In this episode, Birgit Pauli-Haack and Jim O’Reilley discuss the latest Tech Updates and begin to address data security including protecting your computer and mobile devices, and then a little about WordPress security.
Birgit starts with describing the Cloudflare bug which affected many of us. She then describes how a vulnerable WordPress plugin, NextGEN Gallery, affected millions of users worldwide. This past week Sucuri published an article about a serious SQL injection and recommended that users immediately update their plugin. Matt Mullenweg offered some suggestions about WordPress security this past week. Last week Birgit co-hosted a WordPress Meetup which featured Chris Wiegman, an expert on WordPress security, the full presentation is shown below.
Jim and Birgit then discuss the first security issue of the day as faced by a user: passwords. Since a computer can be programmed to guess a password 1,000 times a second the time for difficult to figure out passwords has passed and difficult to crash passwords are now the best idea. They then discuss two-factor authorization (2FA) and why that is a significant advantage to one who is protecting their data.
On Password Entropy
Graphic by xkcd
They then get into some horror stories of people who had lost data, including one from Birgit when her phone was stolen in Mexico City last New Year’s Eve. In a discussion about apps that can be used for 2FA, Birgit describes Google Authenticator, which she uses. She also speaks about backup codes and the necessity for keeping them in a separate location (in case your phone is stolen.) They then discuss password managers and have included a PCMag article describing three free ones. Jim then describes how his virus protection program which he uses in his home office recommended that he change his factory provided password, and Birgit strongly reinforces the idea. Finally, they speak about VPN and its importance in protecting your information when you are transmitting or downloading information, particularly in a public place or on a network with which you are unfamiliar.
Finally, they promise to read any questions or comments made on iTunes, as well as bring a security expert onto a podcast to answer further questions about data security.
NPTech Projects Articles and Products Discussed:
- Cloudflare Bug
- WordPress Plugin patched: The NextGEN Gallery
- Slidedeck: Securing WordPress the right way with @ChrisWiegman WordPress Meetup SWFL
On Two-Factor Authentication
- On Two-Factor Authentication (2FA) on CNET
- How Apple and Amazon Security Flaws Led to My Epic Hacking via @WIRED
- “How I Lost My $50,000 Twitter Username” @N
- Google Authenticator: Android / iPads & iPhones
Change Passwords & Password managers
- Ten things to know about the October 21 IoT DDoS attacks via @ESET
- The Best Free Password Managers of 2017 of PCMagazin
- TechSoup – Antivirus & Security Software Donations
- Free Mac Antivirus and Web Security | Sophos Home for Mac Download
Next Episode: Episode #16 – 2017 Nonprofit Technology Awards
Send in your ‘burning technology question’! In our next episode, we are answering Questions from our followers & listeners.
Subscribe to our podcast on your most favorite network: