Healthy Passwords



Is it Time To Replace Your Battered Email Box?

Date: 2011-05-13 23:11:44

By: Ken Klein, Healthy Passwords
May 13, 2011 10:30 PM EST

Rural residents go through the new mailbox ritual every few years. It usually happens around graduation time or July Fourth. A car drives down the street while geniuses with baseball bat in hand destroy your mailbox.

The digital equivalent of the Battered mailbox may have just happened. According to the Privacy Rights Clearinghouse database, it started in early April 2011. First, Epsilon, a very large email provider lost millions of user account information. Then on April 14, Wordpress, the engine driving much of the blogging world, was hacked revealing 18 million usernames and passwords. Five days later on April 19 the Sony Playstation network (PSN) was hacked losing another 77 million customers information, Sony failed to report this until April 27.

Rural residents are constantly looking for the better mailbox. I personally use one that requires a key. Not only does it keep snoopers out, it is much stronger. Mine has already survived a baseball bat and a garbage truck. The email equivalent to this type of box is one using multi-factor authentication.

Multi-Factor Authentication not only requires a username and password. It also requires a hardware device. Someone cannot impersonate you without the device. Multi-factor devices include key chain tokens, voice or text messaging, USB devices, and printed cipher grids. You can learn more about multi-factor authentication at http://www.healthypasswords.com/multi-factor-authentication.html.

If your web email is your only email or the email you have linked to password resets, you need the most secure email possible. Think about it. If someone compromises your email, they can sit back and watch your emails until they know the sites you use most often. Then when the time is right, they simply login to your account and request a password reset.

If you read your mail in Thunderbird, Outlook Express, or Outlook, it usually uses something called POP or IMAP. If you use outlook for work, there’s a good chance it uses an exchange server and will be more secure than POP or IMAP. POP or IMAP can be unsecure. Most POP or IMAP mail travels through the network as plain text. If you use a laptop and your email is running while on an open WiFi network, it’s not very difficult to see your email. This can include your username and password. If you use this type of email, contact your email provider or ISP and request instructions to set is up using secure protocols. If they don’t offer it, then look for a new email provider.

Many banks no longer use email for password resets. If you want to see how yours handles it, just go to it and click the "forgot password" button. Just remember to check other accounts such as Facebook, Myspace, Twitter, Turbotax online, iTunes, Amazon, and all the various cloud based services.

If you determine you are vulnerable, it is time to change to a more secure email provider. At this time, Google is the only webmail offering free multi-factor authentication. We have assembled instructions for setting up GMail 2-Step Authentication at www.healthypasswords.com/gmail-2step-setup.html. Yahoo mail offers it through a third party, but there is a monthly fee involved.

To make an easier transition to secure email, temporarily forward existing email to the new account. This process varies by provider. For Yahoo, you can upgrade to mail plus for 19.99 a year and either download your email to a local client or setup forwarding. Hotmail offers free forwarding. Be sure to setup forwarding so it does not keep a copy of the email in your account. Only use forwarding at as a short-term measure. If your old account is compromised, forwarding can be disabled.

Category: Email

Subcategory: Passwords

blog comments powered by Disqus
McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

 Subscribe in a reader




Home | Live CD Listing | Password Worksheet | Third Party Ratings | Purchase | Errata | Contact | News | News Archive | Legal

Copyright © 2011, Sustainable Alternatives, LLC | Ligonier, PA 15658 | 724-238-9560 | All Rights Reserved.

 Sustainable Alternatives, LLC BBB Business Review