA but most of the major social media and email accounts do.  For instance, if you’re using Facebook, Twitter and Instagram then I suggest you set it up.  Likewise, if you’re using Gmail or Yahoo email and of course you don’t want anyone stealing your hard earned cash through Amazon.

The 2 Factor Auth List is a great website that lets you know whether a web site utilises 2 FA and also points you in the right direction on how to set it up.


What Else Can I Expect From This Blog?

Over the coming weeks I’ll cover such topics as:

  • Securing your personal information assets through backing up
  • Protecting yourself from viruses and attacks
  • Wifi networks….are you sure they’re secure?
  • How to protect your hard drives if they are stolen

If you’d like me to cover another topic then give me a shout!


Passwords…..My Complex Password Will Keep Me Safe, Right?



Ok, so you’ve added a a number or even a bit of punctuation (!*@) to your password and you feel smug knowing that no hackers going to get the better of you. Right? Wrong!

The thing is, that complex password you’ve used is really hard to remember so you’ve used it on Twitter, Instagram, Facebook, Amazon, Moonpig and that dodgy dating site you joined up to years ago.  So here’s the problem, we entrust all these websites to look after our personal information, our data assets and some do a better job  than others but you don’t know how they store your data or how or whether it’s encrypted. If you’ve ever clicked on a Resend Password button on a website and it’s sent it back in an email in clear text then you’ve got to question whether they are storing the password in clear text. If they are that lackadaisical with security then it won’t be too much effort for a hacker to get your password.

Now the hacker has your password and your login details, probably your email address. The same 2 bits of information that, when put together, will allow access to Twitter, Instagram, Facebook, Amazon, Moonpig and that dodgy dating site you joined up to years ago.  You need a separate complex password for each account.

I’ve Got 70 Online Accounts – I Can Hardly Remember One!

Creating and remember 70 complex passwords that don’t follow a pattern is some mean feat.  The way to remember them is to use a Password Manager. Password Managers are encrypted databases that can store passwords, create complex ones and interact with your browser so that they auto-login in for you. Typing and remembering the password is a thing of the past.

There are several out there however the one I would recommend is Dashlane mainly for its simplicity and easy to navigate GUI (graphical user interface). I installed it first on my desktop PC and then on my iPad and Samsung S7 and then laptop. The first time I used it the software found several websites that I routinely use and automatically entered their passwords into the database.  The security dashboard then told me how insecure I was.  It pointed out where I had really weak passwords and which websites I had re-used the same password, which was too many for me to admit here. I then set about changing my password on all these sites with the help of Dashlane creating a long and complex password. Eventually and after a couple of hours I had changed the amber warning alert to a nice green tick which informed me that all my passwords were strong and not re-used.  I feel a lot more comfortable about my online presence now.  If a website that I use gets hacked then I’m confident in that the damage is limited to only that single site.

There Is A Catch Though…..You Still Need To Remember A Password…

le-tiss-3Meh. Thought you escaped? Nope.  You still need to remember at least one complex password and that’s the one that allows you entry to the Password Manager itself. It’s got to be complex and it’s got to memorable so you don’t forget it. Write it down and store it in a black book, share that password with a trusted family member but don’t forget it.

Don’t choose something that can be easily guessed.  As I’m a #saintsfc fan I could choose something like LeTissier7 as a password but everyone knows I’m a fan of the club as it’s mostly what I talk about on Twitter so it wouldn’t be too hard to guess.

I suggest using a pass phrase. A phrase that when you put the first letter of each word together that will be your password.  For example:

Matt Le Tissier scored the last goal for Southampton at The Dell against Arsenal in 2001!



A bit long and very complicated but that does the trick!


If you want to try Dashlane then give me a shout and I’ll refer you.  Although it has a free version my referral will get you 6 months free of the Premium service which has more functionality such as synchronising across all devices.