This week, we’re going to be looking at staying secure and safe when using a computer. Today, we look at how you can protect your PC and its files.
Yesterday, we looked at some basic ideas with regard to protecting your WoW / Battle.net account. Now, rather than bore you all again with dry and generic tips – use a strong password! – I’m instead going to lighten things up a bit and suggest some free and useful pieces of software which might interest you.
Just the other day I was taking a look at the family computer, finding ways to speed it up because it apparently had very slow performance issues. Would you believe the Recycle Bin hadn’t been emptied in ten months and there were approximately 49000 temporary internet files? Anyway, I digress. While checking it out, I noticed a piece of paper lying next to the monitor. A piece of paper on which every single password for the computer was written down with accompanying user names and web addresses, left for the world to see! You have to ask yourself, what’s the point of passwords if you’re going to leave them lying around like that?
Now, I can appreciate that some people can’t remember twenty different passwords and user names, but you should never really write them down. If you absolutely have to, it’s only clever if they’re then very secure and hard to get at. There are three ways to accomplish this:
- An online “password manager”
- An encrypted file on your computer
- A piece of paper locked inside a safe which requires both a combination and a key, hidden behind a painting, surrounded by CCTV cameras and heat-sensing, infrared laser beams, found inside a sealed vault, protected by armed guards, inside a fortified building. See the above diagram for visual reference.
Now, obviously you’ll probably have the most luck with the third option, but we don’t all have the ability to organise something like that. Nor do I advise the first option; as popular as they may be, I wouldn’t entrust anything private to something online – my theory goes that if something is online, it’s available for the whole world to try and get at. If it’s localised to a computer, you generally need the computer itself to try and get at it, which reduces the threat significantly. Hence, encryption is the answer.
Now, there are many different types of encryption and many different programs which will encrypt and decrypt data for you. My preferred choice is a program called TrueCrypt which uses AES (Advanced Encryption Standard) – one of the best accepted methods of encrypting data. Simply put, the software can create an encrypted file within which you can put other files or information, just like a normal folder. To open the file, you have to enter your password, and this is where you need something very strong:
- At least 20 characters
- Numbers and letters
- Special characters
- Upper and lower case
- Non-recognisable words
Getting back to the idea of keeping your passwords safe, what you can do is create a small TrueCrypt file, and just put a plain text file inside it (using Notepad or similar) which contains your list of passwords. That way, they’re mostly protected from the internet by being on your computer, but you can’t open the list without the master password, protecting them from local attacks. TrueCrypt also has the option of creating a hidden folder – one which can’t actually be located unless you know where to look – if you’re up for something more advanced.
There is just one weakness here. What if you accidentally leave the list decrypted and open on the computer (fool), and you’re using a laptop? Somebody could steal it and make off with the list! Or could they?
LAlarm is basically a car alarm – but for a laptop. It can be configured to sound an alarm upon several different events – for example, when the power lead is removed or when a USB device is unplugged. The latter could be particularly useful if you need to leave it in public; plug a USB drive in which has a lead connected, and tie the lead around a table or something equally unmovable. To take the laptop, the potential thief has to remove the USB, at which point, BEEP BEEP BEEP BEEP BEEP!
The software can also do fancy things like destroying specified data (perhaps your passwords?) when it’s stolen, and it can be set up to send you a text message if it is. There are other features too – check it out for yourself on its website.
Tomorrow, we’re going to look at internet security to finish off this short series of guides.