Healthy Passwords



Third Party Security Utilities

Computer programs change faster than books. Rather than putting current references into the book, this on-line companion has the latest third-party security utility reviews and news.

Security Suites and Antiviral utilities are like seat belts in cars. You can still crash, but hopefully they will protect you. Learning good security habits is like learning to be a safe driver. The difference between driving and computing is that when you get an electronic infection, you may not know you crashed until months later when your bank account disappears or a friend tells you about the adult materials sent to everyone on your mail list. Because people do not get the immediate feedback, it is harder to learn good security habits in a connected world. Healthy Passwords devotes two chapters to learning to be a good electronic driver.

Website Rating Plug-ins

There are third party utilities which regularly test and rate websites. Some of these offer browser plug-ins, which will display the latest site status and test dates right on the browser.

Product Link Description Platforms Price
McAfee Site Adviser www.siteadvisor.com

This is a browser plug in, which displays site safety rankings using a color code system for safe (Green), caution (yellow), warning (red), and unknown (grey).

This website also offers a view this website rating report link, which anyone can use without installing software.

Windows, Mac Free
Web of Trust www.mywot.com

This is a browser plug in, which displays site safety rankings using a color code system for safe (Green), caution (yellow), warning (red), and unknown (grey).

This utility offers configuration allowing users to enable parental controls, basic and light security settings are available for adults. WOT also offers a color blind version.

Windows, Mac Free for home users

Internet Security

Internet security suites normally encompass anti-virus and malware protection also. The best internet security is knowledge (Hint: If you have not read the book, read it. It covers much more than just passwords). Knowing how to login using limited rights accounts; which activities to avoid; and, securing your router and wireless network will prevent most problems, but a good third party security suite is a little added protection.

There are dozens of security suites available. Most are good. Rather than trying to do any in-depth analysis of products, we will summarize top reviews done by reputable publications.

If you follow the various security blogs, most say that nearly all virus packages offer the same protections. Typically

Product Link Description Review Date Price OS Support
Norton 360 Version 5.0 PC Magazine 4 1/2 out of 5 Gidgets 4/25/2011 - Detailed review no rating

"While it doesn't look very different from the previous version, Norton 360 version 5.0 provides better protection with even less impact on performance.", Reviewer Neil J. Rubenking

Healthy Passwords Comments:  This product encompasses PC Security, Parental Controls, Backup and restore, Identity protection, and PC Tune up. If you don't need backup and restore or PC Tune-up, Norton Internet Security may save you a few dollars.

3/1/2011 $79.99 Windows Vista, Windows XP, Windows 7
Norton Internet Security 2011 CNet 5 out of 5

"Norton Internet Security 2011 maintains its recent strong performance record and introduces some useful new features in the latest version, making it one of the top Internet security suites available.", Reviewer Seth Rosenblatt

Healthy Password Comments:  This product encompasses PC Security, Parental Controls, Backup and restore, and Identity protection. If you also need backup and restore and tune up, Norton 360 may meet your needs better.

9/20/2010 $69.99 Windows Vista, Windows XP, Windows 7
BitDefender Antivirus for Mac MacUser no rating

If you're concerned about maintaining the most secure Mac possible or perhaps you live or work on both Windows and Mac OS X BitDefender would like to talk to you. Reviewer David Chartier

Healthy Password Comments:  It is hard to find reviews on Mac virus software, because Mac was designed as a more secure operating system. I use both Windows and Mac and have decided to purchase AVAST licenses for my personal use because they support both a Mac and Windows versions.

4/13/2010 $49.99 Intel-based OS X 10.4 through 10.6, Mac PC client Windows XP, Vista, and Windows 7

Patch Management

One of the biggest threats to your computer is old programs. Antivirus products ignore many of the installed programs running on your computer. Attackers have found that targeting these older programs is the easiest way to gain access to your computer.

Attackers target some programs more than other programs. The most targeted programs are normally browsers and runtime engines such as Adobe Flash ™ or Java ®. Recently this list has expanded to include popular PDF viewers.

This one third party utility, which will monitor your installed programs and recommend or automatically update vulnerable programs. If more become available, this list will be updated with those also.

Product Link Description Platforms Price
Secunia PSI www.secunia.com

This is a stand alone third party application that monitors your installed programs and tells you when they are out of date. It can be instructed to automatically update some programs like java or flash, which are particularly vulnerable to attack.

The only down-side to the utility is that it requires administrative privileges to run.

Windows Free
Qualys Broswer Check browsercheck.qualys.com

This is a stand alone third party application that checks your browswer plug ins. It reqquires no administrative privledges to run, but does require administrative privledges to install it the first time.

* The only down-side to the utility is that it has limited support of OS-X, and no Linux support. OS-X support is currently in beta.

Windows, OS-X* Free

Password Strength Checkers

Password strength checkers are on-line utilities you can find on websites, which enable you to see your password strength in real-time.

Any time you use a strength checker, it may be a good idea to substitute characters. For example, if the password you are checking is a12,Tbm0Shtr.q1 then maybe key x07;Aqf9Gwbl:w3. This should produce the same result without revealing your password.

Only one reference is provided at this time, because although there are several on-line checkers, it's impossible to say which may or may not be safe to use.

Strength Checker Link Description Encrypted
Microsoft Microsoft Password Strength Checker

This is the most stringent checker we have found on the web. It's also the only one we can find that runs over an encrypted connection.

The only down-side to this is that it's so strict, you might get discouraged about your passwords.

Apple Computer OS-X Password assistant

OS-X includes a password helper built into the operating system. To access this, you go into system configuration then edit or add a user.

OS-X Password Assistant


Keystroke Anti-loggers

There are several third-party anti keystroke loggers on the market. No major publications have evaluated these recently, so we are currently researching these products before making any recommendations. One recommendation we can make is to buy, read, and implement the advice in "healthy passwords". If you are still concerned about possible loggers, Windows and Mac both offer built-in virtual keyboards.

Keyboard loggers either hook into operating system core functions at the software level or they get deep into the core (kernel) and act at the hardware level.

Loggers which run at the kernel level can be bypassed by using a virtual keyboard. These are included with your operating system. For Windows, you can run this simply by typing start/run then key enter osk and click run. If your run menu is hidden, you can search help and will find a reference. Mac users need to go into system configuration / Language then check "Keyboard viewer". Once that is done, a small US flag will appear in the menu bar. Clicking on this then selecting "Show Keyboard users" will display the on-screen keyboard.

Some keyboard loggers also take screen shots of every mouse click also. In those cases, even a virtual keyboard won't help. Windows combats this a bit by offering a "hover to select" option which is configurable in seconds. If you hover the mouse over the key for x seconds, it will enter without a click.

There is a debate over using your browser's auto enter features to prevent keyboard logging. Using auto enter does not stop all keyboard loggers. Software based keyboard loggers hooking into SetWindowsHookEx() will still be able to read the auto-complete password. Using the virtual keyboard and configuring it to hover will prevent the lower level kernel loggers.

The only safe option to prevent keyboard loggers is to boot off a live CD.

Keyboard Logger Protection Link Description Platforms Price

Third Party VPN Services

In many countries where censorship rules, VPN services prevail. When in a country that doesn't have censorship issues, VPN is harder to find. We are actively seeking reviews by reputable publications on Domestic US VPN providers.

Product Review Link Description Platforms Price
Go Trusted Secure Tunnel PC Magazine 12/8/2009

Business travelers connect securely to the home office using a Virtual Private Network. The tiny GoTrusted client gives that same protection to every user. It's a tiny bit rough around the edges, but it does the job it's designed for, and does it well.

Windows, Mac®, iPhone®, iTouch®, iPad®, Android™ $5.99 per month for individuals
McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams




Home | Live CD Listing | Password Worksheet | Third Party Ratings | Purchase | Errata | Contact | News | News Archive | Legal

Copyright © 2011, Sustainable Alternatives, LLC | Ligonier, PA 15658 | 724-238-9560 | All Rights Reserved.

 Sustainable Alternatives, LLC BBB Business Review