Why you shouldn’t save your passwords

 

As a tech who has been in this industry for 10 years now, I’ve come across a myriad of issues I’ve had to fix, ranging from the simple and mundane to the complex and long-standing. Enjoying the satisfying feeling I get from solving the problem, seeing a big smile come across the face of the customer, followed by a big sigh of relief and elation. I’ve noticed one thing that’s always re-occurring. While this is one of the many things that will keep me in business and guarantee never ending work, it’s also the biggest pitfall I see people not take seriously enough. Both techie’s and user’s alike. 

That is saving your passwords. I know it’s convenient and you have lots of passwords for different things to remember, but please understand the slight inconvenience associated with the extra effort it takes to remember and/or safely store said password, pales in comparison to the fallout that occurs when your account gets hacked and your identity gets stolen as a result of your negligence. 

There are many ways to go about building the habit of properly creating and storing your passwords. including ways to remember them. Even though I always suggest memorizing your password’s I know that’s not always an option for everyone. 

1) You can make your password, from a passphrase, a quote, a line from a song or poem, that only you know. Like a favorite cartoon, movie or food item. Anything that helps you meet most password complexity requirements and makes it harder for anyone who isn’t you, to guess it. 

2) Don’t use the same password across different sites or accounts. From online banking and bill pay, to shopping and social media, the last thing you want to do is have one password unlock your whole internet life, that easily. As I always tell friends and family, if someone decides to hack your account, make them work for it, at least.  

3) Store your password in a safe and easily accessible place for you. This can be in a notebook if you prefer the old school approach, a tablet/iPad or any digital note taking app on your phone that can be accessed from your computer/ tablet or alternate device. I reccommend going the digital route as notebooks can be misplaced, and if you don’t find it, there goes your passwords. The digital option is more reliable, as long as the battery isn’t dead. You can also take a picture of the passwords in your notebook, as a middle ground compromise, as well. 

4) Another way to store your passwords is using software that acts as a vault (such as google password manager or bitwarden, etc.) This is a web browser plug-in that saves and encrypts your password and automatically enters it into the website you visit when prompted. This option is highly utilized however I don’t suggest it, because that option is locked down to your device and if you use an alternate device, that your profile isn’t signed into (on that browser) you have to enter your password manually anyway.

The reason I’m so adamant about safeguading your passwords, is because unfortunately data breaches happen very often and you never know when a hacker is trying to log into your account. Enabling MFA (multi-factor authentication) at the bare minimum, in addition to creating stronger, more unique passwords, are required now. Plus that added step gives you a warning of attempted break-in, in the rare event they actually guess your password. I had such an experience recently with my linked in account.  

I received a alert in my Google e-mail, stating a hacker tried to access my account and they were located in germany. Opening my e-mail it asked me if I was trying to log in and asking me to approve that log-in. Obviously I didn’t approve it, plus given the time difference, i’m sure that prompt expired, long before I saw it. Despite the fact that I was “saved” in that instance, I became paranoid, as I had no idea my data attached to that e-mail had been breached. Up until this point only one other e-mail I was notificed was leaked during a company data breach. So how did they even get that far on this account?

I then did a deep dive with my e-mails and Google: I changed all the passwords to all of my accounts, enabled a third form of MFA, and cleared all the old password data and browser cache’s. I was mortified to discover that not only was there data stored in browser settings that I had previously declined for it to be saved. (such as passwords, payment cards, addresses, etc.) but there was even other people’s e-mails and saved data that I discovered in my cached settings.

I saw two people’s e-mail address/ username and password as well as the websites it belonged to, saved in the cached settings. I won’t reveal here what they are, out of respect for their privacy, however I am still not sure how it got there and why it was there all that time. So if I ever had the gumption to log into those accounts and do “damage” for those two people, I wouldn’t have to do any work. The info I needed was waiting there for me. 

That made me question whether these browsers shared that same cached info with other people who also used the same one. My paranoia went into full effect, and I started scrubbing the data from the other browser’s I’ve used to access other data- sensitive websites. Going down that rabbithole, I checked the websites I frequently access to see if any login data was saved. While I have changed how I log into those websites; while exploring pinterest, I saw pins and sections that sold people’s data. 

Yes, on Pinterest, of all places, had pins that were titled “Do you want free netflix?” If you clicked on that Pin, you were brought to a web page that had a list of peoples e-mail address and passwords that if used, you can see if you can log into a netflix account and enjoy that service on someone else’s dime. Netflix has since changed how it’s services work, by preventing anyone from utilizing an account that is outside of the household of the primary account holder. That decision was possibly made from an economic standpoint, as a means of “making” people to get their own account so they can use the streaming services, inevitably it helped secure the accounts of it’s customers, as regardless if anyone get’s their credentials, they won’t be able to use it without paying for it. As they aren’t located in the account holders’ household. 

Google: Case study in business ethics of their suit and data breach

Google: My gmail email is compromised (found out on capital one credit tracker) but that might not be the fault of google as opposed to where they got my e-mail from 

Pinterest: Has a section that’s “selling” and displaying account login and passwords for everything from Netflix to bank accounts, birth certificates and credit and gift cards. Some of these things are expired but the fact that they’re up there in general is bad enough. 

Solutions: Password manager- shaky, it’s cloud based but if it opens all your stuff is in there. It can scramble passwords but if you have to enter your stuff elsewhere you don’t know it.

Notebook- can get lost, the ink fades, have to remember to look for that book

Tablet- You can save it in a digital planner if you have a tablet or phone that you use for everything- safer- but must be used and battery charged efficiently to use it. (Utility wise)

Regardless of that do these solutions as well: 

-Create passwords based off of events in your life. Things that are near and dear to you, it’s harder for people to guess such minute/ minuscule information, but easy for you to remember

-Change your password syntax regularly. It doesn’t have to be a major change, just capitalize what was once lowercase, change the symbol you used last time and/ or add something to the password that wasn’t there before 

Please for the love of god, don’t save any passwords in your web browsers, not only does it make it easier to access and hack your stuff, but if you ever change the password to that particular website, the old password doesn’t automatically sync, which leads to conflict; thus locking you out of you’re stuff due to the conflicting password mismatch. 

Why you shouldn’t save your passwords

30.3.24

How to tell if your phone's been Hacked.

 

 Phone hacking is one of the more sophisticated technical ways of acquiring your personal and financial information. It's not much different than hacking into your computer, because smartphones are just that. Portable, mobile computers. With the increased use of smartphones, how easily accessible the internet has become, along with the advent of social media platforms, it's not hard to see how easily personal information can be shared and utilized to impersonate someone to gain access to other accounts, attached to their name.

 

 

 This is why it's imperative that you be more vigilant than ever, when it comes to safeguarding your stuff; including your identity. Most hackers and scammers tend to go for the easiest target first, and then work their way up, from there, in terms of level of difficulty. This happens as a result of what the hacker stands to gain from successfully accessing your financial and personal information. Since this is a never-ending always evolving practice, I have listed below some pointers' that suggest your device might have picked up some malware that aids in transmitting your information, unknowingly, thus making you an easier target. 

 

 

If you notice your phone is running slower than usual- While this can be the result of several things; normally you can pinpoint the exact chain of events that lead to your phone slowing down, overtime. Whether's it's accumulated updates throughout the lifetime of ownership of your device, the amassed data, that's stored on your phone from all of the apps downloaded; or even the regular data that's taking up space such as pictures and other files. In the absence of these factors, your phone slowing down suddenly and tremendously is a good indicator that malware or spyware is on your phone and feeding your info to an external source. That process is what is causing/ contributing to the degraded performance of your phone.  

 

 

Your phone either heats up or overheats quickly- Temperature variables aside, similar to the previous point, if you notice your phone is heating up quickly and you're not overclocking, over utilizing or running a resource intensive application or game on your device, chances are whatever malware/spyware that's on your phone is feeding your information back to the host, externally. This action can contribute to the high temperatures being generated, while seemingly being in normal use by you.  

 

 

You are getting strange pop-ups, multiple unsolicited ads- If you're surfing the interwebs, on your device and notice that the websites you normally visit have more frequent and pervasive ad's and pop-ups, and there is a marked difference between your experience's there. This can indicate that something has downloaded on your phone is running in the background causing this distortion, to how it normally operates.  To test this, I often suggest going to the same website on other devices to see if the changes on your device, appear elsewhere. If so, then the website is to blame, if not, then run a virus scan on your phone immediately.

 

 

Frequently visited websites now look different in your browser-This is a dead giveaway that you have a virus or some form of malware on your device. If you notice that websites you frequently visit all of a sudden look "different", are redirecting to another website or just isn't loading or operating the way it used to before; your device is definitely infected with malware and you need to run a virus scan immediately.

 

 

You notice strange phone numbers, texts and e-mails that you didn't originate- Also includes seeing mysterious apps appear on your phone, where  you have no recollection, of downloading them. Often times, if a person has been hacked, this symptom is what I call the "calm" before the storm. Reason being is because by the time things get to this point, the hacker already has other personal information, from your device, in their possession.

 

 

Aside from running a virus scan immediately I highly suggest you check all of your bank and financial accounts (on another non-infected device) and put a lock on any and everything that may be accessible to anyone who has your username and password or any information, they can use to that end. This is a good time to change passwords and set up multi-factor authentication, including resetting your phone back to a factory reset.

 

 

While I personally advice having your data backed up and syncing elsewhere to a cloud account, I suggest this level of caution, as whatever is feeding your information to a third party; needs to be stopped immediately. While not knowing to what extent the damage that was done; the sooner we mitigate it, the better off you'll be.  

 

 

While this gives you a brief overview of how to avoid being hacked in general, you can still utilize the tips here to better protect yourself behaviorally, no matter what device you use. There are a few anti-virus software options (some are free) that you can employ to help scan for malware, spyware and worms and other viruses' on your desktop and mobile devices in addition to helping to get rid of them. One that I often employ is Avast. McAfee and Norton are also two other choices to pick from. These brand's have options that are available for download on both your laptop, desktop and mobile devices.

 

 

 

While surveying the habits and patterns that often put you at risk, I implore you to make the behavioral changes, as soon as you become aware of them. The quicker you implement what you learn, the faster it sticks and the more beneficial it is to you in the long run. There's always something you can do to protect yourself from being a target and making it harder for hackers to easily glean your personal information. For a shorthand way to keep these reminders accessible to you, please refer to the checklists below that denote if your mobile device has been hacked. 

 

How to tell if your Android is hacked

How to tell if your iPhone is hacked

How to tell if your phone's been Hacked.

26.10.22

How tap-to-pay actually works

 

During my latest exploration trip to D.C. one of the experiences that stuck with me was their smart card and how it works. I had a great time touring the city; click here for more about the trip itself. I stayed in a hotel in Maryland and drove to the Metro parking garage to park my car and took the train into the city. As with any city where I'm taking public transit around to explore the area, I always get their transit card and purchase their equivalent of a day pass. 

 

 

The smartrip card is a transit pass that instead of swiping to get through the turn-style, you have to place it on the RFID/NFC reader in order to open the gates. Since it's a tap-to-pay system, I'll be using this example to illustrate how it works. 

 

 

I was always fascinated and interested in exactly how this system works because no matter how long I've been in the tech field, I still get excited over being able to place a card, badge, phone app onto a device and watching something happen. I'll briefly go into how this particular technology works and how it contributes to the ease and convenience of every day activities. 

 

 

Transit card for D.C. Metro

RFID- Stands for Radio Frequency Identification. This involves two devices that "communicate" with each other using coils (serves as antennae), the magnetic field of those two devices, that conducts the transfer of information wirelessly once within range of that magnetic field; and a small data-filled chip, whose information is transferred as a result of the first two components interacting with each other.

 

 

  

NFC- Stands for Near Field Communication. While this is a type of RFID, the benefit to this is since it only uses HF (high frequency) to transfer data you have to be closer to the magnetic reader to trigger that wireless data transfer. 

 

RFID uses a range of both LF (low frequency) and HF (high frequency) during it's wireless energy transfer any data that is present is also transmitted and carried over. NFC only uses HF to transfer data, and tends to be more secure as there is a limit to the amount of data that's transmitted, (it only has room for a small string of characters). While RFID tends to spit out all of it's data more "carelessly", when within range of the readers' magnetic field. 

 

 

Here's how this all comes together; the smartrip card has a chip in it that has the monetary balance that was paid to purchase the card, as the data on it. That card is then placed directly on the RFID reader, and similar to how an RFID tag and RFID reader interact once both components enter each other's magnetic field; the data on the card is transmitted wirelessly and the turnstyle gates open up, allowing entry.

 

This same process works for phones, digital business cards, apps etc. that also use NFC beaming and even bluetooth technology to transmit data.

 

It's really a cool sight to see, how technology has advanced to the point where you're able to send a document from your phone to one of your friends, by simply tapping the back of your phone to theirs.

 

Or even better yet, use bluetooth to connect to their phone and transfer documents to them from across the room. Prime example of this is Apple's "Airdrop" feature. 

 

 

Transit Card for L.A. Metro

The Smartrip card data is managed by the software used on the machines that you purchase the cards from. That software has a transaction ledger of the balances on the card and "writes" that data to the chip on the card. When the card is used, that data is transmitted to another device which utilized the same software to record the remaining balance of how much is used.This process repeats when the card is refilled.

 

 

While you can find a brief explanation of how RFID and NFC works here, let me know your thoughts below on whether this technology has helped to improve your life or if you feel that's it's not secure enough. Comment below.

How tap-to-pay actually works

28.9.22

Amazon Fresh- The New Age Grocery Store

*As this is an Affiliate Post, if you choose to purchase anything through the links below, I will receive a small comission from that sale, with no extra cost to you. it's not mandatory, but highly appreciated*

 During my trip to D.C. I decided to visit the neighboring state of Virginia while I was nearby. I took the metro from D.C. first to Arlington, VA, visited the famous National Cemetary, and then took the train further in to visit the Pentagon.

 

While exploring, I decided to take a break at a Starbucks, and while on my way there, I walked past an Amazon Fresh Supermarket. Until then, I had no idea that Amazon even had a supermarket. Much less any physical stores. My curiosity got the better of me, and I walked in to investigate. 

 

The first thing I noticed were several turnstiles with a scanner next to them with a sign requesting you to present your QR code for your prime account. Looking around, I saw a few of the employees, walked over, and questioned them about how many locations they had and how this supermarket worked. 

 

They told me that amazon prime members can shop here by scanning their QR code, picking up what they need, adding it to their cart, and scanning the same code to leave the store, sans cashier interaction. I was intrigued and made it my business to try it out for myself when I returned home. 

 

I visited the one in Paramus, NJ, to glean a first hand shopper experience from it. I pulled into the mall's outdoor parking lot and excitedly walked in. I saw several turnstiles with a QR code scanner and one entrance at the end that allowed you to walk in without scanning anything.  

 

 

I grabbed a cart walked in through the bigger gate,  picked up a loaf of french bread, and when I finally pulled up my QR code, walked back to the turnstile and scanned it. I was told by the store associate, in order to use the the store's technology; I had to first put the bread back, then scan the code so the technology can "sense" what I picked up around the store and add it to my account. I did that and continued shopping.  

 

 

While walking through the aisles, I saw an array of products that were priced similarly to what you would see in Shoprite, Target, and Wholefoods. Some items were cheaper, while some were more expensive, and while I picked up some much-needed household items, I looked up and saw the multitude of camera's stacked next to each other, descending from the ceiling, all over the store.

< 

The next hour was spent browsing through each aisle and surveying everything they had in that store. To my surprise, I enjoyed how they had an Amazon package return center at the back of the store. It's where you go to return any item's you've ordered from Amazon.com. It's a nice little added convenience to your shopping experience. 

 

I walked over to that counter to return some shoes and noticed a section that had a computer for you to sign into with a "palm-reader" next to it. I was met with intrigue and suspicion over this item, because while an avid tech enthusiast, I do have my reservations about how far I'm willing to go with Biometric devices.  This same device was also available at the exits so you can scan your palms or your QR code to leave the store.

 

Overall my experience was a pleasant one. The ease of shopping, how easily the items were found and they had sturdy reusable bags at the end caps of the aisle, with two different types of shopping carts. One was a regular cart and the other was a computerized cart that scans all of your items as you put it into your cart and adds that item to your account.  

 

Despite the novelty of being able to walk in and out of the store without using cash or stopping by a cashier, this location had cashiers available to help with your purchases if needed. If you decide to shop there and glean your own experience, here's what to watch out for: 

• 
  

•  Don't pick up anything you don't plan on buying because if you don't want it, you might get charged for it. The sensors are triggered on what you pick up, but not always on what you put back.
•  

 

• Easy to over shop. Some items are really cheap while others are more expensive than target and shoprite. I guess it balances out. 
•  

 

• You can't return just any amazon ordered package as it depends on if amazon shipped it from their warehouse or if it came from outside their delivery jurisdiction. As was the case with my shoes. I was so annoyed that I had to make another stop to the UPS store to drop it off. 
•  

 

• When you finish shopping and leave the store you are sent a receipt to your e-mail detailing your purchases, the cost and total number of each item. You have three hours to make adjustments, dispute costs, make refund request for items you've picked up/ returned and the total amount of items overall.

 

•  
• Amazon Fresh and Amazon Go are two different stores. One is a supermarket grocery store similar to stop and shop and wholefoods, while the other is similar to a 7-11 store. Check out the differences here: Amazon Go/Fresh

 

 

 

Have you had a chance yet to visit these stores? If so, leave a comment below and let me know your experience. If you'd like to see for yourself what the hype is all about, click here for a free trial of Amazon Prime and take a look.

Amazon Fresh- The New Age Grocery Store

21.9.22

Surviving the upside-down world of the tech field.

 

I have had the privilege of working in the tech field for the last ten years. This journey has come with a lot of ups and downs while teaching me valuable lessons. I started out struggling to get and keep a job as a contractor, living in an overpopulated city, where there are more people than jobs available.

 

 

Now I landed a stable gig that allowed me to move to another state where the quality of living is better and they appreciate and "hold-onto" their techs. New York City is still the epicenter for the most sought-after tech jobs, I didn't get any traction in this industry until I took a job out of state.

 

 

I stumbled upon this industry back in 2013, after studying business in trade school. Once I learned that the skills taught would prepare me to be a receptionist/ secretary at best, I had to make a decision about what I was going to do next before I completed that program. I had previous employment as a secretary/ receptionist prior to entering that program, so imagine the time I would be wasting if I had gone straight home after completing that program.

 

 

That realization is why I chose to go to an advanced training tech program. I figured that was the closest transition I could make from my original field of study. I had no idea what to expect, but anything had to be better than being a receptionist. (No offense).

When I arrived at the program, I noticed I was one of three girls in a large sea of boys. Little did I know that this ratio would follow me through the early stages of my career. It wasn't easy being in the minority population of people, essentially paving the way for the others coming behind you.

 

 

My technical knowledge and ability was constantly questioned, patronized, and ignored; while constantly having to prove myself as a valuable resource in this field.

 

 

It used to frustrate me having to deal with the mix of condescending and fragile egos stemming from people who had nothing else to hold onto but this false sense of superiority. I learned quickly that if I was going to survive in this field, I had to be smart and strategic about how I handled them.

Since I have successfully traversed those hostile environments while gaining my experience through trials and errors; I'd like to give some tips on how to go about navigating a field that you're the minority in, while just starting out and still having a lot to learn.

Don't take anything personally

As I mentioned prior, I had to deal with my fair share of sarcasm, attitude, annoyance, and insecurity from different colleagues, from all walks of life. I stopped getting upset by it once I realized that their discomfort towards me, was due to them being unsuccessful and unfulfilled with their life.

 

 

Instead of them using that energy to better themselves, they'd rather spread their internal suffering to other people. That lack of priority is why they are where they are in their life. Laugh at them and move on. I can speak from experience, those people never progress any further than where you met them.

Learn something new every day:

Despite my rough start, I did find some people who were overjoyed and excited to have more women working in their department. They welcomed and embraced the change. Those are the ones who you should network with. Have conversations with them and pick their brain.

 

 

Find out how much they know about the field they are employed in and add them to an ever-growing list of resources that you can learn from. I have work friends to this day that I still reach out to and pick their brains. We challenge each other's perspectives and learn new things from each other each time we talk. It's a great feeling.

Always keep your eyes for opportunities open

My first tech job wasn't ideal, but it was necessary to get my foot in the door. I learned the art of upward mobility from balancing between working and job searching long enough to transition out. Doing both simultaneously have helped me master my multitasking and time management skills. I've heard the well-known rumor that it's easier to "get a job, when you already have a job".

 

 

I used to believe that too until the last transition from my last job to where I am now. While I finished my six-month stint at that contract, I was desperately looking for another opportunity to start working, before the current contract was up.

 

I took a position I didn't initially want (it was in another state) but time was winding down and I didn't have any more time to be picky. I don't think it's easier to find work, while already employed, it's that you don't notice how long you've been looking since, there's less urgency to find work.

Build your networks

The best part about starting out as a contractor is you get the chance to work in several different environments. The downside is, you're more vulnerable to the volatility of the tech market affecting you negatively.

 

 

Contractors are often the last hired and first fired during any economic downturns as well as, not always given working benefits comparable to what full-time employee's get. Being a contractor gives you  the chance to build your references and contacts list while traversing different job roles. Through the many environments I've worked in, I have collectively kept in contact with 40% of my former colleagues.

 

 

Whether through Linked in, facebook, Instagram, direct number exchange, I was able to utilize them as references and I was often called on to be a reference and a referral for them. I have been offered jobs through that network and have had doors open for me more easily because of my rapport with them.

Expand your skillset:

This goes for any industry you are employed in. No matter if your still a novice in your field, recently changed careers or are a subject matter expert featured in publications; always expanding your skillset will pay off majorly in the long-run.

 

 

Challenge yourself to keep learning about the different aspects of your field. Even if it's something you're not interested in, become familiar enough with it, to be able to explain it to someone else who might be interested in it.

 

 

Doing this, will keep you in a valuable and marketable enough position, where you control your next move. Who knows you might discover something else that peaks you're interest, and is worth pursuing. In which case I'd say Go for it!

I still employ these tips to this day and it has allowed me to not only remain in a job that I love, at a company that valued and fought to keep me; But to enjoy the satisfaction of seeing the smiles and ease of anxiety of the people I help everyday.

 

 

The stability here, afforded me the chance to fully explore and expand my skillset to other areas within the tech field. While I am still deciding where I'm going next from here, I am grateful for the opportunity to be in a position where I am truly in control of what happens next. It's an incredible feeling.

Surviving the upside-down world of the tech field.

8.6.22