LastPass On Wed, Aug 27, 2014 at 7:07 AM, Chris Hart <email at chrishart.net> wrote: > ** Be sure to fill out the survey/skills inventory in the member's area. > ** If you did, we all thank you. > > > > Personally, I'm a big 1Password advocate. I've been using it for many > years and like how robust/reliable it is. I also value the fact that the > password "vault" is actually resident on my devices (it can be synced via > cloud if you want — which I do take advantage of — but you don't have to > put your data in the cloud if you don't want to). On Apple devices, > 1Password can sync via iCloud or Dropbox. Your password vault is encrypted > everywhere it lives — on your Mac, PC, smartphone, tablet, cloud service. > > 1Password is in contrast to some password managers that are entirely > cloud-based — like LastPass — which don't necessarily give you full control > over your data. > > It's worth noting that many "Password Managers" can be used for more than > just passwords. You can keep secure notes about anything and everything > you like (which I do) and several also let you store images of important > documents (banking docs, drivers license, passport, birth cert, etc.). > 1Password does all that. > > *Chris Hart* > > * Computer Support & Technology Consulting* > > * for Connecticut and Western Massachusetts* > > * Tel: 860-291-9393 <860-291-9393>* > > * http://www.MyMacTech.com <http://www.MyMacTech.com>* > > From: Rob Laporte <rob at 2disc.com> > Date: Tuesday, August 26, 2014 at 1:12 PM > To: Chris Hart <email at chrishart.net>, < > Hidden-discuss at lists.hidden-tech.net> > Subject: Re: [Hidden-tech] security audit of network and website > properties > > Hi Chris and HTers, > > Great advice Chris, thank you. Any suggestions about which password > manager is best amount 1Password, LastPass, DashLane, etc.? Or are they all > pretty much as good as the other? > > Best Regards, > > > *Rob Laporte*President and CEO > > *DISC, Inc. - "Making Web Sites Make Money"*413-584-6500 > Fax – 413-553-0745 > Rob at 2disc.com > www.2disc.com > > Note: Increasingly, ISPs, companies and individuals use spam blocking > systems that block legitimate email too. Important emails should be > followed up with a phone call if no reply happens within an expected span > of time. > > > > > ------------------------------ > *From: *Chris Hart <email at chrishart.net> > *Date: *Tue, 26 Aug 2014 10:10:08 -0400 > *To: *<Hidden-discuss at lists.hidden-tech.net> > *Conversation: *security audit of network and website properties > *Subject: *Re: [Hidden-tech] security audit of network and website > properties > > ** Be sure to fill out the survey/skills inventory in the member's area. > ** If you did, we all thank you. > > > ------------------------------ > > The number 1 suggestion I have for network and 'net security is to have > good password practices: > 1) using long, random passwords, that are unique for every single > site/service/account > 2) storing them in an encrypted password manager and nowhere else > (1Password, LastPass, DashLane, etc.) > 3) change the passwords once in a while > - change critical passwords (like banking/financial) on a quarterly basis > - any time someone leaves your company, change the codes that you know > they had access to > > If you don't have strong password practices as a starting point, all the > security in the world is worthless. And I can't tell you how many > individuals and business I encounter who have lousy password habits and are > making themselves vulnerable. > > And if others in the organization are responsible for establishing new / > changing passwords sometimes, you should audit their passwords, too. I > have seen many instances of the boss at a company pushing through my > password practice recommendations to the staff, only to have the staff > change the passwords back to something "easy" shortly thereafter. (Of > course using password managers should negate the need for 'easy' passwords, > but some people are stubborn and minimize the threats/risks in their head > and talk themselves out of the need for strong passwords.) > > > *Chris Hart* > > * Computer Support & Technology Consulting* > > * for Connecticut and Western Massachusetts* > > * Tel: 860-291-9393 <860-291-9393>* > > * http://www.MyMacTech.com <http://www.MyMacTech.com>* > > > > On 8/26/2014 7:48 AM, Rob Laporte wrote: > > > > > This leads me to a new but related topic and question: are there network > and security experts on this list? If so, I think it would be good to hear > from them, for all our sakes. A security audit of network and website > properties should probably be higher on most of our todo lists than it is. > > Best Regards, > > > *Rob Laporte *President and CEO > > *DISC, Inc. - "Making Web Sites Make Money" *413-584-6500 > Fax – 413-553-0745 > Rob at 2disc.com > www.2disc.com <http://www.2disc.com> <http://www.2disc.com> > > > ------------------------------ > _______________________________________________ > Hidden-discuss mailing list - home page: http://www.hidden-tech.net > Hidden-discuss at lists.hidden-tech.net > > You are receiving this because you are on the Hidden-Tech Discussion list. > If you would like to change your list preferences, Go to the Members > page on the Hidden Tech Web site. > http://www.hidden-tech.net/members > > _______________________________________________ > Hidden-discuss mailing list - home page: http://www.hidden-tech.net > Hidden-discuss at lists.hidden-tech.net > > You are receiving this because you are on the Hidden-Tech Discussion list. > If you would like to change your list preferences, Go to the Members > page on the Hidden Tech Web site. > http://www.hidden-tech.net/members > -- Robin MacRostie *CHOREO* Graphic Consulting and Design for Effective Marketing 413.461.6655 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20140827/e4412808/attachment.html