Saturday, January 30, 2010

Book it

RoomAtlas is a nice little application. You put in a city or place you want to go, and a mash-up with a mapping service visually locates where the hotels are and how much they cost. Color coding makes it easy to find out where you can get the best bargains.You can set filters, such as those that accept pets or have a restaurant, to refine your search. You can even use it for foreign travel.

A new feature looks very useful if you are organizing an event. You can create a hotel map of the area, add some information for visitors (such as a link to restaurant sites), and add the dates. You are then given a unique URL you can share with your visitors to make it easier for them to find lodging.

This one is going in my Delicious folder for Travel.

Sunday, January 24, 2010

I've got a secret

It is time to get serious. There are more news stories circulating about hackers getting control of e-mail accounts. Once a hacker gains access to one of your accounts, it is a wedge to start gaining control of more of your passwords and personal information. You may not even know it is happening for years.

I've been using a password manager that generates strong passwords. Strong passwords are one of the keys to being safe. Another key is not to use the same password for more than one site, and to keep them in a way hackers can't find. I can't recommend strongly enough that you exercise control over your computing environment.

Here is what Imperva says are the twenty most popular passwords. If you use one of these, you should probably just shoot yourself now. There is a good chance you have already been hacked.
  1. 123456
  2. 12345
  3. 123456789
  4. Password
  5. iloveyou
  6. princess
  7. rockyou
  8. 1234567
  9. 12345678
  10. abc123
  11. Nicole
  12. Daniel
  13. babygirl
  14. monkey
  15. Jessica
  16. Lovely
  17. michael
  18. Ashley
  19. 654321
  20. Qwerty

People deal with all their passwords in differnt ways, and hackers know them all. Which one of these things do you do to keep all of your passwords straight? How about store them in a browser so they get automatically entered when you visit a Website, write them on scraps pieces of paper, put them in an e-mail to yourself, write then up in a Microsoft Word document, store them online in a Google Docs account, or just use one or two passwords for everything? I have 231 passwords right now, so I know this is not easy.

But before despairing, I recommend you use use LastPass to manage your passwords. It will help you use strong, unique passwords, and automatically fill them in for you when you visit a page. The passwords are encrypted to keep them safe. The system syncs everything up so you can use your passwords on different computers. It even has a way for you to use your passwords safely on a public computer, such as in a library. You can share a password with another user (such as joint banking accounts), so if one person changes the password both users get updated. You can define the length of a password, and if it should include numbers or special characters. You can also use LastPass to store secure information, such as credit card numbers, so you never have to enter in this information when purchasing online.

Oh, and it is free. What's not to like?

There are a couple of important things to remember about using LastPass. One is to use a strong master password that you will remember. (If you forget the password, you are sunk.) One ways I like to do this is with a phrase of some sort that you will remember -- song lyrics, a poem, a saying, a combination of addresses. It is good if you can mix things into it other than letters. Take for example, the line from the nursery rhyme:

Three blind mice, three blind mice. See how the run

This can be transformed into a strong password by converting the numbers to digits and using the first letter of each word:

3bm, 3bm. Shtr

This is a 14 character password that does not contain any dictionary words, and includes both upper and lower characters, digits, special characters, and spaces. (Hint: don't use this one; come up with your own.) To help you get started LastPass will scan your computer for all your passwords you have already saved in your browser and encrypt them into your LastPass database. You can then start using your old passwords. I suggest you visit your most important, sensitive sites and use LastPass to generate a new password. This would most likely be any site that has financial or personal data about yourself. Then get rid of that Word file you have that lists your passwords.

One enlightening exercise is to use the LastPass security analysis to tell you how secure you actually are. You can run it after you import you passwords into LastPass. It will find all the duplicates and analyze your passwords for strength. I've been working on hardening mine for a while now, and will be happy to challenge anyone to best my score.

Be safe, be happy. Oh, and did I mention that it is free?

Here is some more things to help scare you into action: