security Archives - here's the thing https://heresthethingblog.com/category/security/ Making sense of gadgets and technology Sat, 24 Feb 2018 12:34:38 +0000 en-US hourly 1 https://wordpress.org/?v=6.2.2 https://heresthethingblog.com/wp-content/uploads/2016/03/FB_icon_500x500-copy-130x130.jpg security Archives - here's the thing https://heresthethingblog.com/category/security/ 32 32 5 ways to keep hackers out of your Facebook account https://heresthethingblog.com/2017/08/03/5-ways-foil-facebook-account-hackers/ https://heresthethingblog.com/2017/08/03/5-ways-foil-facebook-account-hackers/#respond Thu, 03 Aug 2017 14:10:47 +0000 http://heresthethingblog.com/?p=23812 Wanda writes: I am getting emails each day telling me someone is trying to get into my Facebook account. How do I stop this! Hi Wanda! If you’re receiving alerts from Facebook about login attempts on your account, and it wasn’t you, that’s a problem. The good news is that there’s still time to stop […]

The post 5 ways to keep hackers out of your Facebook account appeared first on here's the thing.

]]>
Wanda writes: I am getting emails each day telling me someone is trying to get into my Facebook account. How do I stop this!

Hi Wanda! If you’re receiving alerts from Facebook about login attempts on your account, and it wasn’t you, that’s a problem. The good news is that there’s still time to stop would-be hackers from cracking your Facebook account. Here are five things you need to do right away, starting with…

Change your password

If you suspect someone is trying to log into your Facebook account, change your password, pronto.

Facebook change password

Just click the little downward arrow on any Facebook web page, click Settings, click Security and Login in the left column, then click the Edit button next to Change Password.

So, what should your new password be? Ideally, it should be at least 10 characters, including a mix of letters, numbers and symbols, and you should avoid recognizable words. If that sounds like a royal pain, a password manager can offer some much-needed assistance.

Bonus tip: You can perform most of these security tips on the iOS and Android versions of the Facebook app. To get started on iOS, tap the More button in the bottom corner of the Facebook app, tap Settings, then Account Settings. For Android, tap the three-line More button in the top-right corner of the app, then tap Account Settings.

Related: How to view everything you’ve ever liked on Facebook

Turn on login notifications

Even the strongest of strong passwords won’t stop a determined hacker from sneaking into your Facebook account, and that’s where this next security precaution comes in handy.

Facebook unrecognized login alerts

You can set Facebook to warn you whenever someone logs into your account from an “unrecognized” device—something other than the laptop, phone, or desktop PC that you use for Facebook each day.

Click the downward arrow in the top-right corner of any Facebook page, click Settings, then click Security and Login in the left column.

Next, in the Setting Up Extra Security section, click the Edit button next to Get alerts about unrecognized logins, then specify how you’d like to get your alerts, including via email, text, or Facebook web alerts.

Related: Put posts from your besties at the top of your Facebook news feed

Log out of Facebook sessions that you don’t recognize

Got a funny feeling someone else is using your Facebook account? There’s an easy way to view all your active and recent Facebook sessions, and log out of some or all of them.

When you log out of a Facebook session, anyone using that session will be unceremoniously logged out—and if you’ve just changed your Facebook password, they won’t be able to log in again.

Facebook security log out of session

Click the downward arrow in the top-right corner of any Facebook page, click Settings, click Security and Login in the left column, then check out the Where You’re Logged In section.

If you see any sessions you don’t recognize (make sure to click the See More link to see all your open sessions at once), click the three-dot button next to the session and click Log Out (to simply log out that individual session) or Not You? (which will take you through a series of steps to secure your Facebook account.

To log out of all your open Facebook sessions at once, click the Log Out Of All Sessions link at the very bottom of the list.

Related: How to keep the world from seeing your Facebook friends list

Turn on two-factor authentication

One of the best ways to keep hackers out of your Facebook account is by enabling a second layer of security above and beyond your password.

With two-factor authentication switched on, anyone who tries to log into your Facebook account from an unknown device will have to have to have a second code besides your password.

Facebook iOS app Code Generator

There are a variety of different ways to get the second code, which is generated by Facebook and different every time. You can get them delivered via text message, or using a “code generator” on the Facebook for iOS or Android app, which gives you a new authentication code every 30 seconds. You can also print out a series of 10 codes that you can keep in a safe place, handy if you’re travelling. Last but not least, you can use a U2F security key, which lets you authenticate yourself using a USB stick.

To get started, return to the Security and Login section (click the downward arrow, click Settings, then click Security and Login), then click the Edit button next to “Use two-factor authentication.”

Now, go ahead and enable the two-factor authentication you’d prefer to use. (If you’re familiar with the Facebook for iOS or Android apps, I recommend the Code Generator option.)

Related: View your Facebook profile as strangers see it

Pick some “trusted contacts”

Let’s say the worst happens: a hacker breaks into your Facebook account and changes your password, effectively locking you out. Now what?

Well, you can always ask Facebook for help, but you’ll have to convince them you’re you before they let you back into your account. If you plan ahead, though, you can save yourself the hassle.

Facebook trusted friends

Facebook’s “trusted contacts” feature lets you pick three to five Facebook friends that (you guessed it) you trust completely. If you lose control of your Facebook account, you can call your trusted Facebook friends, who can then help you regain access your Facebook profile.

Click the downward arrow in the top-right corner of any Facebook page, click Settings, click Security and Login, then click the Edit button next to Choose 3 to 5 friends to contact if you get logged out.

Facebook will notify anyone you add to your “trusted” list that you’ve picked them as a trusted contact, although they won’t get alerted if you remove them from your list.

The post 5 ways to keep hackers out of your Facebook account appeared first on here's the thing.

]]>
https://heresthethingblog.com/2017/08/03/5-ways-foil-facebook-account-hackers/feed/ 0
Google tip: Here’s a super-easy way to sign into your Google account https://heresthethingblog.com/2017/01/18/google-tip-phone-sign-in/ https://heresthethingblog.com/2017/01/18/google-tip-phone-sign-in/#respond Wed, 18 Jan 2017 16:03:11 +0000 http://heresthethingblog.com/?p=22060 How many times have you had to look all over for your password to sign in to your Google account? Too many times, I’m guessing. Particularly if you’ve got lots of Google apps on your iPhone or Android device. Luckily, there’s a much easier way to sign in to your Google account than plugging in […]

The post Google tip: Here’s a super-easy way to sign into your Google account appeared first on here's the thing.

]]>
How many times have you had to look all over for your password to sign in to your Google account? Too many times, I’m guessing. Particularly if you’ve got lots of Google apps on your iPhone or Android device.

Luckily, there’s a much easier way to sign in to your Google account than plugging in your password each time, and all you’ll need is your phone.

Once you’ve got it set up, Google’s “phone sign-in” feature lets you log into your Google account using a simple phone prompt.

Google account sign-in features

You can set up Google’s phone sign-in feature on your iPhone, so long as you have the Google app for iOS installed.

Typically, you’ll only need to unlock your iOS or Android phone to sign in, or perhaps match a couple of on-screen numbers.

Only when you’re doing something sensitive with your account, such as changing your password or security settings, will you need to type in your full Google password.

Setting up phone sign-in for Google is easy—and yes, you can do it on your phone.

First, you’ll need to access your Google sign-in settings. For iOS, you’ll need the free Google app; just launch the app, tap your profile picture in the top-left corner of the screen, tap My Account, then tap Sign-in & Security.

Got Android? If so, tap Settings, then Google, and then Sign-in & Security.

Next, tap Use your phone to sign in. At this point, you’ll need to type in your full Google password; once that’s done, you’ll need to specify which of your Google-connected devices you’d like to use for Google phone sign-in. The handset you’re using will be automatically selected by default.

Google account sign-in number match

Google may occasionally ask you to match some on-screen numbers as an extra layer of sign-in security.

Note: Your iOS or Android device must be protected by a screen lock (or Touch ID, in the case of iOS) before turning on Google’s phone sign-in feature. And if you’re not already using a screen lock, it’s high time you got started).

Once that’s done, Google will step you through the process of signing yourself in with your phone. Follow the prompts, and after a few swipes and taps, you’ll be signed into your account. Finally, tap the blue Turn On button to confirm.

Now, the next time you’re prompted to sign into Google—be it from a mobile app, the web, or anywhere else—you’ll get a “Trying to sign in?” notification on your phone. Follow the simple prompts, and you’ll be logged in, no password needed.

Bonus tips

  • If you need to sign in to your Google account but don’t have access to your phone, you can always click the “Try another way to sign in” link to sign in with your password.
  • You can use more than one phone to sign in to your Google account. Just go back to your Google phone sign-in preferences and click the “Add a Phone” link.

Click here for more Google tips!

The post Google tip: Here’s a super-easy way to sign into your Google account appeared first on here's the thing.

]]>
https://heresthethingblog.com/2017/01/18/google-tip-phone-sign-in/feed/ 0 Google phone sign-in settings You can set up Google's phone sign-in feature on your iPhone, so long as you have the Google app for iOS installed. Google phone sign-in number match Google may occasionally ask you to match some on-screen numbers as an extra layer of sign-in security.
iOS tip: 5 reasons to put your stolen iPhone in “lost mode” immediately https://heresthethingblog.com/2016/09/29/ios-tip-5-reasons-put-stolen-iphone/ https://heresthethingblog.com/2016/09/29/ios-tip-5-reasons-put-stolen-iphone/#respond Thu, 29 Sep 2016 13:49:35 +0000 http://heresthethingblog.com/?p=21556 It’s a scary thought: your precious iPhone or iPad, complete with all your contacts, messages, apps and even credit card numbers, goes missing, potentially in the hands of a perfect stranger.  Now, you probably already know that if the worst happens, you can always try to track your stolen iPhone with Find My iPhone, and […]

The post iOS tip: 5 reasons to put your stolen iPhone in “lost mode” immediately appeared first on here's the thing.

]]>
It’s a scary thought: your precious iPhone or iPad, complete with all your contacts, messages, apps and even credit card numbers, goes missing, potentially in the hands of a perfect stranger. 

Now, you probably already know that if the worst happens, you can always try to track your stolen iPhone with Find My iPhone, and that you can use the essential iPhone-finder app to lock your handset remotely, make it chirp a shrill “I’m here!” beep, or even wipe it clean.

What you may not know, though, is that the “lost mode” feature in Find My iPhone (which you can access from iCloud.com on the web, or from any iPhone or iPad with the Find My iPhone app installed) does a series of clever things that’ll help keep thieves from raiding your iOS device, as well as make it much more likely that your missing iPhone or iPad gets found again. Among them…

1. It’ll completely lock down your missing or stolen iPhone or iPad

As you may have guessed, tapping the “lost mode” button in Find My iPhone will instantly lock your missing iPhone or iPad, but it actually goes a few steps further than your device’s standard sleep state.

stolen iPhone - iOS Airplane Mode in Control Center

Once your missing iPhone or iPad is in “lost mode,” access to the Control Center panel—and, most importantly, the Airplane Mode button—will be disabled.

For one thing, “lost mode” disables Notification Center access from the lock screen, ensuring that anyone who’s got your missing device can’t see previews any incoming messages, emails, or any other alerts.

Even better, it disables lock-screen access to Control Center, the handy control panel that you can flick up from the bottom of the screen. Why is turning off Control Center so important? Because if left on, Control Center could let a thief put your stolen iPhone into Airplane Mode, cutting off all wireless access and rendering Find My iPhone useless.

“Lost mode” will also deactivate Siri, the chatty personal assistant that (depending on your settings) can be turned on from the lock screen. Last but not least, the lock-screen shortcut for Wallet (which, if you’re an Apple Pay user, contains all your digital credit card information) will be disabled, too.

Note: If you wish, you can preemptively disable lock-screen access for Notification Center, Siri, Wallet, and Control Center. For Control Center, tap Settings, Control Center, then flick off the Access on Lock Screen setting. For Notification Center and Siri, tap Settings, Touch ID & Passcode, find the Allow Access when Locked heading, then turn off the switches for Today View, Notifications View, Wallet and Siri.

2. It’ll disconnect your credit cards from Apple Pay

Let’s say the bad guys manage to crack your iPhone or iPad passcode (which, hopefully, is a little tougher to guess than “0000” or “1234”) and make their way into your device. That’s a bad situation, no question, but “lost mode” has a trick up its sleeve to keep your digital wallet safe.

stolen iPhone - Apple Pay credit cards

iOS will automatically disconnect your credit cards from Apple Pay once you activate “lost mode” on your iPhone or iPad.

The moment you put your device in lost mode, iOS will remove your credit cards from Apple Pay, essentially emptying the plastic out of your virtual wallet. Once your stolen iPhone or iPad has been found or replaced, you can easily reactivate your credit cards for Apple Pay use.

3. It’ll keep bad guys from turning it off

Since “lost mode” automatically deactivates Control Center and the Airplane Mode button, an enterprising thief might try another method of throwing Find My iPhone off the scent: by simply powering off your stolen iPhone or iPad.

Well, sorry thieves. In addition to locking down your iOS device, “lost mode” will also disable the power button. That means your stolen iPhone or iPad will stay on and continue transmitting its location until its battery finally dies, which brings us to…

4. It’ll put your stolen iPhone or iPad in “low power” mode

The moment your put your iOS device in “lost mode”, iOS will automatically turn on its “low power mode” feature, which dims the screen and turns off most app background activity, all in the name of keeping your handset’s battery alive as long as possible.

stolen iPhone - Find My iPhone low power mode

Your iPhone or iPad’s “low power mode” feature will immediately switch on once “lost mode” is enabled.

But what happens when the battery in your iPhone or iPad finally does die? Here’s “lost mode’s” final trick…

5. It’ll transmit your iOS device’s location one last time

With its dying breath, your stolen iPhone or iPad will send out a final ping to Find My iPhone, revealing its location in the moments just before its battery goes out for good.

You’ll need to check whether “Send Last Location” is enabled on your device, though. Tap Settings > iCloud > Find my iPhone (or iPad), then make sure the “Send Last Location” setting is turned on.

Click here for more iOS tips!

The post iOS tip: 5 reasons to put your stolen iPhone in “lost mode” immediately appeared first on here's the thing.

]]>
https://heresthethingblog.com/2016/09/29/ios-tip-5-reasons-put-stolen-iphone/feed/ 0 ios-airplane-mode apple-pay-credit-cards iOS will automatically disconnect your credit cards from Apple Pay once you activate "lost mode" on your iPhone or iPad. find-my-iphone-low-battery-mode Your iPhone or iPad's "low power mode" feature will immediately switch on once "lost mode" is enabled.
iOS tip: 8 easy ways to lock down your iPhone or iPad https://heresthethingblog.com/2016/02/10/ios-tip-8-easy-ways-lock-iphone/ https://heresthethingblog.com/2016/02/10/ios-tip-8-easy-ways-lock-iphone/#respond Wed, 10 Feb 2016 17:12:16 +0000 http://heresthethingblog.com/?p=21154 Sure, it’s pretty convenient that you can swipe down on your locked iPhone’s screen to check out your notifications or swipe up to toggle Bluetooth on and off, but what if a perfect stranger managed to get their hands on your precious handset? If you’re at all worried about the email, text messages, photos, and […]

The post iOS tip: 8 easy ways to lock down your iPhone or iPad appeared first on here's the thing.

]]>
Sure, it’s pretty convenient that you can swipe down on your locked iPhone’s screen to check out your notifications or swipe up to toggle Bluetooth on and off, but what if a perfect stranger managed to get their hands on your precious handset?

If you’re at all worried about the email, text messages, photos, and other personal data sitting on your iPhone or iPad, you should probably take a little time perusing iOS’s security features, from buttoning up the lock screen to enabling a feature that prevents thieves from reactivating—and then selling—a stolen iDevice.

Read on for eight ways to lock down your iPhone or iPad, starting with…

1. Lock down Notification Center and Control Center access

Even when your iPhone or iPad is locked, it’s still pretty easy—potentially, anyway—to sneak a peek at your latest messages or your calendar, or even to tinker with your device’s wireless settings.

locked iPhone - iOS block Control Center access from lock screen

Keep iPhone thieves from messing with your wireless settings by blocking Control Center access from the lock screen.

With a single down from the top of the iOS lock screen, you can open Notification Center, the slide-down panel that displays incoming messages, your agenda, the weather, and various other alerts.

Also accessible from the lock screen: the Control Center, a panel of quick access controls for toggling your wireless settings, sharing files with nearby iDevices, adjusting the screen brightness, and more, all by simply swiping up from the bottom of the screen.

All very nice, but consider this: if you happen to lose your iPhone or iPad, anyone who picks it up will get to rifle through your most recent messages and fiddle with your wireless settings, too.

If you’d rather block access to both Notification Center and Control center while your device is locked, try this:

  • Tap Settings, Touch ID & Passcode, then scroll down and flip off the switches next to Notification View (to hide notifications of recent text messages, emails, and app alerts) and/or Today (to hide your daily agenda).
  • Go back to the main Settings screen, tap Control Center, then flip off the switch labeled “Access on Lock Screen.”

2. Require a passcode immediately (or as soon as possible) after locking your iDevice

Once you unlock your iPhone or iPad with a passcode, how long of a period do you want to go by before a PIN is required to unlock the screen again?

locked iPhone - iOS require passcode setting

You should set your iOS device to require a passcode immediately after it’s been locked.

You may be tempted to give yourself, say, 15 minutes or even an hour or two of PIN-free iPhone use, but it only takes a few moments for a pickpocket to go nuts with your unlocked handset.

Tap Settings, Touch ID & Passcode, Require Passcode, then pick a setting. Unless we’re talking about an iPad or a child’s iPhone that never leaves the house, I strongly urge you to choose “Immediately.”

Note: “Immediately” is the only possible setting if you’re using Touch ID to unlock your device.

3. Check your auto-lock setting

You can set your iPhone or iPad to lock itself after a period of inactivity—anywhere from one minute to never. The shorter the period of time, the more secure your device will be.

Go back to the main Settings screen, tap General, Auto-Lock, then pick a setting.

4. Lock down Siri and Wallet

Even when your iPhone or iPad is locked, you can still talk to Siri by pressing and holding the Home key. Now, Siri won’t let you (or a stranger) from accessing personal info until you unlock your handset, but you still might prefer to keep Siri silent whenever your iOS device is asleep.

locked iPhone - Block Siri and Wallet access from iOS lock screen

“Better safe than sorry” is a smart attitude when it comes to blocking Siri and Wallet access from the lock screen.

Then there’s the Wallet app, which you can access from a locked iPhone or iPad by double-clicking the Home key. As with Siri, Wallet won’t let strangers make Apple Pay purchases without a PIN or a Touch ID tap first, but a better-safe-than-sorry approach might be more prudent.

Tap Settings, Touch ID & Passcode, scroll down to the “Allow Access when Locked” heading, then turn off the switches for Siri and Wallet.

5. Use a “strong” passcode

Got a great memory? If so, consider setting a passcode that’s longer than four digits.

Tap Settings, General, Passcode Lock, then flick the switch next to Simple Passcode to create a lengthy, ultra-secure passcode.

6. Hide lock-screen alerts for text messages and email

Don’t want friends, loved ones or perfect strangers flicking through the recent texts and email messages you’ve received? Well, that’s what could happen If your notifications settings for Messages and Mail allow for lock-screen alerts.

locked iPhone - Turn off lock-screen alerts for Messages

If you don’t want strangers browsing your incoming text messages, just tweak this Notification setting.

Here’s how to keep your Messages and Mail inbox to yourself…

  • Tap Settings, Notifications.
  • Scroll down and tap Mail, tap the name of a mail account, then switch off the “Show on Lock Screen” setting. Rinse and repeat for your other mail accounts.
  • Go back to the Notifications screen, find Messages and—once again—switch off the “Show on Lock Screen” setting.

Bonus tip: To split the difference between convenience and privacy, you can set your Mail and Message lock-screen alerts to only display the name of the person tried to message you. In the Notifications settings for Messages and your Mail accounts, leave the “Show on Lock Screen” setting on, but turn off the “Show Previews” setting (it’s at the very bottom of the screen).

7. Make sure Find my iPhone and Activation Lock are turned on

If your stolen iPhone or iPad is never found, you can still take solace in the fact that the thieves won’t be able to sell it on eBay. Nobody wants to purchase a locked iPhone or iPad.

locked iPhone - Find My iPhone setting

As long as “Find My iPhone” is on, iOS’s Activation Lock feature is enabled.

“Activation Lock” is an iOS feature that demands the correct iCloud password before reactivating a lost iPhone or iPad. No passcode, and your iDevice will essentially turn into a beautifully designed paperweight.

To turn on Activation Lock, you’ll just need to enable Find my iPhone, the essential iOS feature that can trace, lock, and even wipe a missing iPhone or iPad. Just tap Settings, iCloud, then flick the switch next to Find my iPhone.

8. Set your iOS device to wipe itself after too many failed passcode attempts

Rest assured, the data on your locked iPhone or iPad is so well encrypted, even the NSA would have a tough time cracking it.

Still, if you really paranoid about keeping your personal data safe, you might want to try a setting that will make your iOS device wipe itself after 10 failed PIN attempts.

Tap Settings, Touch ID & Passcode, scroll all the way down, then flick on the “Erase Data” switch.

Note: If you have a little one who delights in trying to crack your iPhone or iPad passcode, you might want to think twice about turning on the Erase Data feature.

Click here for more iOS tips!

The post iOS tip: 8 easy ways to lock down your iPhone or iPad appeared first on here's the thing.

]]>
https://heresthethingblog.com/2016/02/10/ios-tip-8-easy-ways-lock-iphone/feed/ 0 iOS block Control Center access from lock screen Keep iPhone thieves from messing with your wireless settings by blocking Control Center access from the lock screen. iOS require passcode setting You should set your iOS device to require a passcode immediately after it's been locked. Block Siri and Wallet access from iOS lock screen "Better safe than sorry" is a smart attitude when it comes to blocking Siri and Wallet access from the lock screen. Turn off lock-screen alerts for Messages If you don't want strangers browsing your incoming text messages, just tweak this Notification setting. Find My iPhone setting As long as "Find My iPhone" is on, iOS's Activation Lock feature is enabled.
Mac tip: How to securely erase files in the Trash bin https://heresthethingblog.com/2014/08/11/mac-tip-securely-erase-files-trash/ https://heresthethingblog.com/2014/08/11/mac-tip-securely-erase-files-trash/#respond Mon, 11 Aug 2014 17:27:15 +0000 http://heresthethingblog.com/?p=19911 Just because you tossed a bunch of sensitive files into your Mac’s trash bin doesn’t mean they’re gone forever. Even after emptying the trash, your deleted files are still sitting on your hard drive, waiting to be recovered by anyone with enough know-how. So, why aren’t your trashed Mac files actually trashed—and how can you […]

The post Mac tip: How to securely erase files in the Trash bin appeared first on here's the thing.

]]>
Mac tip: How to securely erase files in the Trash binJust because you tossed a bunch of sensitive files into your Mac’s trash bin doesn’t mean they’re gone forever.

Even after emptying the trash, your deleted files are still sitting on your hard drive, waiting to be recovered by anyone with enough know-how.

So, why aren’t your trashed Mac files actually trashed—and how can you make sure that deleted files are, in fact, completely deleted?

Mac emptying the trash progress bar

Yes, there’s an easy way to securely wipe files on your Mac, but it can be a time-consuming process.

By default, your Mac will take your trashed files and simply tag the space they’re occupying with a “this space available” sign.

To the average user, deleted files will appear to be gone—and given enough time, your Mac will overwrite previously deleted files with new data.

But for anyone who knows what they’re doing, recently trashed files on your Mac are as easy to recover as junk sitting in a garbage bin.

Mac secure erase trash settings

You can set your Mac to securely delete your files whenever you empty the Trash.

The good news, though, is that your Mac boasts a “secure erase” feature that’ll do a pretty thorough job of wiping sensitive files off your hard drive.

With the feature turned on, your Mac will take deleted files and overwrite them several times with random data, enough to obliterate your files for all but the most tenacious hackers.

OK, so why isn’t the Mac’s secure-erase feature turned on by default?

Yep, you guessed it: because securely erasing data from a hard drive takes a lot longer that simply marking deleted files as available disk space.

Example: I just secure-erased more than 300 files that were sitting in my Mac’s trash bin, and the process took about five minutes—or about four-and-a-half minutes longer than it normally takes.

Secure empty trash option on Mac Finder menu

Wish you could securely wipe files just once every so often? You can, if you open the Finder menu.

Those 300-or-so files were probably just tiny Word files, by the way. If I tried to secure-erase a few gigabytes of video files, well … get ready to sit back and wait.

That’s why the Mac’s “secure erase” feature isn’t for everyone. If you’re using a Mac desktop and home and you’re mostly dealing with innocuous household files, switching on the secure erase setting for the Trash is probably overkill.

But if your MacBook Air is stuffed with spreadsheets full of, say, critical company data or old, unneeded bank statements, you might want to consider the Mac’s secure erase option—particularly if you and your MacBook are frequently on the road.

Here’s how it works…

  • Want all the files in your Mac’s trash bin securely wiped? Click your desktop, open the Finder menu in the top-left corner of the screen, select Preferences, click the Advanced tab, then check the “Empty Trash securely” box.
  • Only need to secure-erase the trash every so often? If so, leave the Finder preferences as-is. Instead, just open the Finder menu and select “Secure Empty Trash” for some on-demand data wiping.

Click here for more Mac tips!

The post Mac tip: How to securely erase files in the Trash bin appeared first on here's the thing.

]]>
https://heresthethingblog.com/2014/08/11/mac-tip-securely-erase-files-trash/feed/ 0 Mac emptying the trash progress bar Yes, there's an easy way to securely wipe files on your Mac, but it can be a time-consuming process. Mac secure erase trash settings You can set your Mac to securely delete your files whenever you empty the Trash. Secure empty trash option on Mac Finder menu Wish you could securely wipe files just once every so often? You can, if you open the Finder menu.
Google tip: 4 ways to lock down your Google account https://heresthethingblog.com/2014/04/23/google-tip-4-ways-lock-google/ https://heresthethingblog.com/2014/04/23/google-tip-4-ways-lock-google/#respond Wed, 23 Apr 2014 11:30:22 +0000 http://heresthethingblog.com/?p=19254 Maybe I shouldn’t be saying this, but I’ve entrusted a big chunk of my digital life to Google—so much so, in fact, that I’d be in serious trouble if anyone ever hacked my account. If a hacker did manage to hijack my Google account, they’d have free rein over more than 10 years worth of […]

The post Google tip: 4 ways to lock down your Google account appeared first on here's the thing.

]]>
Maybe I shouldn’t be saying this, but I’ve entrusted a big chunk of my digital life to Google—so much so, in fact, that I’d be in serious trouble if anyone ever hacked my account.

If a hacker did manage to hijack my Google account, they’d have free rein over more than 10 years worth of email, almost all my work files, every address I’ve ever looked up on Google Maps, all my saved Google searches…well, you get the picture.

So, do you have some, most, or all of your personal eggs in Google’s basket, too? If so, you’d be nuts to protect your Google account with little more than a single (and potentially easy-to-crack) password.

The good news is that Google offers a series of tools for beefing up your security—and if you’re smart, you’ll switch on as many of them as you can.

Here’s four essential ways to lock down your Google account, starting with…

1. Set up two-step verification

No matter how strong your Google password is, there’s always a chance (as the recent Heartbleed security bug reminds us) that someone will get their hands on it.

That’s why you should seriously consider turning on an extra layer of password security, especially if you have anything more sensitive than, say, your shopping list stored in Gmail or Google Drive.

Google Authenticator app

If you have “two-step” verification turned on, Google will occasionally ask you for a six-digit security code before unlocking your account.

Here’s how “two-step” verification works: in addition to signing in with your password, Google will periodically ask you for a six-digit security code before unlocking your account.

The ever-changing code gets beamed to your phone via text message or a special Google “authenticator” app.

Now, I admit to an occasional weary sigh whenever Google pops up a security screen asking for yet another six-digit authentication code. (You can, at least, set your PC or Mac to only prompt you for a Google code every 30 days or so.)

That said, it’s comforting knowing that a hacker with your Google password would need to jump through more hoops before unlocking your account—and all your precious data.

Want to turn on two-step verification? Here’s how…

  • Log into Google, click your Google icon in the top-right corner of the page, then click Account.
  • On the next page, click the Security tab, find “2-Step Verification” in the Password section, click the Setup link, then follow the steps.

2. Check your recent activity

Want to find out if anyone other than you has been poking around your Google account?

There’s an easy way to view the most recent activity for your account—including the last several times someone logged in, their approximate location, their IP address, whether they logged in with a Mac or PC, and more.

  • Go back to the Security tab under your Account settings, find the “Recent activity” section, then click the “View all events” link.
  • Check out the list of recent events—and as you do, pay special attention to the map on the right side of the page.
  • See anything suspicious? If so, click the “Change password” and create a new password, pronto.

3. Get a text message whenever there’s “suspicious” activity

Just like your credit card company, Google is constantly checking for “suspicious” activity on your account, such as a changed password or multiple failed login attempts.

Google will send you an email whenever it thinks a stranger is poking around your account. Even better, it can send you a text message—but only if you give it a cell number first.

Here’s what you do…

  • Once again, head for the Security tab in your Account settings, then click the “Edit” link under “Send phone alerts.”
  • Under the “Notifications” heading, click the “Edit” link next to “Phone number.”
  • Enter your number, then click the blue button to get a verification code.
  • Back on the Notifications page, make sure “Phone” is checked as an alert option for both “Password change” and “Suspicious attempt to access account.”

4. Set up a “recovery” phone and email address

So, let’s say a hacker does manage to sneak into your account, or you otherwise find yourself locked out of Google. Now what?

The easiest way to prove that you’re you is to have Google call or text your mobile number—but again, you’ll need to make sure Google has your digits.

You should also supply Google with an alternate email address—you know, one where they can send a link for resetting a lost or stolen password.

  • Once more, click the Security tab in your main Google settings, then click one of the Edit links next to “Recovery phone” and “Recovery email” in the “Recovery & alerts” section.
  • Go ahead and entire the phone number and email address where you’d like Google to contact you in case something happens to your account.
  • All set? Click the blue Save button.

Click here for more Google tips!

The post Google tip: 4 ways to lock down your Google account appeared first on here's the thing.

]]>
https://heresthethingblog.com/2014/04/23/google-tip-4-ways-lock-google/feed/ 0 Google Authenticator app If you have "two-step" verification turned on, Google will occasionally ask you for a six-digit security code before unlocking your account.
Security tip: 5 ways to keep your passwords (mostly) safe from hackers https://heresthethingblog.com/2014/04/15/security-tip-5-ways-passwords/ https://heresthethingblog.com/2014/04/15/security-tip-5-ways-passwords/#respond Tue, 15 Apr 2014 13:28:29 +0000 http://heresthethingblog.com/?p=19200 If the scary Internet security bug Heartbleed has taught us anything, it’s that none of our passwords are ever truly safe. Discovered only a few weeks ago, Heartbleed is the code name for a gaping hole in a commonly used security protocol that’s supposed to protect passwords, credit card numbers, and other sensitive data submitted […]

The post Security tip: 5 ways to keep your passwords (mostly) safe from hackers appeared first on here's the thing.

]]>
If the scary Internet security bug Heartbleed has taught us anything, it’s that none of our passwords are ever truly safe.

Discovered only a few weeks ago, Heartbleed is the code name for a gaping hole in a commonly used security protocol that’s supposed to protect passwords, credit card numbers, and other sensitive data submitted through a web page.

Some of the biggest web sites on the planet—think Google, Yahoo, Pinterest, and more—may have been vulnerable to Heartbleed, and most have raced to beef up their security.

Unfortunately, it’s possible that hackers have already scooped up a generous portion of exposed passwords. (And before you scramble to your PC, security experts warn that you shouldn’t bother changing your password for a given site until you’re sure they’ve patched the security hole.)

So, what can you do to keep bad guys from stealing your passwords with help from the next Heartbleed? (And yes, there will eventually be another bug or virus that takes Heartbleed’s place in the headlines.)

Well, like wearing a seat belt in a car, there are plenty of measures you can take to greatly reduce—but (as Heartbleed proves) not eliminate—the odds of your Internet accounts getting hijacked by hackers.

Nope, there’s no such thing as bulletproof Internet security—but there’s no guarantee a seat belt will save your life in a car crash, and you still buckle up, right? (Right??)

Here’s five things you should do to keep your passwords (relatively) safe, starting with…

1. Get a password manager

Sure, it’s hard to give up your old password habits and start fresh with new ones, and it’s even harder to entrust your precious passwords to an unfamiliar program.

Believe me, I know. I dragged my heels for years before finally breaking down and buying my own password manager, and I had all kinds of excuses for doing so: hackers might break into the program and steal my passwords, I didn’t have time to figure out how to use it, my passwords were probably safe anyway…etcetera, etcetera.

Well, it’s true that no password manager can possibly keep all your passwords completely safe, and yes, there’s usually a learning curve. And no one hates change more than me.

Painful though it was, though, I finally did make the plunge with a password manager, and I’m glad I did. No more scraps of paper with passwords scribbled on them, no more forgotten passwords, and no more “weak” passwords like “Patterson123.”

Indeed, once you pick a password manager of your own, you’ll find the following steps a whole lot easier. Take, for example…

2. Use lengthy, “strong” passwords

A password like “Patterson123” or the old, not-so-reliable “password” is easy to remember, but guessing them is a piece of cake for even the most casual hackers.

Indeed, enterprising password thieves have collected gigantic databases of stolen passwords, culling through them to figure out the most popular combinations of words, letters and numbers.

Bottom line: If there’s an identifiable word or name in your favorite password, it’s “weak.” Period. Your birthday backwards won’t cut it, either, nor will the name the street you grew up on

Instead, make sure your passwords are “strong”—meaning they contain (ideally) a meaningless garble of letters, numbers and symbols.

In its guide to creating strong passwords, Microsoft recommends at least eight characters, no words or real names, plenty of symbols, a combination of lower- and upper-case letters, plus a sprinkling of numbers for good measure.

Nope, strong passwords aren’t easy to remember, but they’re tough (although not impossible) to crack.

Besides, your password manager can remember—and even create—those lengthy, indecipherable passwords for you.

3. Never use the same password twice

It is, of course, much easier to remember one password for all your accounts than it is to commit dozens of passwords to memory—and yes, for years, I was one of those one-password-for-everythng people.

As you can imagine, though, using the same password for all your Internet accounts makes life incredibly easy for any hacker who manages to steal your one big password.

That’s why you need to use different passwords for each of your online accounts.

I know, I know—even more to remember, right? Again, here’s where a password manager (which, typically, will store all your passwords in a searchable database) can come to the rescue.

4. Change your passwords regularly

Like bread in a cupboard or the clothes in your wardrobe, passwords get stale over time.

No, you don’t have to change your passwords as often as the Kardashians shed wardrobes, but you should consider changing your passwords at least every six months or so—all the better to keep hackers guessing.

The best password managers can help by flagging passwords that are ripe for changing, as well as storing your old passwords in case you ever need them again.

5. Use “two-step” authentication whenever possible

So, you’ve diligently exchanged your weak passwords for strong ones, you’ve created different passwords for each of your accounts, and you’re changing your passwords every few months or so.

Does that mean your passwords are completely safe from hackers? Sadly, no.

That’s why you should consider an extra level of security for your most precious online accounts, particularly when it comes to your primary email account—you know, the one where all those “Reset your password” messages go.

Some of the biggest online services around—think Facebook, Google, Apple, and the like—have implemented something called “two-step” authentication: a method of securing a password with a secondary numeric code.

Switch on two-step authentication on Google, for example, and Google will regularly (but not always) prompt you for a six-digit code after you’ve entered your password.

This code changes every 60 seconds, and it’s sent to your phone via text message or a special “authenticator” app.

Sound like a pain? Well, it is, and I still find myself groaning whenever I need to fetch another six-number authentication number on my iPhone.

But what’s a pain for me is even worse for a hacker, who now has an extra hoop to jump through even once s/he’s managed to snare one of my strong passwords.

Got more Internet security questions, or password tips you’d like to share? Post ’em below!

The post Security tip: 5 ways to keep your passwords (mostly) safe from hackers appeared first on here's the thing.

]]>
https://heresthethingblog.com/2014/04/15/security-tip-5-ways-passwords/feed/ 0
Android tip: Do you need an antivirus app for your Android phone? https://heresthethingblog.com/2014/03/13/android-tip-antivirus-app-android/ https://heresthethingblog.com/2014/03/13/android-tip-antivirus-app-android/#respond Thu, 13 Mar 2014 13:27:34 +0000 http://heresthethingblog.com/?p=18970 Roger writes: My dad just got an Android phone, and is wondering whether he should install antivirus software. Is this something you’d recommend? Hi Roger! So, there’s little doubt that more and more security threats—particularly innocuous-looking apps that inject malicious code (like spyware) into your phone—are aimed at Android users. That said, your precious Android […]

The post Android tip: Do you need an antivirus app for your Android phone? appeared first on here's the thing.

]]>
Roger writes: My dad just got an Android phone, and is wondering whether he should install antivirus software. Is this something you’d recommend?

Hi Roger! So, there’s little doubt that more and more security threats—particularly innocuous-looking apps that inject malicious code (like spyware) into your phone—are aimed at Android users.

That said, your precious Android phone is still far more vulnerable to a flesh-and-blood thief than it is to so-called “malware.”

So before your dad invests in an antivirus app, he should consider some other common-sense security measures first, such as locking his screen with a passcode and making sure the phone-tracking Android Device Manager is enabled.

He should also think twice before downloading Android apps from a third-party (i.e., non-Google Play) app store, which is where most malware-infected apps tend to lurk.

AV-TEST Android antivirus app ratings

Security researchers at AV-TEST publish bi-monthly ratings of the top Android antivirus apps.

Once that’s done, then sure, installing an Android antivirus app is a smart idea—particularly since the best ones are a) free and, b) won’t put much of a dent in your Android phone’s performance.

OK, so which antivirus app should you pick?

For in-depth analysis of the top Android antivirus apps, check out the bi-monthly reports at AV-TEST, which rates about 30 Android apps based on their effectiveness against the most recent malware threats, security features (such as phone tracking, remote lock and wipe, and secure browsing abilities), and overall usability (including whether a given app takes a bite out of performance and battery life).

Rather just cut to the chase? A recent Digital Trends round-up took three of the most popular Android antivirus apps and wound up with the free 360 Mobile Security as its top pick.

Personally, I’m a fan of Lookout Mobile Security, which (like most other Android security apps) scans all new apps before they’re installed and comes with its own suite of phone-tracking features.

The free version of Lookout is all I’ve ever really needed, and it doesn’t put any undue strain on my handset.

Hope that helps, Roger. Have more questions? Let me know!

Click here for more Android tips!

The post Android tip: Do you need an antivirus app for your Android phone? appeared first on here's the thing.

]]>
https://heresthethingblog.com/2014/03/13/android-tip-antivirus-app-android/feed/ 0 AV-TEST Android antivirus app ratings Security researchers at AV-TEST publish bi-monthly ratings of the top Android antivirus apps.
Android app: Android Device Manager goes mobile, pinpoints lost Android devices https://heresthethingblog.com/2013/12/16/android-app-android-device-manager-android/ https://heresthethingblog.com/2013/12/16/android-app-android-device-manager-android/#respond Mon, 16 Dec 2013 14:10:22 +0000 http://heresthethingblog.com/?p=18409 Just a few weeks ago, I told you about a new, web-based Google feature that lets you track a lost Android phone, à la “Find my iPhone” for iOS. Android Device Manager does a great job of zeroing in on a missing Android phone or tablet, but until recently, it only worked in a desktop web […]

The post Android app: Android Device Manager goes mobile, pinpoints lost Android devices appeared first on here's the thing.

]]>
Android app: Android Device Manager goes mobile, pinpoints lost Android devices Just a few weeks ago, I told you about a new, web-based Google feature that lets you track a lost Android phone, à la “Find my iPhone” for iOS.

Android Device Manager does a great job of zeroing in on a missing Android phone or tablet, but until recently, it only worked in a desktop web browser—meaning that if your Android tablet disappeared in (say) a hotel lobby or in the back of a cab, you couldn’t track it down until you got access to a PC or a laptop.

Well, good news: it looks like the phone- and tablet-tracking Android Device Manager just went mobile, perfect for using one Android device to find another while you’re out and about.

Read on for the details, start with…

What it’s called:
Android Device Manager (Download from Google Play)

Android Device Manager remote ring feature

With the mobile version of Android Device Manager, you don’t need a PC or a laptop to ring, lock, or even erase a missing Android phone or tablet.

What it costs:
Free

What it does:
Displays the whereabouts of an Android phone or tablet that’s lost, stolen, or otherwise gone AWOL.

How you use it:
Just install the app, sign in with your Google account credentials, and boom—the locations of any Android devices registered with your Google ID will appear on a map, all thanks to the magic of GPS (and provided your various handsets have Location Services turned on).

Top features:
Can sound the ringer of a lost phone, remotely lock a missing device, or wipe the memory of a phone/tablet that appears to be gone for good. Just select your missing device and tap Ring, Lock, or Erase.

Who it’s for:
Anyone who wants to track their (multiple) Android devices while they’re on the go.

Who it’s not for:
If you only have one Android handset, you’re better off sticking with the web-based Android Device Manager—after all, if you lose your phone, you won’t have access to the Device Manager mobile app.

Looking for more Android tips? Click here!

The post Android app: Android Device Manager goes mobile, pinpoints lost Android devices appeared first on here's the thing.

]]>
https://heresthethingblog.com/2013/12/16/android-app-android-device-manager-android/feed/ 0 Android Device Manager remote ring feature With the mobile version of Android Device Manager, you don't need a PC or a laptop to ring, lock, or even erase a missing Android phone or tablet.
Google tip: Download a giant archive of all your Google data https://heresthethingblog.com/2013/12/12/google-tip-download-giant-archive/ https://heresthethingblog.com/2013/12/12/google-tip-download-giant-archive/#respond Thu, 12 Dec 2013 14:12:45 +0000 http://heresthethingblog.com/?p=18393 So, how long have you been using Google? A few years? Ten? A dozen? (In my case, more than a dozen—yikes!) And in all that time, how many Gmail messages, contacts, calendar events, YouTube videos, and more have you saved, sent, uploaded and otherwise stored on its servers? My brain hurts just thinking about it. […]

The post Google tip: Download a giant archive of all your Google data appeared first on here's the thing.

]]>
So, how long have you been using Google? A few years? Ten? A dozen? (In my case, more than a dozen—yikes!)

And in all that time, how many Gmail messages, contacts, calendar events, YouTube videos, and more have you saved, sent, uploaded and otherwise stored on its servers? My brain hurts just thinking about it.

Google tip: Download a giant archive of all your Google data

Want to pack all your personal Google data into a big digital suitcase? No problem.

Well, here’s the thing: not only can you find out how much personal data you’ve got sitting in Google’s memory banks, you can also download a giant digital suitcase of all your Google stuff, which you can peruse and store on your own hard drive.

Downloading an archive is a smart way to safeguard your Google data against server failures, bolts of lightning, and other random acts of God.

It’s also a prudent move if you ever decide to part ways with Google and delete your account.

Related: How to download all your Facebook posts, photos and videos to your PC

Best of all, packing up a Google archive is quick and relatively painless. I archived and downloaded a 1.3 GB file stuffed with more than a dozen years of data in about 45 minutes.

Note: One big piece of the Google archive puzzle that’s still missing is Gmail, but Google says Gmail archives are coming within the next month or so. Stay tuned.

Google archive pick your data

You can pick and choose which bits of personal data you want packed into your Google archive.

Let’s get started…

  • Log into your Google account, click your Google profile photo in the top-right corner of the page, then click Account.
  • Click “Download your data” in the left column of the following page (under the Account heading), then click the blue “Create an archive” button.
  • Next, you can pick and choose what to pack into your Google archive—anything from calendar events and contacts to YouTube videos and the contents of your Google Drive. You can also just go ahead and pack everything by checking the “Select all” box at the top.
  • All set? Click the red “Create Archive” button. A progress bar will appear, showing you how far along Google is in the archiving process (which took less than 15 minutes for me). Got better things to do? You can ask Google to let you know when it’s done by checking the box next to “Email me when the archive is ready.”
  • Once the archive is finished, click the blue Download button to save your Google data to your desktop. (It took me about half an hour to save my 1.3 GB Google archive to my system.)
  • Open the archive, and you’ll find all your Google data neatly divided into a series of folders. If there were any errors in the packing process, they’ll be listed in a file called “errors.html”; just double-click the file to open it in your web browser.
  • Note that Google will store your archive online for a week; after that, it’ll be deleted automatically. You can also delete the online archive manually by clicking the “Delete archive” link.

Looking for more Google tips? Click here!

The post Google tip: Download a giant archive of all your Google data appeared first on here's the thing.

]]>
https://heresthethingblog.com/2013/12/12/google-tip-download-giant-archive/feed/ 0 Download a giant archive of your Google data Want to pack all your personal Google data into a big digital suitcase? No problem. Google archive pick your data You can pick and choose which bits of personal data you want packed into your Google archive.