IT consulting and tech support blog

Don’t Tape Passwords to Your Computer

Published January 28, 2024

Passwords written on notes stuck to keyboard.

In the digital age, where cybersecurity threats are ever present, safeguarding our personal information is more critical than ever. Yet, some individuals still resort to outdated and risky practices, such as taping passwords to their computers. In this blog post, we'll explore the reasons why this seemingly convenient solution is a terrible idea and why you should opt for more secure password management practices.

  1. Risk of Unauthorized Access: Taping passwords to your computer exposes you to the risk of unauthorized access. Anyone with physical access to your workspace, whether it's a colleague, friend, or even a cleaning staff member, can easily gain access to your accounts. This defeats the purpose of having a password in the first place and compromises your sensitive information.
  2. No Encryption or Protection: Passwords are meant to be securely stored, preferably in an encrypted format. Taping your passwords offers no such protection. In case your computer is lost or stolen, the taped passwords are readily available to whoever finds it. This lack of encryption puts your accounts and personal data at a higher risk of being compromised.
  3. Violation of Security Best Practices: Security experts consistently emphasize the importance of creating unique and strong passwords for different accounts. Taping passwords is a direct violation of this best practice, as it encourages the use of the same password across multiple platforms. This practice increases the vulnerability of all your accounts if one of them is compromised.
  4. Password Rotation Challenges: Regularly changing passwords is a good security practice to minimize the risk of unauthorized access. However, taping passwords can make this process cumbersome and error-prone. It's easy to forget to update the taped password or, conversely, to accidentally expose the new one when attempting to conceal the old.
  5. Professionalism and Trust: Taping passwords to your computer reflects poorly on your professionalism and adherence to security protocols. In professional settings, it can erode trust among colleagues and employers, potentially affecting your reputation and career prospects.
  6. Better Alternatives Exist: Numerous secure alternatives exist for managing passwords, such as password managers. These tools generate strong, unique passwords for each account, store them in an encrypted vault, and require only a single, master password for access. This approach enhances security without sacrificing convenience.

Taping passwords to your computer is a risky and outdated practice that leaves you vulnerable to various security threats. Embracing modern and secure password management practices, such as using password managers, not only protects your personal information but also contributes to a safer digital environment for everyone. Remember, in the ever-evolving landscape of cybersecurity, it's crucial to stay informed and adopt practices that prioritize the protection of your digital identity.


The power of password managers

Published December 05, 2023

Abstract image of digital lock with green highlights.

Are you dominated by digital interactions and countless online accounts? Implementing and maintaining quality security measures has never been more critical. Protecting sensitive personal information from cyber threats is a priority for individuals and businesses alike. Among the most fundamental elements of safeguarding online data is the use of strong, unique passwords for every account. However, the task of managing numerous complex passwords is overwhelming. This is where password managers emerge as an indispensable tool, revolutionizing the way we secure our online presence.

Challenges of password management

The human mind struggles to handle the multitude of unique, complex passwords demanded by the digital landscape. As a result, individuals often resort to using weak, repetitive passwords across multiple accounts, making them vulnerable to cyberattacks. According to studies, a significant number of data breaches is due to compromised passwords. This issue highlights the necessity for a more secure and manageable solution.

Enter password managers

Password managers offer a solution by providing a secure and centralized space to store, generate, and organize passwords. These tools enable users to create complex, unique passwords for each account, encrypting and storing them in a digital vault protected by a master password or biometric authentication. A few specific security advantages to using password managers include:

  • Strong, Unique Passwords: Password managers facilitate the generation of robust passwords, eliminating the need for users to remember them, as the manager stores and auto-fills the login credentials when needed.
  • Encryption: Most password managers use high-level encryption techniques, ensuring that stored data remains secure.
  • Multi-factor Authentication: Many managers now support multi-factor authentication (MFA), adding an extra layer of security to access the password vault.
  • Syncing Across Devices: They allow users to access their password vault across multiple devices, ensuring convenience without compromising security.

Simplifying daily life

The convenience of a password manager cannot be overstated. Beyond secure storage, these tools streamline the login process. Users need not recall or type lengthy, complicated passwords manually; the manager auto-fills login details, saving time and frustration. Moreover, the capacity to store not just passwords, but also sensitive information like credit card details, secure notes, and personal information, enhances convenience further.

Choosing the right password manager

The market offers a variety of password managers, each with unique features and levels of security. Some popular options include NordPass, Dashlane, 1Password, and LastPass. Factors to consider when choosing a password manager include security protocols, ease of use, compatibility across devices, and additional features like secure sharing and password strength evaluation.

Best practices for using password managers

To maximize the effectiveness of a password manager:

  • Utilize the password generator to create complex, unique passwords for each account.
  • Enable multi-factor authentication for added security.
  • Regularly update the master password and the manager's software.
  • Avoid sharing the master password or sensitive information via unsecured channels.

Final thoughts

Password managers serve as a critical component in protecting our digital lives. They offer a harmonious blend of security and convenience, addressing the challenges of password management in an increasingly interconnected world.

Their adoption can significantly mitigate the risks associated with weak passwords, streamlining the login process while fortifying the defenses against cyber threats. Embracing password managers not only ensures individual security but contributes to the larger collective effort in fostering a more secure online environment.


Feeling Phishy: How to Be Safer in the Digital Ocean

Published November 06, 2023

In today's digitally connected world, communication has never been easier, but alongside the convenience comes a pervasive threat—phishing emails. These deceptive messages lurk in our inboxes, masquerading as legitimate correspondence while aiming to deceive recipients. From individuals to large corporations, everyone is a potential target in the expansive net of cybercrime. Understanding the insidious nature of phishing emails and learning how to identify and combat them is crucial to staying safe in the virtual realm.

What is a Phishing Email?

Phishing emails are fraudulent deceptive messages sent by bad actors with the intent to manipulate individuals into revealing sensitive information such as passwords, credit card numbers, or personal details. The emails often appear to come from reputable sources like banks, government institutions, or familiar brands. The fraudulent messages typically contain urgent requests, warnings of account suspension, or enticing offers to prompt recipients into taking immediate action.

These emails use various tactics to appear legitimate:

  1. Spoofing Identities: Cybercriminals impersonate trusted entities by mimicking their logos, email addresses, and language, making it difficult to discern their fraudulent nature.
  2. Urgency or Fear Tactics: Messages often create a sense of urgency or fear, pressuring recipients to act quickly without thinking, appealing to their emotions.
  3. Hyperlinks and Attachments: Phishing emails contain links or attachments that, once clicked or downloaded, can lead to the installation of malware or direct users to fake websites where personal information is solicited.

How to Recognize and Defend against Phishing Attacks?

SLAM infographic with a hooded hacker and text explaining the SLAM method against phishing.

To protect oneself and others from falling victim to these fraudulent schemes, it's crucial to employ various defensive strategies. We recommend using the SLAM method:

  1. SENDER: Don’t trust display names. Scrutinize the sender’s email address. Check for minor misspellings or alterations that might indicate a fraudulent account. Authentic companies or institutions usually have domain-specific email addresses.
  2. LINKS: Use caution before clicking on a link. Hover the cursor over any links in the email without clicking on them. This action reveals the actual URL, allowing you to verify if it matches the intended destination.
  3. ATTACHMENTS: Avoid downloading or opening attachments from unknown or unexpected sources. When in doubt, reach out directly to the supposed sender through verified channels to confirm the legitimacy of the email and attachment.
  4. MESSAGING: Look for uncommon phrasing, spelling, or odd requests. A sense of urgency may also exist in the message. 

Conclusion

Phishing emails continue to evolve, becoming more sophisticated and harder to detect. However, armed with knowledge and caution, individuals can thwart these attempts to protect their sensitive information. Vigilance, education, and the use of technological safeguards are pivotal in guarding against the insidious nature of phishing emails.

Remember, when in doubt, it's always safer to verify the authenticity of an email through official channels rather than risk falling prey to these deceitful tactics. In the vast virtual ocean, staying alert and informed is the key to navigating the deceptive web of phishing emails and ensuring a safer online experience.


Where do cyberattacks start?

Published September 07, 2023

An abstract cyberattack image.

Have you ever wondered, "Where do cyberattacks start?" Well let me tell you, cyberattacks can happen on any device at any given time. Now you are probably wondering which devices should I protect and how. So, to understand this, it will help to understand where these attacks come from.

In the past, most attacks came from outside sources, or, in other words, via the internet. IT Companies and cybersecurity specialists combatted these attacks by putting up firewalls, IDS, and IPS systems to thwart incoming attacks. Utilizing anti-virus software was also an important part of combating incoming threats, however, these methods are outdated. Nowadays, attacks take place just about anywhere.

Bad actors use malware now that is encrypted making them essentially invisible to firewalls and IDS systems. Historically, edge devices acted as the first line of defense, protecting the network from outside threats, unfortunately this is no longer the case. Hackers are no longer concerned with the devices they need to penetrate before they could make a serious breach.

Much like advancements in military tactics and weapons, the methods of cyber threats have also improved. Cyberattackers have developed multiple ways to bypass edge protection and gain direct access from inside the network. These methods include email phishing, accidentally entering an incorrect site, and even allowing your kids to play games on unsecured websites.

While networks are still organized from edge devices to wireless access points, and then to servers and personal devices, these advanced malware attacks ignore the line of defense that once proved competent. Companies do not realize that attacks can take place from within their own network. In fact, many companies still rely on firewalls and anti-virus software. This is not enough. Rather than simple edge protection, companies need cybersecurity solutions that give them full coverage.

With solutions from a reliable cybersecurity company, when an attack is made — no matter where it is coming from — the company is notified immediately, and the attack can be isolated before it begins to spread. This combination gives companies a centralized security system with all the assistance they need.

If your clients are simply using edge protection and anti-virus software, or if you are having any problems with your cybersecurity products, contact us to learn more about how we can help you.


Sips and Cyber - security and liability panel discussion

Published July 21, 2023

On July 11, 2023, New River Computing hosted a panel discussion on security and cyber liability.

Jeff Wynn and Suzanne Y. Pierce discuss cybersecurity and liability.
Jeff Wynn of New River Computing and Suzanne Y. Pierce of Cowan Perry PC.

The discussion featured the following panelists:

The panel was moderated by Jeff Nosenzo - Vice President of Brown Insurance.

Natalie Suarez and Jeff Nosenzo discuss cybersecurity and liability.
Natalie Suarez of Connectwise and Jeff Nosenzo of Brown Insurace.

If you missed out on the panel or want to revisit it, you can check it out in the video above!


Get a quote!

Your request has been successfully submitted.

Thank you for contacting New River Computing. We will respond to you as soon as possible.