Tag Archives: consumer protection

Top 5 Things You Should Be Doing To Be More Secure Online

Below, our Business and Tech writer – let’s call him Allen – shares valuable tips on cybersecurity; keeping you and your family’s online life secure, multi-factor authentication, encryption, and password managers. We highly suggest you read this post thoroughly and share these valuable tips with your friends and family. In today’s world, one can never be too prepared.

 

123456  123456789  qwerty  12345678  111111  1234567890  1234567  password  123123  987654321  qwertyuiop  mynoob  123321  666666  18atcskd2w  7777777  1q2w3e4r  654321  555555  3rjs1la7qe  google  1q2w3e4r5t  123qwe  zxcvbnm  1q2w3e

If you see your password in this list… you’re done.

Toast.

Busted.

Most people want to keep things simple.

Well, this simple isn’t secure.  This list above are the 25 most commonly used passwords.  There is even bigger list here www.passwordrandom.com/most-popular-passwords.  It contains the 10,000 most commonly used passwords .

(ProAdvice: PLEASE DO NOT USE THE PASSWORD CHECKER ON THEIR SITE.  I don’t think you should type your password anywhere except where you should use it. Got it?  Good.. moving on..)

 

So now that your password has been shared with the world or maybe you know your kids, pets or cars name isn’t secure either… lets get you more secure.

photo credit: Visual Content Data Breach via photopin (license)

1.  USE A PASSPHRASE NOT a PASSWORD
You should use a 9 character passphrase with with special characters.  Like
FromNowOn!WillUse1B!gPassPhrase$.” Short or common passwords can be easily guessed or attacked sequentially.  For many of you, you are thinking there is a password lock out feature that keeps lowly hackers from trying all the password possibilities. In which you are right.

Most sites or apps block multiple attempts and either lock the account or offer an option to change the password after many failed attempts.  However, hackers rarely use this tactic.  Instead, they compromise the website or app and collect the encrypted passwords. With a little research the hacker determines how the passwords were encrypted. (In other words, they figure out the math required to generate the encrypted passwords) They then use hacking tools to brute force “crack” encrypt known words or passwords and compare them against the encrypted passwords which they collected.  This is where your common password falls over backward.

Considering that fundamentally computers fastest action is the comparison of 1’s and 0’s this is a amazingly fast job. In fact there are password cracking tool that use gaming video cards can crack passwords with 6 billion attempts per second.  using a passphrase makes this significantly more difficult to do in a short period of time.

By adding a few characters, numbers and special characters into an easily remembered passphrase you are making hacking your password significantly more difficult to crack.  By doing this cracking your password can go from cracked in minutes to months to years.

photo credit: barnimages.com Working with iPhone via photopin (license)

2. CHANGE YOUR PASSWORD REGULARLY
If you have had the same password for years… you have increased the chance of an old hacker compromise from years ago, leaving you vulnerable today.  Change your password at least once a year.  If you want a gold star, change it twice a year.

3. DO NOT USE THE SAME PASSWORD EVERYWHERE
Imagine if everyone had the exact same house key. The key would be useless … right? Need I say more?

4. USE MULTI-FACTOR AUTHENTICATION
Sounds fancy? You should like fancy. Multi-factor authentication adds another “factor” to your password. It is essentially having two or more passwords to login to your account/service. There are many ways to do this including using your smartphone, having a secure token or USB key or fingerprint.

With a second factor you are using your good password (see #1) with something only you have. Many of you may have enabled fingerprint on your phone. Bravo! You’ve done it for your phone! (Ask me why I don’t use my fingerprint).

Check out Yubico www.yubico.com for a Yubikey to insert into your computers usb port.

Try Duo https://guide.duo.com/third-party-accounts with its free app to add a second factor. GMail, Facebook, Outlook, Office 365, banks and many other sites support these.

5. USE A PASSWORD MANAGER
Ok, now you are worried you are going to forget your passphrase… NO PROBLEM.  There are apps for your phone and computer that allow you to store you passwords. In fact, some of them integrate with websites and you NEVER have to type or copy the password.  WIN w!n. These apps or websites store all your passwords behind one master password you set.. (See #1)
Check out LastPass www.lastpass.com  or  Dashlane www.dashlane.com. Extra credit: If you use Dashlane or LastPass you can use multi-factor tokens with them also.  Bonus! Dashlane and LastPass can fill in payment forms and store your credit card information too!

Be sure to store your master password for your password manager in a safe just in case you forget. If you use a multi-factor token setup alternate backup access. Check with your web service or bank to find out how.

Once you do this.. you are in complete control of accessing your account. Not even the people from the site in some cases can get into your login. You will be your own locksmith.

Take a deep breath… It’s easier than you think.

Your phone, credit cards and other items are transmitting your info to thieves. Silence them with Silent Pocket.

Ahh, we love technology.   It allows us to do so many things quickly and easily.

Tired of pulling out your credit card at the cash register?  Try Android Pay, Apple Pay or Samsung Pay with your phone.  Several years ago MasterCard and many businesses started a quick payment method called contactless payment.  Tap and Pay and Pay Pass are common names you may have seen at local businesses.

Contactless payment is a pay method where a card or other device can simply be touched to a payment device without having to swipe your credit card.  Quick, easy and you no longer have to worry about that magnetic strip on the back of your credit card wearing out. This new payment method uses variations of the wireless technology called RFID. To understand how this affects users of the technology, lets look at how RFID works.

RFID (Radio Frequency Identification) is a clever wireless technology that allows data stored on a device (card, chip or electronic device), to be sent by a wireless “reflected pulse” to a receiving reading device. How? Let’s look at an RFID tag.  An RFID tag is simply an antenna (wire) connected to an electronic chip. The electronic chip does not have a battery. It s powered wirelessly by radio waves. Take a look at this photo of one of my actual RFID tags. Using a VERY BRIGHT flashlight I was able to shine a light through the card.

Inside an RFID tag

See through an RFID tag

You may have seen these before in the back of a library book long ago. At the bottom of the photo is a chip connected to the black lines. The black lines are the antenna wrapped around the chip in a loop.  The antenna is designed to capture power from radio waves.  The radio waves are very low power and are usually only detectable from a few inches to a foot. The power needed is only a few volts, which is sent by the payment device.

Payment devices come in various forms, from SpeedPass modules on gas pumps to MasterCard Tap and Go receptacles on credit card machines. The payment devices “talk” to the RFID tag by sending a radio wave a specific frequency.  Think of tuning your favorite FM radio channel.  The card is only powered and responds when it “hears”  certain radio frequencies. Once powered, the chip sends its data to the receiving device via another antenna loop embedded in the card or device. Another RFID technology called NFC (near field communication)  Pretty clever.

Have you seen this logos on credit card machines?

EMV contactless symbol used on compatible payment terminals

EMV contactless symbol (Courtesy Wikipedia)

The first common contactless payment devices were used at gas pumps via a keychain speedpass token.  You can watch their “how it works” video here.

Some contactless methods don’t store your actual card information on the embedded electronic chip. A proxy card or other ID represents your credit card data.  This can protect your data in some circumstances. However, there are some contactless system which transmit directly usable data. RFID and its associated technology NFC are simple and convenient data transfer methods for credit cards, hotel key cards, passports and any other electronic ID systems.

With the ease of use, it is also quick and easy for  ANYONE to read RFID/NFC devices with a special RFID/NFC readers or even Android phones. Imagine walking in a store or a crowded area with your wallet, purse or cell phone (which many have NFC today).  A person armed with an RFID/NFC reader can silently capture your credit card, hotel key card, passport or other RFID/NFC data. By simply placing the reader near your card or device for less than a second or two.  This can be accomplished easily and I’m surprised it hasn’t become a big fraud/ security issue. You can purchase RFID/NFC readers from online stores or simply run a NFC tag reader application on an Android phone with NFC. This is a legitimate risk.

Solution?

You can protect your data with shielding products from Silent Pocket. Silent Pocket is a California based company we met at CES 2016 who have solutions to protect your data. Silent Pocket has a line of products which shield the RFID and NFC when not in use.  Simply insert your credit card, hotel key card or other thin device in one of their products to protect your data.

Check out Silent Pocket’s video for more detail.

Silent Pocket sent us a few of their products to test. We received a 5 pack of credit card sleeves, a medium sized shielding sleeve for electronic devices, a simple card wallet and an iPhone 6 radiation and card guard. We put them through some tests.  Here is what we found.

Credit Card Sleeve

Our favorite product from silent pocket are the credit card sleeves.  They are very versatile and work well with any card based RFID/NFC solution you want to shield.

Silent Pocket Sleeve Package Front

Silent Pocket Sleeve Package Front

Silent Pocket Sleeve Package Back

Silent Pocket Sleeve Package Back

 

 

 

 

 

 

 

 

 

Silent Pocket Card Guard 5 Pack

Silent Pocket Card Guard 5 Pack

NFC enabled Hotel Key Card and Transit Card

NFC enabled Hotel Key Card and Transit Card

 

Silent Pocket Card Guard with NFC token

Silent Pocket Card Guard with NFC authentication token

Medium Plus Full Shielding Sleeve

If you have a need to protect a cell phone, small tablet or several small devices Silent Pocket has a medium sized sleeve.  We found this device useful for making your phone disappear. This is useful when used in corporate, state and federal environments where use of electronic devices is forbidden. Trusting that the device is truly off and not transmitting or receiving isn’t a concern with this sleeve.  We tested this by making a phone call, enabling the speaker phone and while talking to another person, placing the phone into the sleeve.

Call dropped.  WIFI and cellular no longer could transmit or receive signal. The sleeve is well made and is made out of leather.  Its also a good size for various devices.

Note: This sleeve can take you “off the grid“.  There are companies implementing technologies which can track your cell phone in stores.  By identifying your device trackers can note what areas of the store you visit. This tracking system doesn’t have to know who you are, just knowing that customers that look at certain products is a marketing and data research tool. Noting stops them from having one at the cashier when you make a purchase, where they could match you to your credit card or loyalty program.   (Best Buy… Is that why you want us to wait so far back when standing in line?  hmmmm?)

Silent Pocket Sleeve Front Package

Silent Pocket Sleeve Front Package

Silent Pocket Sleeve

Silent Pocket Sleeve

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Silent Pocket Sleeve size comparison with the Nexus 6

Silent Pocket Sleeve size comparison with the Nexus 6 tablet

 

Silent Pocket Sleeve size comparison with several Nexus devices

Silent Pocket Sleeve size comparison with several Nexus devices

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

iPhone 6s case and Guard

Silent Pocket also has an iPhone 6s case and card guard.  Our only reviewer complaint came from this item.
As with the other products the case offers a pocket to protect cards with RFID/NFC.   The pocket can accommodate 1-3 cards with a VERY tight fit. Its a bit difficult to get your card out if you have 2 or three cards in the pocket on the back of the case.  If you do plan to use 1 or 2 cards in the pocket, add one extra card to it for one day to allow it to stretch a bit and your cards will come out more easily. The case provides radiation protection when properly oriented. Check out the diagram below with a description.

 

Silent Pocket iPhone 6s phone Radiation and Card Guard Package Front

Silent Pocket iPhone 6s phone Radiation and Card Guard Package Front

Silent Pocket iPhone 6s phone Radiation and Card Guard unloaded

Silent Pocket iPhone 6s phone Radiation and Card Guard unloaded

Silent Pocket iPhone 6s phone Radiation and Card Guard with one card

Silent Pocket iPhone 6s phone Radiation and Card Guard with one card

 

 

 

 

 

 

 

 

 

 

 

 

Silent Pocket iPhone 6s phone Radiation and Card Guard Package Back

Silent Pocket iPhone 6s phone Radiation and Card Guard Package Back

 

We did find the radiation blocking a bit confusing.  If you look at the diagram, it appears you must face the phone away from you once its in the case to avoid radiation.  Its a little awkward but would work as indicated.

Silent Pocket iPhone 6s phone Radiation block diagram

Silent Pocket iPhone 6s phone Radiation block diagram

 

Simple Card Wallet

Another favorite shield made with premium leather is the simple card wallet. This is a useful wallet for several cards and can accommodate thin to medium sized RFID/NFC tokens. If you arent familiar with two factor authentication tokens, you will be soon.  We will cover them in another article later this year. The simple card wallet is small enough to be inserted into a medium to large sized wallet. The wallet can hold 6 or more cards easily.

Silent Pocket Simple Card wallet

Silent Pocket Simple Card wallet

Competition?

Silent Pocket isn’t the only company in this game. During our testing we discovered this product in a local store.  It worked similarly, but didn’t have a premium look.
The interior of this product looked like aluminum foil from a chewing gum wrapper. The sleeves from their competitor had a faux leather look.  Both of these products are made out of paper and in this case the competitors product seemed to be a tyvek material which is a bit more durable and difficult to tear.  One suggestion we have for Silent Pocket in the future would be to keep the same quality premium look of the sleeve and make them with a tyvek like material.  Instant winner.

Silent Pocket Card Guard and Card Lock Side by Side Comparison

Silent Pocket Card Guard and Card Lock Side by Side Comparison

Silent Pocket Card Guard and Card Lock Size Comparison

Silent Pocket Card Guard and Card Lock Size Comparison

Silent Pocket Card Guard and Card Lock Interior Comparison

Silent Pocket Card Guard and Card Lock Interior Comparison

Conclusion:

During our tests we surveyed some non tech geeks about what kind of cards and RFID devices they had.  We discovered many were unaware their credit cards had this capability. RFID/NFC is being used in more places. Be sure to check your cards and be aware of what you may be broadcasting.

Here are some places we encountered and tested RFID/NFC cards:

  • SunRail Train pass (Orlando, FL)
  • New York City Subway/ Metro (NY, NY)
  • Cambria Hotels (Cleveland, Ohio)
  • aLoft Hotels (Tallahassee, FL)
  • Disney entrance bands (Orlando, FL)

Could you use aluminum foil?  Maybe, we tested with regular aluminum and found it was not as durable as silent pockets products.  Within a week or two plain aluminum foil kept in a wallet would crack or develop holes.  After some time they foil could and will fail. Foil may also damage magnetic strips. I also felt odd pulling my aluminum foil sleeve out in public.

Silent Pocket offers premium protection products that appear like normal wallets, bags and pouches. These great looking products effectively make you cards and devices invisible when needed.

Central Florida Top 5 would like to thank Aaron Zar Co-Founder at Silent Pocket for sending us additional products for us to review. Find out more about them at http://silent-pocket.com/.

Silent Pocket provided us with their devices however, all opinions are our own.