Blog Feed

Keycloak Multi-Factor Authentication With Hardware Tokens

Posted by on 19:33 in Protectimus Products, R&D | 0 comments

Keycloak Multi-Factor Authentication With Hardware Tokens

Nowadays, when hackers constantly look for vulnerabilities, while more and more aspects of life are being digitized, cyber security is of utmost importance and every app developer has to pay special attention to access management. Keycloak is one of the most ingenious solutions created with app developers in mind. It provides an elegant and easy way for securing modern applications and services. With Keycloak comes an easy to roll out Multi-Factor Authentication (MFA) with one-time passwords (OTP). By default, Keycloak multi-factor authentication supports time-based OTP (TOTP) delivered via an authenticator app only. But for those who want to add an extra layer of security for their users, there is a perfect solution — reprogrammable token Protectimus Slim NFC. This token is, basically, programmed to be utilized as a replacement for the mobile authentication app. Buy hardware token for Keycloak MFA Below we provide detailed instructions on: how to configure Keycloak MFAhow your users will set up their hardware Keycloak token Protectimus Slim NFChow to run Keycloak 2FA with other ways of authentication (SMS, email, hardware tokens, chatbots) Keycloak multi-factor authentication configuration Configuring Keycloak multi-factor authentication is very easy and won’t take a lot of your time. Basically, all you need to do is enforce both your existing users and your new users to use one time passwords. Enforcing existing user: Go to your Keycloak admin area, find “Users” in the sidebar menu and select a user from your list. Then navigate to the “Details” tab and select “Configure OTP” in the “Required User Actions” section: Enforcing new users: Select “Authentication” in the sidebar menu in the Keycloak admin area, then find the “Required action” tab, in the top row (“Configure OTP”) check “Default action”. Keycloak two-factor authentication with hardware tokens To hook up Protectimus Slim NFC to Keycloak the following OTP Policies have to be applied: SHA1, TOTP, 30 or 60 seconds period. Find the “OTP Policy” tab in your “Authentication” section in the Keycloak admin area and adjust the required parameters as follows, don’t forget to click the “Save” button: You can read more on the OTP Policies in the official Keycloak documentation. Now your users will be able to follow these simple steps to add Protectimus Slim as the second factor when logging into your apps or services: 1. Download Protectimus TOTP Burner application. 2. Launch our application, click “Burn the seed”, then select the “Scan the QR code” option: 3. After completing the usual login process with username and password the user will have to set up the Mobile Authenticator. This is where they will get the QR code: 4. After the code scanning is done the user needs to turn the token on, place it within the mobile’s NFC antenna range and click “Continue”: 5. After the application provides the confirmation message, Protectimus Slim NFC can be used with your Keycloak protected application or service using Keycloak multi-factor authentication: Keycloak OTP via SMS, email, hard tokens, chatbots Out of the box, Keycloak is an awesome solution for managing security and access. But integrating it with Protectimus multifactor authentication service will expand your protection options, provide more features and make your apps and services truly bulletproof. With Protectimus you will be able to add any MFA method you wish: Keycloak two-factor authentication via email, hardware tokens...

read more

Hardware Tokens for Azure MFA

Posted by on 04:25 in Protectimus Products, Setup Guides | 0 comments

Hardware Tokens for Azure MFA

There are currently two ways to implement an Azure hardware token for Azure Multi-Factor Authentication: With classic OATH tokens for Azure MFA with hard-coded secret keys, such as Protectimus Two and Protectimus Crystal. To make use of one of these you’ll need Azure AD Premium P1 or P2 license.With a programmable hardware tokens for Azure MFA Protectimus Slim NFC which is a replacement for an authentication app from Microsoft. This Azure cloud MFA hardware token does not require a premium subscription account. In this article, we will describe how to set up both types of hardware tokens for Azure token-based authentication. All three devices can be bought here. Buy hardware token for Azure MFA Classic OATH hardware tokens for Azure MFA – how to set up Currently, Azure AD supports tokens with passwords not longer than 128 characters and password life-span of 30 and 60 seconds. Both Protectimus Two and Protectimus Crystal fit these requirements. Once you choose and receive the Azure MFA OATH token you prefer you need to register your token with Azure. Below is the step-by-step guide on this simple process: Step 1. Prepare a CSV file which includes your UPN (user principal name), the serial number of the hardware token Azure MFA, the seed (secret key), time interval, make and model of the Azure AD MFA hardware token. Make sure to include a header row, the result should look something like this: Step 2. Once the CSV file is created and properly formatted it has to be imported. Go to Azure Portal and browse to Azure AD, then to MFA server. On the MFA server page choose OATH tokens and click the “Upload” button. Upload your CSV file; the upload process might take a few minutes. Step 3. Click the “Refresh” button. If the CSV file was uploaded successfully you will see a list of your Azure AD hardware tokens, if the file had an error you will be notified on the same page: File uploaded successfully: File uploaded with errors: Step 4. Now you need to activate your Azure multi-factor authentication hardware token. If you have multiple tokens, you should activate them one by one. Click the “Activate” button at the lattermost column on the right and enter the password generated by the corresponding Azure MFA token. After that, click the “Verify” button. Step 5. Once the MFA server accepts your one-time password you will get a message confirming the activation of the Microsoft Azure token you selected from the list and there should appear a check mark in the corresponding “Activated” column. Now your token is successfully activated and can be used to log in. Programmable hardware tokens for Azure MFA As has already been mentioned above – to use a Microsoft Azure MFA hardware token you need to have a premium subscription. But we know that not everyone is ready to pay 6 euros per month per one user. If you are not ready to pay too, programmable hardware token Protectimus Slim NFC is the way to go for you. These tokens are recognized as authentication apps by the Azure MFA system, so you do not need a premium license to use them. Adding Protectimus Slim NFC as a recognized second factor of authentication to your Azure MFA is pretty straightforward. All...

read more

Office 365 MFA Hardware Token

Posted by on 02:04 in Protectimus Products, Setup Guides | 0 comments

Office 365 MFA Hardware Token

With over 31 million users worldwide Microsoft Office 365 is unsurprisingly a bestseller among the productivity software subscription suits on the market. Its compatibility with the major operating systems (both mobile and desktop), the choice of available apps and the familiarity of the brand make Office 365 an obvious choice for a lot of businesses worldwide, from small companies to huge enterprises. These very reasons and the popularity among businesses make it rather a big target for all kinds of greedy criminals. Being an online platform, with tons of sensitive corporate data stored in the cloud, Office 365 is a low hanging fruit for those hackers. Microsoft understands the vulnerability and supports Multi-Factor Authentication (MFA). The only bulletproof way of fully protecting your info on a cloud server is Office 365 2 factor authentication with a hardware token. In this article, we will give you the detailed instructions on setting up protection with hardware multi-factor authentication token for Office 365 without a premium license. We are also going to address the questions one might have on our own Protectimus Slim NFC token. Buy hardware token for Office 365 Office 365 MFA hardware token – Protectimus Slim NFC Azure AD offers a few standard ways to sign in using 2-factor authentication. You are offered a mobile app to generate random passwords, the system can send you a text with an OTP, or you can choose a phone-call to authorize the sign in. And finally, the most bulletproof way – you can have OTP generated by Microsoft Office 365 MFA hardware token. Now, Microsoft itself does not provide a hardware device, but third-party tools are supported. | Read also: Hardware Tokens for Azure MFA A programmable hardware token is essentially a more protected and trustworthy substitution for a mobile app. Protectimus Slim NFC token is one of the most popular security tokens that work with Office 365. The tool has no Internet connection, so there is absolutely no way your passwords could be intercepted. Protectimus Slim is reprogrammable, this means one device can be reassigned to a different resource over and over again. The programming goes via NFC (Near-field communication) which provides even greater defence. The design and dimensions of this Microsoft Office 365 MFA hardware token are also a factor in its popularity. To protect your data with our OATH hardware token for Office 365 MFA you need to own an Office 365 subscription with 2-factor authentication on and an NFC Android phone. A premium Azure license is not required. | Read also: The Pros and Cons of Different Two-Factor Authentication Types and Methods How to add hardware token to Office 365 MFA Setting up hardware 2-factor authentication token Office 365 is easy and straightforward enough, the steps below summarise the process very precisely. 1. Download Protectimus TOTP Burner application on an NFC-enabled Android phone. 2. Browse to this registration page and sign in with your Microsoft corporate login. 3. Click “Use Verification code from app” in the drop-down menu, then check the “Authenticator app” box, press “Configure”. 4. The pop-up window you have on your screen now has a QR code meant for installing the default Microsoft authentication app, that application is able to send notifications to your phone. Since our hardware token cannot do that, you need to...

read more

9 Must Follow Gmail Security Rules

Posted by on 21:39 in R&D | 0 comments

9 Must Follow Gmail Security Rules

Gmail is perhaps the most used email service, with which people exchange terabytes of information daily. A typical account contains lots of personal details such as banking data, digital identities, passwords, trade agreements, etc. Unfortunately, despite the service’s popularity, positive reputation and constant effort of its creators, personal data is not protected enough. Besides hidden security mechanisms that work automatically, there is an array of optional measures that must be activated manually. Nevertheless, most of the latter are unknown to or ignored by the majority of users. Often it does not even take a professional hacker to exploit Google Gmail security vulnerabilities using the basic skills in social engineering. In this article, we will talk about how to secure Gmail account by following the 9 simple rules. 1. Set a Strong Password for Your Gmail Account and Change It Regularly The first thing you need to keep in mind when coming up with a password for your Gmail account is to never use anything personal, such as dates of birth (or any other memorable dates), nicknames, names of animals, etc. In general, everything that a person from your environment may know about you. It is better if it is a random set of letters (in varying case), numbers and special characters. | Read also: How to Choose and Use Strong Passwords If you don’t want to bother inventing such a strong password, just use one of many online generators. And the newly created passwords can be stored in a special password manager (for example, such as this). If you want to change your account password right now, follow these steps: Sign into your Google account and open the homepage;Go to “Security” page and click “Password” in a Signing in to Google” block;Set a new password (you will need to enter the current password to confirm your identity first).   2. Turn the Two Factor Authentication On Gmail two factor authentication is the method, which requires the user not only to carry out the standard authentication procedure (with credentials) but also confirm their identity by entering the one-time code that is generated at their mobile phone by a special app – Google Authenticator or Protectimus Smart OTP. To enable the Gmail 2 factor authentication (2FA), follow these steps: Sign into your Google account and open the homepage;Go to “Security” page and click “2-Step Verification” in a Signing in to Google” block;   Click the “GET STARTED” button at the bottom of the page and enter the current password to confirm your identity;   Choose the desired 2-step verification option: SMS or phone call authentication. You can link your phone number to the Google account and use SMS or phone call authentication.Google Prompt. With Google Prompt you’ll need only to tap one button on your smartphone to sign in. Keep in mind that only those smartphones that are already connected to the same account can be chosen to receive Google Prompt messages.Security key. Security keys are hardware 2-step verification devices that support FIDO standards. Google offers 2 types of security keys – USB Security Key and Bluetooth Security Key. Google sells both devices in one bundle. You’ll need to buy the security key bundle for $50 first.Google Authenticator or another 2FA app. Google Authenticator is a two-factor authentication app where you...

read more

4 Reasons Two-Factor Authentication Isn’t a Panacea

Posted by on 19:07 in Engineering, R&D | 0 comments

4 Reasons Two-Factor Authentication Isn’t a Panacea

Two-factor authentication (2FA) is an indispensable cybersecurity measure used to protect data. Most of the modern information security standards despite the area of application such as PCI DSS, PSD2, HIPAA, etc., demand the multifactor authentication (MFA) among other data protection methods. This approach allows mitigating the danger coming from such attack vectors as brute force password cracking, keylogging, social engineering, phishing, and some kinds of man-in-the-middle attacks. Nevertheless, two-factor-authentication is not a cure-all solution by itself. This is just a single component in a major set of requirements for high-quality data protection. Taking care of data security means implementing a complex plan of actions. For example, this is clearly seen in the in the article 10 Steps to Eliminate Digital Security Risks in Fintech Project where we analyzed the components needed to protect payment gateways from cyber threats. In the current article, we’ll unveil all the weaknesses of two-factor authentication you have to keep in mind when strengthening your security infrastructure with MFA. And, of course, we’ll discuss all possible solutions to these weaknesses. 1. SMS authentication is not secure The US National Institute of Standards and Technology (NIST) recommended every company to abandon SMS authentication as insecure and no longer suitable strong authentication mechanism long ago. But many companies worldwide still opt for SMS to deliver the one-time passwords in their 2FA infrastructures. And it was only three months ago that Reddit has admitted this method to be not as effective and secure as the company was hoping. No doubt, SMS authentication is convenient for companies and users alike. But is this a reliable option? Unfortunately, no. Let us review the SMS authentication vulnerabilities. SIM-card Replacement In most cases, it wouldn’t be a hard task for a dedicated culprit to use a mobile operator’s SIM-card replacement service and intercept a victim’s number. The information needed for this fraud can be found in public sources or bought on the dark web. Network Protocol Vulnerabilities The next potential risk hides in the cellular protocols. And the fact that SMS exchange is not encrypted in any way. The security of SMS transport depends on the cellular network security. There is a number of vulnerabilities in consumer cellular networks as well as methods of exploiting them. Some of the most advanced ones do not even require costly hardware or specific skills. From this point of view, using SMS for security is rather dangerous. Moreover, if to take into account the fact that a usual SMS exchange is not encrypted in any way, an employee of a network center with a proper access can freely read all the messages. Not to mention all the possible ways to intercept the radio transmissions. Malware There are tons of fraudulent software aimed to steal the sensitive data. And mobile device trojans intercepting SMS messages are nothing new. Infection is immediate; the consequences are dire. Malware that ingrained itself into the gadget can play a variety of roles: Intercept the entered login credentials and one-time passwords as well; Track all the sent and received messages; Record the voice calls; Copy the SIM card parameters and contact information; Provide capabilities for remote control; Turn a device into a member of botnet or crypto-currency mining agent, etc. The tech-savvy attacker has nearly unlimited opportunities especially it concerns making use...

read more

Duo Security vs Protectimus

Posted by on 13:50 in Protectimus Products, R&D | 0 comments

Duo Security vs Protectimus

Recently, Cisco declared its intention to purchase Duo Security for US$2.35 billion. Naturally, this is an important event not only for Duo Security, but for the entire multi-factor authentication industry. A sale of this magnitude confirms that the demand for two-factor authentication is higher than ever before. This also shows that there is a demand for simpler, less expensive means of delivering one-time passwords, since Duo prominently advertises its rejection of hardware tokens in favor of 2FA apps, push notifications, and SMS messages (which are expensive and not secure). Protectimus fully supports Duo Security’s efforts to simplify and reduce the cost of OTP delivery, but we remain convinced that security must not be sacrificed in the process. For example, in order to hasten the move away from SMS authentication to more modern, reliable MFA technologies, we’ve figured out how to deliver one-time passwords using chatbots on messaging services. This is much more efficient, secure, and convenient than SMS. Hardware tokens are also among the products we offer, and they can be connected to practically any site: from Google, Facebook, Dropbox, and Slack to cryptocurrency exchanges like Bitfinex, Coinbase, Poloniex, and so on. In light of that, has Cisco made the right decision? Should they maybe have spent $2.35 billion on acquiring Protectimus instead? We’ve decided to compare the solutions from Duo and Protectimus to settle the matter objectively. DON’T LIKE LONG READS? FIND OUR CONCLUSIONS IN A COMPARISON TABLE AT THE END OF THE ARTICLE. 1. Server-side component Duo Security Duo is a cloud-based 2FA solution. The choice of the SaaS model is completely logical. It makes integration fast and reduces the cost of deploying, protecting, and maintaining an authentication server. This style of interaction is convenient and easy for the client and company alike. In addition, it’s a rather modern approach to strong authentication, so it fits well with Duo Security’s concept as a modern, innovative provider of revolutionary MFA solutions. Protectimus Protectimus two-factor authentication solution is available not only in cloud-based form but also as an on-premise platform. Often, we advise customers to choose the cloud-based service, since it’s convenient, fast, and modern. Clients connected to the Protectimus SaaS service don’t need to waste time and money on extra equipment, security measures, and sysadmin salaries — there’s no load balancing or other infrastructure issues to worry about. The result is rapid integration with minimal costs. However, some companies can’t make use of cloud-based services because of strict information security rules, either from within the company or imposed by the government. For these cases, we made it possible to purchase an on-premise platform that clients can install in their own environments, allowing them to retain full control of the authentication server. Both the on-premise platform and cloud-based service are available with a subscription. Lifetime licenses for the platform can also be purchased. You can find out more about the differences between the cloud-based service and the platform here. 2. Features Duo Security Note: Nearly all features examined in this section can be activated only with Duo’s most expensive payment plans, Access and Beyond. Self-service is also available in the Duo MFA basic plan. Duo offers a range of additional features to make administration easy and increase the level of resource access protection: User self-service. Geographic filters. Prohibiting access from...

read more

Duo Security vs Protectimus: Features

Posted by on 13:44 in Protectimus Products, R&D | 0 comments

Duo Security vs Protectimus: Features

In Duo Security vs Protectimus, we touched on all the aspects of Duo and Protectimus two-factor authentication solutions. We examined the technologies these companies use, their methods of delivering one-time passwords, the availability of an API and pre-made plugins for integration, pricing, availability in cloud-based and on-premise forms, and — briefly — the features of each solution. In this article, we describe in greater detail the features available to administrators and users of the Duo and Protectimus multifactor authentication services. You can use this table to navigate the article more easily. User self-service User self-service Geographic filters Geographic filters Network- or IP-based access control Adaptive authentication Role-based access policies Differentiation and delegation of authority within the system Monitoring and identification of vulnerable devices Ability to assign different types of tokens to different users Time-based filters CWYS (Confirm What You See) data signing functionality Duo Security Note: Nearly all features examined in this section can be activated only with Duo’s most expensive payment plans, Access and Beyond. Self-service is also available in the Duo MFA basic plan. User self-service Users can issue and manage tokens themselves. This saves administrators time. Saving administrators time means saving the company money, which is always good. Geographic filters These allow administrators to grant access to a resource only from a specified geographic location. Or, they can deny access from certain countries (for example, North Korea or Russia). Network- or IP-based access control This feature is also referred to as adaptive authentication by Duo. It gives administrators the ability to block access to a resource from anonymous networks (such as Tor). Access can also be allowed or denied from a specific range of IP addresses. Role-based access policies This makes it possible to impose stricter authentication rules for specific users or groups of users, depending on their roles and their levels of access to data. For example, an accountant might be able to choose any authentication method — SMS, push notifications, or a one-time password from an app — while a network administrator might be required to use a hardware token exclusively. Monitoring and identification of vulnerable devices This unique technology allows you to keep tabs on users’ “device hygiene” if they have the Duo Mobile app installed. Using this system, you can see how well-protected each device is: find out if biometric authentication and screen lock settings are configured; find out if antivirus is installed; find out what operating system, browsers, and plugins are installed, and whether they’re up to date; see if the device is personal or company-owned; see if the device has been rooted, etc. An administrator can block access to the system from devices that don’t meet preset requirements (for example, if no antivirus is installed). Protectimus Note: All features examined in this section are available with all payment plans, including the no-cost Protectimus Free plan. User self-service This feature takes a burden off of the system administrator’s shoulders, saving the administrator time and the company money. Users can issue and manage their own tokens. Geographic filters These allow restricting access to specific countries only. Access from specific countries (Russia, North Korea, etc.) can also be blocked. Time-based filters This feature allows granting access to a resource only at certain times; for example, only during business hours. This approach significantly increases...

read more

Duo Security vs Protectimus: Authentication Methods

Posted by on 13:31 in Protectimus Products, R&D | 0 comments

Duo Security vs Protectimus: Authentication Methods

You can find a general comparison of the Duo Security and Protectimus two-factor authentication solutions in the article “Duo Security vs Protectimus“. In it, we explore the features and technologies used by Duo and Protectimus, the availability of these solutions in cloud-based and on-premise forms, integration options and prices, and the authentication methods offered by each company. Here, we describe the authentication methods available to Duo and Protectimus clients in greater detail, as well as examining each option’s pros and cons. You can use this table to navigate the article more easily. 2FA app 2FA app Push notifications Push notifications HOTP tokens HOTP tokens TOTP tokens TOTP tokens U2F tokens OCRA tokens SMS authentication Reflashable TOTP tokens Voice calls SMS authentication Backup codes Email authentication Protectimus Bot Duo Security Duo Mobile 2FA app Duo Push Duo Security’s pride and joy. Push notifications were introduced to make the process of two-factor authentication as simple as possible. Instead of opening a 2FA app for one-time passwords generation, finding the code generated for the desired service, and then inputting 6 digits into a password entry window, the user needs only to unlock their smartphone and tap the “Approve” button. There’s another advantage: if a hacker attempts to gain access to the user’s account, a push notification will appear. The user can block the access attempt by tapping the “Deny” button. The Duo Mobile app can be synchronized with smart watches, so users can receive push notifications directly on their watches. It’s quite convenient. The main drawbacks are that it’s impossible to authenticate without internet access, and users may have to use their personal phones for business purposes. HOTP and TOTP The Duo Mobile app can generate one-time passwords using only the HOTP and TOTP algorithms (note that TOTP tokens can become desynchronized from the server time; Duo Mobile lacks a synchronization feature). HOTP passwords are used to log into accounts protected by the Duo two-factor authentication service if the user cannot receive push notifications. Support for the TOTP algorithm is included in order to facilitate the use of the app for authentication with third-party services not connected to Duo Security, such as Google, Dropbox, and GitHub. Hardware tokens HOTP tokens The Duo Security two-factor authentication service supports hardware HOTP (HMAC-based One-Time Password) tokens from any vendor. It also sells its own HOTP tokens. It’s worth noting that while the HOTP algorithm does meet OATH (Initiative for Open Authentication) standards, this algorithm is outdated and cannot be considered sufficiently secure, particularly in the case of hardware tokens. The moving factor used to generate one-time passwords with the HOTP algorithm is a counter. If an attacker has the opportunity to gain control of the token for even a few minutes, the attacker can write down a few one-time password values and use them at any time. In the process, the actual user may also lose access to their account, as the token will become desynchronized from the authentication server. TOTP tokens Duo Security allows connecting third-party TOTP hardware tokens to its 2-factor authentication service but doesn’t recommend it as there is no functionality for time synchronization in its MFA system. U2F tokens The Duo Security two-factor authentication service also supports the U2F (Universal 2nd Factor) standard, developed by the FIDO (Fast IDentity Online) alliance...

read more

How to Protect Facebook Account from Being Hacked

Posted by on 15:20 in Engineering, R&D | 1 comment

How to Protect Facebook Account from Being Hacked

Why should you worry about protecting Facebook from hacking Many tend to believe that the security of their social media presence isn’t the first thing worth the effort to work on. You don’t often see a question like ‘How Can I Protect Facebook Account From Being Hacked?’ unless the person making such a request got hacked recently and now seeks the protection based on the bitter experience. What does a hacker get when they hack FB account of yours? Obviously, criminals get access to all your photos and messaging history, which opens ‘great’ social engineering opportunities. You might have heard stories where close friends ask to borrow some money in a message and, well, many people say ‘Sure, here you go!’ and get scammed. Criminals may also extract much more of other information from your private messages. Who would like their messages to be read by a stranger at all? There may be some confidential info there. Secrets. Passwords. Nudes? What if all this becomes public? You can ask Jennifer Lawrence about what might happen. Hackers can ultimately undermine your reputation and make your friends’ private information also vulnerable to publicizing and other manipulations. But the main thing is that GDPR (General Data Protection Regulation) has now come into force and Facebook allows users to download all private data related to their personal accounts in one click. That means a hacker interloping your profile will be able to do the same. This article will tell you how to protect Facebook account from being hacked and offer a whole list of Facebook security best practices. Let’s secure your account and keep your private info safe. Zuckerberg's own Facebook account got hacked in breach https://t.co/Fs4DHBeSS6 pic.twitter.com/AzL9HUw5Sa — New York Post (@nypost) September 29, 2018 Useful to know: Top 10 Ways Hackers Use To Hack Facebook Accounts Now let’s get acquainted with a list of Facebook profiles hacking options and find out how to protect Facebook account from being hacked: Method Description What to do Password phishing The most popular and fruitful way to get your account data is the creation of full copies of real Facebook pages. Victims enter their emails and passwords to log into a fake page, becoming an easy prey for a scammer. Try not to work with Facebook from unknown devices; Use VPN while using public WiFi; Don’t click the links in emails from the ‘Facebook team’ claiming your account is hacked and you must enter your verification data immediately; Try to use Google Chrome for Facebook, this browser is able to recognize some phishing web pages. Authentication data saved in the browser A browser usually offers you to save login and password to automate further authorizations when you enter your Facebook page. If you accidentally launch a hacker resource and allow saving the data, your security gets ultimately undermined. Never use automatic authorization in your browser for any website including Facebook. To find out which passwords you have already saved and secure yourself from chances of being hacked enter the following in Google Chrome: chrome://settings/passwords Learn how to check saved passwords in Firefox here. Email breach Sometimes, it’s easier for scammers to break into your email than hack FB. If you don’t use a strong password to protect access to your email account and don’t activate two-factor...

read more

Windows Computer Safety Tips

Posted by on 12:20 in Engineering, R&D | 0 comments

Windows Computer Safety Tips

Windows is undoubtedly the most popular family of operating systems for personal computers and laptops worldwide. It is used on home machines and corporate workstations alike, so the question of ensuring Windows user profile security is essential. This article provides some Windows computer safety tips we hope will be useful to you. In order to understand how to protect Windows and what Internet safety measures are there, we must first understand what Windows security breaches are possible and widespread. Thus said, there are 10 major Windows security issues to keep in mind: Unpatched and outdated software. Lack of antivirus for Windows 7 or later versions. Disabled Windows firewall. Absent disk encryption and backups. Lack of minimum Windows security standards. Full access permissions for everyone. Weak passwords. Insufficient Windows security policy strength. Legacy software within the corporate network. Mobile access exploits. Even this short breakdown of the main issues of Windows computer protection allows highlighting the massive problems any business can face if they prefer to leave the matter unattended. Luckily enough, there are multiple solutions for each of the aforementioned issues, and we will list them too. 1. Update Windows and Software Regularly Disabling the automatic Microsoft Windows update is the easiest way to ensure the system won’t begin to upgrade while you are playing your favorite online game, yes. However, this is the shortest route for the hackers to get access to your system once they are inside the network. Still thinking that providing that full access to anyone was a great idea? When you use only licensed and fully updated software, the risk of catching a virus is significantly reduced. Do you recall the 2017 Petya ransomware attacks in Europe? It turned out the major part of infestation was done through a security backdoor that was fixed by a Windows update released… 6 months prior to the attacks! If only the users had 10 minutes to download an install it…Instead, they either paid ransom or lost their sensitive data. Enable automatic Windows updates For Windows 7 update just go to your Windows control panel from the Start menu, there go to System and Security>Windows Update>Change Settings. Then choose the time when you can spare about 15-30 minutes to download the Windows upgrade files, install them and reboot the computer — and rest assured your Windows system files are up-to-date. The same goes for all the software you use, as new vulnerabilities in multiple software and hardware tools are discovered daily, like these Meltdown and Spectre processor vulnerabilities.   Create a restore point One of the best ways to secure Windows computers is to create a Windows restore point. Sometimes the new drivers are incompatible with some of your hardware, or update process may go awry, etc. There is a widely-known case when Windows 7 users have to download the outdated Nvidia drivers to play Heroes of Might & Magic VI, as any new version of the video drivers results in black screen. However, the consequences might be much more serious than the inability to play one of the best turn-based games of all times. To create a system restore point on Windows 7 go to the Start menu, there to Control Panel>Systemand Security>System and go to System Protection tab. Press the Create button and choose the name...

read more
Share This