The past few days I’ve been busy working on the security of my online and mobile life and in this post I want to share the things I learned while doing so. I will also discuss some great apps I discovered that can help you improve your security A LOT! These are the apps that I personally use or think that are worth mentioning. If you have suggestions of your own, please feel free to leave them in the comments bellow. Some of the links mentioned in this post are referral links. When using that link to register to the corresponding service, we both get some benefit ;-).
Passwords, Passwords and More Passwords
Do you also have a ton of accounts on different websites and forums? And do you also use only one to seven passwords you know by heart? If you do, than you’re in the same situation I was almost two years ago. The problem with having only seven passwords you (can) remember is that on a lot of sites you use a duplicate password. And if one of those sites isn’t that securely protected or if your password wasn’t that strong, then you have a problem.
Another issue with passwords is that they are hard to remember. If you want to properly protect your personal email, PayPal or even Facebook and Twitter account, you better create a long password containing more than 15 characters. Plus your password should contain small letters, capitalized letters, numbers and symbols and should not be easy to reconstruct. A rule of thumb is that the more ‘random’ your password is, the more secure it is.
But remembering a random password of more than 15 characters isn’t easy. It’s even more difficult to remember one for each different website (or social network) you register. And here is where a good password manager comes in. Before I always felt like that a password manager limited me because when I use a friend’s computer, I don’t have my passwords with me (because he doesn’t have the same, or no password manager). But then I realized that in 98% of all the sites I log in to, I’m doing it on my own computer. So I only have to remember passwords for those other 2% which I do access from other computers and this is what convinced me to use LastPass!
LastPass is a password manager that works almost literally on every platform and every Internet browser. It also provides seamless synchronization but the one feature that makes LastPass for me the best password manager is the way they store and secure your passwords. All your passwords are locally encrypted on your computer using a key based on your master password and then sent to the LastPass servers. So the people at LastPass can never see your (unencrypted) passwords (or the website where you have an account) and your master password is never sent to LastPass. This makes LastPass very secure to use and I’m not the only one who thinks that. A drawback of this is that there is no “forgot my password” function. They also give you other cool tools like a generator for secure passwords, mobile applications, a security check tool to keep you sharp, multi-factor authentication… And almost all these features are completely FREE! But LastPass is just my favorite, there are also many alternatives.
Backups, Backups and Synchronization
The next thing I would like to this discuss is backup software. Everyone should make backups of their files but I know too many people who still don’t. And this while, with the emergency of cloud storage, making backups has never been so easy!
Another problem I have is that I use many different devices and platforms. I use my laptop which runs Windows and Linux. I also own an old desktop computer which I use now and then and I have my smart phone. If you also use multiple devices, you know that having all your files in one place is difficult and that they’re always in the wrong place.
But luckily there are two (and more) great applications that solve both problems: Dropbox and SpiderOak. I don’t think Dropbox needs any introduction and I recommend it to most (inexperienced) friends because of its ease of use. But I want to give some more attention to SpiderOak that I discovered after reading this article on Ars Technica. SpiderOak is a bit more complicated to use and setup than Dropbox and it isn’t that feature rich (like uploading files through the web interface, a mobile photo and file viewer…) but it has one big advantage over all other cloud storage applications: security and privacy. Very similar to LastPass, SpiderOak encrypts your data locally with a key based on your password and then sends the encrypted data (in different blocks) to the SpiderOak servers. Your password is never sent or stored at the SpiderOak servers so they have no way to actually read or use your data. In this way they guarantee your privacy. SpiderOak also handles local backups, synchronization, sharing and online access. They also offer a nice educational discount which is very convenient in my case. If you want an alternative to SpiderOak, there is Wuala. They do about the same as SpiderOak but I haven’t tried it myself. So let me know what you think about it in the comments below if you used it.
I’m currently using both SpiderOak and Dropbox. I use Dropbox for easy synchronization and sharing with friends who exclusively use Dropbox. And I’m using SpiderOak to back up and synchronize more personal data (like pictures, videos, contact details, thesis, research stuff…) because of it’s added security and privacy.
It’s small, smart and when you lose it, you have a problem
To finish this post (before it gets too long) I want to tell you about something I realized only a few days ago. I have an Android smart phone with a lot of different apps. I use it as my phone but also to check my email, manage my calendar, update my blog… But then I suddenly realized that my phone knows a lot about me. And with all those apps, it has access to a lot of my online accounts. It startled me even more that the only protection that my phone offered is an unlock key or pattern.
I started my quest to find an app that fixes this issue and there are actually a lot (strange that I didn’t saw them earlier). These are the ones I selected: Kaspersky Mobile Security, Lookout Security & Antivirus and Norton Antivirus & Security (these are links to the Android apps, but most of them have iOS versions too). All these apps offer antivirus scanning but also, and more relevant to my problem, remote locking and wiping of your phone. So if you lose your phone, you can send a message to it (either by SMS or the Internet) and then the application will lock your phone and/or wipe all personal data from it. When you locked your phone and you find it again, you can unlock it with some secret code.
LastPass is really a must-have because having different, secure passwords for every account is very important and LastPass helps you with this for free and in a very secure way. Having (off-site) backups of your data is also very important but privacy is a major concern here. I think SpiderOak and Wuala are the only cloud storage providers that offer you complete privacy and security, so I recommend that you give them a try. Your smart phone probably has access to a lot of your personal data so protecting it is very important. Therefore you better install a remote locking and wiping application so losing your smart phone doesn’t end in a personal catastrophe.
That’s it for today! I hope you discovered some new, interesting applications and that you use them to improve the security of your online and mobile life.