For today's Works for Me Wednesday I am sharing one of my most basic pieces of computer security advice: Enable two-factor authentication (a.k.a. two-step verification) on every account you can. Two-factor authentication is a simple way to prevent someone else from getting access to your accounts. I've written about this before (including here, here, and here), … Continue reading Why you should turn on two-factor authentication
It is now estimated that personal data for 21.5 million people was stolen when the Office of Personnel Management (OPM) was hacked. OPM held (I dare not say "managed") background check records for current and former government employees. The data includes social security numbers, birthdates, current and former addresses, current and former employers, and lists … Continue reading 1 in 21 million: The OPM data breach and me
More and more websites are using Hypertext Transfer Protocol Secure (HTTPS) by default. Recently, the White House Office of Management and Budget (OMB) declared that all public-facing websites for U.S. government agencies will use HTTPS by the end of 2016. The increased use of HTTPS instead of unencrypted HTTP is great news for data security … Continue reading HTTPS does not mean your data is safe
According to research by David Hauser, describing cancer as an enemy that needs to be fought reduces the extent to which people focus on preventive behaviors such as changing their diets. Hauser's work seems to indicate that describing cancer in terms of war and battle metaphors focused people on direct attack actions and made them … Continue reading Do terms like ‘cyber attack’ prevent good computer security practices?
Information security specialists are not just people who nag you about strong passwords and not clicking on strange things. We are also people. People with hearts. People with hearts that love. I've made some Valentine's Day cards for my fellow infosec geeks. Enjoy. You have my permission to save, print, and share these valentines with those … Continue reading Valentine’s Day cards for infosec geeks