In my daily check of my Apple News app, where I have set up a 'topic' that provides me with daily 'computing and information technology news', I saw a concerning article about the release of over 700 million email addresses online.
For some of these email addresses, passwords were also available - hacked from who knows where!
Here is the article for anyone wanting to read about this:
Have you been 'pwned'
As mentioned in the above article, it is possible to visit a website that tells you if your email address is available on any known list of 'hacked' email addresses - including this new massive list.
The website is haveibeenpwned.com. Just enter your email address to see if it is on any list.
I was surprised to find my own iTandCoffee email address was on this new list! It was not on any list last time I checked, so this leaves me wondering which of the many online services I use has been 'hacked'.
So as a precaution, I have changed my password for the impacted email account, and for other key accounts that use the email address.
Now I need to see where else I have used this email address, and decide if password resets are needed! Ow.
At least I have a different password for every online account, which minimises any 'damage' if anyone does have more than the email address. And I have put all these different passwords into my 'password safe' on my iPhone. This means that I always have easy - and secure - access to my passwords whenever I need them, either from my iPhone or iPad.
(If you are an iTandCoffee Club member, you can watch the members-only video about how to set up a password safe on your iPhone/iPad. Here is the link to this video»
If you are not yet a member, find out more about The iTandCoffee Club here »)
How to change your online passwords
If you need to change your password for your various online accounts, here are links to the relevant pages on some of the important ones:
Need further advice or help?
If you need advice on how to change any other online passwords, just leave a comment below. Or if you would like assistance with making changes to your passwords, book a time with iTandCoffee. Book online here or call 03 9886 0814 or 1300 885 420.
So many people I speak to tell me that they use the same password for more than one of their online accounts - their Mail, their iCloud/Apple ID, their PayPay, their eBay. Or they use only a couple, or minor variations of the same password.
They tell me that this is the only way they can remember passwords. In many cases, this password is also very simple and easy to guess.
My advice is always to reconsider this approach, and to tighten up their security - advice that I know is rarely heeded. It is all just too hard.
An article that I saw last week re-iterated the serious danger of using one password across all your online accounts. It is worth reading, then considering whether it is time to get to work on updating those passwords.
Here is the article:
We are going to talk about managing passwords at our next Free Friday
Due to popular demand, we are going to re-run on a workshop that we have run previously on the topic of passwords.
At our next Free Friday for iTandCoffee Club members* on August 25th at 12pm, the topic will be
'Let's talk about managing all those %$&#@* passwords'
We will talk about how to keep your online world safe, the importance of good, strong passwords, and (most importantly) how you can keep track of all those passwords - in a way that is safe and gives you access to them whenever you need them. We will hopefully also have time for general questions at the end.
* Free attendance at iTandCoffee Club sessions like Free Friday depends on the level of membership. See our membership options here. Non-members can attend at a cost of $35.
11/7/2017 0 Comments
This has been a common problem encountered by so many iTandCoffee clients. In fact, we have already had seen two clients this week who have had the problem (and it's only Tuesday!).
Apple just won't accept my password!
The issue arises when 'two-factor authentication' has been enabled on an iOS 10 (or MacOS), but where other devices that use the same Apple ID are running an older version of iOS or OS-X.
The older versions of iOS and OS-X don't 'understand' the newer security steps that two-factor authentication bring.
As soon as two-factor authentication is enabled on one of their devices, our clients have found that their password keeps getting rejected on other devices - even though they know that the password is correct.
They get a message popping up on their 'up-to-date' iOS 10 device (or on their 'up-to-date' Mac) saying that someone is trying to access their account, with an 'Allow' (or 'Don't Allow') option.
When they choose 'Allow' to get the 6-digit two-factor authentication code, they find themselves stuck - because the device that rejected their password does not offer a place to enter this 6-digit code.
Instead, it just tells them that their password is incorrect.
Fear not! There is a solution
Fortunately, there is a relatively easy fix for this problem.
We covered this issue in our February 2017 Handy Hint newsletter. (Subscribe to our great Newsletter here so that you get to see FREE tips like this »)
This tip has since been moved to our Handy Hint Library, which is for iTandCoffee Club members. Here it is - if you are a Club member, just select the link to view the solution.
Not yet a member of The iTandCoffee Club?
Contact iTandCoffee on 1300 885 420 if you need help to solve this problem.
If you are 'not so local' and are not yet a member, why not join The iTandCoffee Club to gain access to our huge library of great tips like this.
Related Handy Hints and Articles
Handy Hints (for iTandCoffee Club members only)
Blog Articles (no membership required)
Every week, there are new reports of major security breaches. Recently, there were reports that cloud storage company Dropbox was a victim of a major hack in which 68 million account email addresses and passwords were potentially compromised.
Here is an article about this breach from Macworld.
If you have a Dropbox account and have received the notification to change your password, I would strongly recommend that you act on this as soon as possible.
If you have not yet set up something called 'two-step verification' on your Dropbox account, now is the time to do this as well.
What is two step verification?
iTandCoffee regularly comes across clients who do not know the passcode for the Restrictions area of their (or their child's) iPad, iPhone or iPod touch.
The consequence of this is that it is not possible to change any Restrictions already established, and it is not possible to easily 'reset' the device to its factory settings - for example, when passing on the device to someone else.
So, what do you do if an i-Device has an unknown Restrictions passcode?
iTandCoffee can assist with this. We have a special tool that allows the Restrictions passcode to be retrieved.
If you would like iTandCoffee to determine the Restrictions passcode of a device that you own, please contact us on 1300 885 420 or email firstname.lastname@example.org to arrange an appointment time. (iTandCoffee is in Glen Iris, Melbourne.)
What tool allows the Restrictions passcode to be decoded?
Have you ever thought about what would happen to all your 'digital assets' when you are no longer around?
By this I mean access to content on your mobile devices and computer (which, I hope, are password protected), email and other online accounts, content stored in the cloud, and more.
Do those you love know your all your passwords? (Mine certainly don't.)
If not, do you want those you leave behind to have access to these passwords and all the content that they protect when you die?
I know this is something that I considered when we re-did our wills last year. In fact, I have left a list of my digital passwords with my solicitor, to be passed on to my family if 'kick the bucket'.
Here is an article that I saw in this week's Choice magazine on this very topic. It is thought provoking, and well worth a read.
I had an email from a client this week that raised something that, I have to admit, I had not thought to cover when running recent 'Keeping kids safe on iPad, iPhone and iPod Touch' information sessions at schools.
This client asked me if I use my fingerprint to access a particular Password Keeper app on my iPhone. She was concerned about whether she should do the same on her own device.
In her email, she said that her kids know her device passcode, and had even set up their own fingerprints on her device, so that they could easily unlock Mum's phone.
I know from my experiences with helping lots of mums and grandmums with their i-Devices that she is not alone in having kids that have guessed (or been given) the passcode for the parental device.
But now, with the newer iPads and iPhones, there is the possibility that any child accessing your device could set themselves up with a fingerprint to access the device.
Even if you decide to change your passcode to 'lock them out', the child would still be able to use their saved fingerprint to unlock the device.
Not sure I like that idea. If I had kids accessing my device, I would be sure to remove any fingerprints that were not mine. In fact, it would be a rule that, in using my device, they agree not to even try to save their own fingerprint to the device.
Does the fingerprint unlock more than just the iPad/iPhone?
Before the advent of fingerprint technology on i-Devices, a child who could unlock a parent's i-Device would then need to also know the separate passwords/passcodes that have been set up for any other password-protected apps and features on the device - for example, a Banking app, a Password Keeper app, iTunes downloads and more.
These days, however, it is possible to have your fingerprint unlock protected apps and approve iTunes downloads - a great help for those of us who hate entering different passwords in different places. On my own iPhone and iPad, I have certainly enabled this fingerprint unlock feature on any applicable app, as well as for iTunes and App store purchases .
However, if my kids had my device's passcode, I would certainly not enable fingerprint access to any of these password-protected apps or to allow fingerprint approval of iTunes download.
It's not that I don't trust them. I would just rather protect sensitive information and only allow my bank accounts to being accessed by me. And I don't want any accidental deletion of files and content that are important to me.
Do your kids know your device's passcode? Do you allow fingerprint access to apps and approval of iTunes purchases on that device?
What advice would you give my client?
Another interesting article about parenting kids with smartphones
This article appeared recently in The Age, and talks about the issue of whether or not you should monitor what your child does, uses and says on their mobile device.
How far should you go in trying to keep your child 'safe' on these devices?
'Keeping your Children Safe on iPads, iPhones and iPod Touches' - Guide now available
The guide can also be downloaded as a PDF from the iTandCoffee online store, at a cost of $9.90.
How many times have you forgotten a password, and gone through the process of re-setting it (assuming you are able to do this).
Many Mac users are not aware that, in many cases, their passwords are actually stored in a special place, called a Keychain.
These passwords can be viewed whenever required from a utility called Keychain Access.
All you need to know is the administrator password for your Mac, and this will allow you to view all of the passwords stored in your Keychain.
Find out more about Keychain Access - and how to view your stored passwords - in this Mac Handy Hint for iTandCoffee club members. (Don't forget to log in first, using the 'Member Login' in the right sidebar.)
Not yet a member of The iTandCoffee Club? Why not join today.
You'll get access to iTandCoffee's ever-growing library of Handy Hints, special members-only information sessions and other special offers advertised from time to time.
25/9/2015 0 Comments
Apple yesterday released an update to iOS 9, to fix problems that many users have been facing since its release on Sept 17th.
iOS 9.0.1 is now available for download and installation, from Settings -> General -> Software Update.
There are reports today that, while this new release resolves some major problems with the original iOS 9, there is a security issue with the Lock Screen that may allow unauthorised access to your Contacts and Photos.
Check out this article from AppleInsider for further details.
To secure your device and protect it from this security hole, you can disable Siri on your Lock Screen, or set a more complex Passcode (since only simple 4 and 4-digit passcodes allow this lock bypass). Instructions on haw to do both of these are shown below.
Disable Siri on your Lock Screen
Even in the absence of this security hole, it is worth considering whether you should allow Siri access when your screen is locked. For example, if Siri is available from your Lock Screen, your phone can be used to dial any number
To disable use of Siri on your Lock Screen,
(While you are there, think about what other information/features you want to make available while your screen is locked. Turn off anything you want to protect.)
Setting a More Complex Passcode
This is another security setting that is worth considering, even if there wasn't a problem with lock screen security in iOS 9.
You can use a more complex passcode instead of the simple 4 or 6-digit PIN that is standard on the iPhone and iPad. This complex passcode can contain letters, numbers or symbols - making your device much harder to hack if it falls into the hands of the wrong person.
Call 1300 885 420
iTandCoffee Pty Ltd, 34 High St Glen Iris, VIC 3146 ACN: 606 340 434
© 2012-2017 iTandCoffee Pty Ltd. All rights reserved
© 2012-2017 iTandCoffee Pty Ltd. All rights reserved