Quick Tips to Greater Password Security

Globally people are taking the time today to bring awareness to the importance of password security. For both individuals and organizations alike password security is of the upmost significance when it comes to protecting ones personal information, finances, documents and many other forms of information. Passwords are one of the most critical layers of security in any situation.

Why should you care about having strong passwords?

  • Because your information is important.
  • Because your privacy is something you can’t ever get back.
  • Because you don’t want to be taken advantage of over something you can control
  • And for businesses it might be part of the policy and you’re risking more than you realize.
  • Because identity theft is not a joke.

Here are a few quick tips that you should understand when it comes to creating and managing your password security.

  1. Include numbers, symbols, and uppercase and lowercase letters.
    We recommend a random assortment of different characters all jumbled up like a good box of Ester-Price candy. The more the merrier.
  2. Do not reuse the same password(s).
    When you use the same password for multiple accounts it puts all those accounts at risk with one breach. When you have different passwords for every login you can limit the extent of a breach to that single account.
  3. Make your password long.
    Passwords that are three characters long take less than one second to crack.
  4. Use a nonsense phrase instead of common words or phrases.
    If it’s never been said or heard before you’re in the clear. Common sayings or even words in the dictionary can be easier to crack so be creative.
  5. Avoid using your personal information, especially things that can be found on social platforms.
    Your name and birthday together is not fooling anyone, Karen.
  6. Don’t give your passwords away to other people.
    This should be a given, but you’d be surprised.
  7. Use a password manager.
    Here are a few we recommend – Keypass, LastPass, Dashlane, 1Password. There are many others as well just find what suits you and see how it goes.
  8. Change your passwords regularly.
    It’s a pain but it can save you a great deal of challenge if done properly.
  9. Use dual-factor authentication
    When this is an option we high recommend that you use it. There are a few different forms of duel authentication and they are all great such as single-use codes, fingerprint ID, and USB Tokens.
  10. If you own or manage an organization YOU NEED A PASSWORD POLICY.
    There is no reason that all of the above shouldn’t be in your corporate handbook or policy for employees to be implementing into all their work passwords. If you do not currently have a password policy in your workplace we highly recommend putting one in place.

Today is the day to change all your passwords, it should only take you a few hours – have fun.

TEST YOUR PASSWORD
PASSWORD GENERATOR

DataYard Tools | How to Change Your Password

DataYard is continuously striving to make IT better and today we’re launching the new and improve Connect Mail Password change module. Below you will find a link to launch this tool, but you can also find access to the Change Your Password Tool on the “My DataYard” page. Otherwise please check out the video below on how to utilize this tool.

 

 

If you still have questions feel free to reach out to our technical support team at 937-226-6896.

DataYard Tools | How To Use Alias Editor

DataYard has recently released a new Alias Editor tool with a fresh new face that gives our users a better experience.  Our email alias tool allows you to set up emails with your domain that forward to another email address. An alias email can be set up to send to either an email at the same domain or a completely different email at a different domain.

For example, if someone owned the domain, yourdomainname.com they could set up an alias email of [email protected] to send to a personal email [email protected] or [email protected].

Here is a quick click through on how to use the Alias Editor.

 

How to Login or Sign Up

Open your browser and go to: tools.datayard.us

Login with your Username and Password.

Don’t have a username/password? Click the Sign-Up button.

DataYard Alias Editor Login Screen

Understanding the Dashboard

Once logged in you will see the Alias Editor Dashboard with the domains you own listed on the left and the aliases currently in place listed on the right. On the right side of the screen, you will see columns for ‘Alias’ and ‘Destination’, which are pretty self-explanatory in that the Alias column is a list of the ‘Aliases’ in use and the ‘Destinations’ are where they are being sent.

If you have more than one domain click on the domain you would like to manage add, edit, or remove your custom aliases from on the right and then you will see the following options on the screen:

 

 

Create New Alias – this will allow you to create a new alias for your domain

Create New Catch-All – this will forward all emails that are sent to the domain that don’t already have predefined alias definitions.

Edit – this will give you the ability to edit the alias name and the recipient addresses for that alias.

Duplicate – this will allow you to duplicate the alias and all the recipients for that alias.

On/Off Switch – this will turn on or turn off the alias so that it continues to work or discontinue working but keeping the record.

Delete – this will delete the alias record altogether.

Understanding the Editing Alias Screen

Once creating or editing an alias you will see the option to create, edit or delete the alias where you can make the changes you desire.

 

If you have further questions please check out our How-To Tutorial video available below or reach out to our support team.

 

Google Chrome Updates – Is Your Site Secure?

The world’s most popular Internet browser, Google Chrome, is releasing an important update in the coming weeks.  Starting with the public and stable release of Chrome update 68, the browser will show a yellow “warning” icon next to the URL of web sites which are not protected by a SSL cert, and when this icon is hovered over a “Not Secure” warning will be displayed.  With over 53% of total browser market share, this update is sure to affect a wide swatch of users and websites.

Read the Google blog post here.

Not sure if your website will be affected by this change?  Visit your site in a browser, and then look at the URL in the address bar.  If your address begins with “HTTP” and not “HTTPS”, your visitors may start to see a warning when this update is released.

To get ahead of the curve on this, give us a call or send us an email – for $175 a year, we can purchase, coordinate, and install a fix for this issue for any DataYard hosting customers.  Just another way we are here to help you make IT better.

 

New and improved Connect Mail

We’d like to thank you DONet & DataYard mail users alike. We’ve spent the last several months bringing you a whole new revamped Connect Mail experience. These upgrades will not require any of our customers to make any changes to their mail clients.

One of the biggest changes you will notice right away is that we’ve changed our webmail platform. We’ve integrated many of our previously separated services into one single pane of glass. Within the new webmail, you will now be able to set forwarders, auto responders, and even create filters to filter your mail. We feel this new experience will be much more user intuitive and stream lined.

When you login to the new webmail, you should see all of your mail, folders and settings. This includes all of your signatures, identities, contacts and contact groups.

Screen Shot 2018-03-10 at 8.45.06 AM

The new settings will have some similar features you should be accustomed to using, but you will also notice some new links. On the left hand side you will notice a mobile sync tab which can be used to now synchronize your webmail/mail calendar to your phone, along with all of your contacts.

Screen Shot 2018-03-10 at 8.45.28 AM

You will also notice these three tabs next to your folder structure. These are the new locations for you to forward your mail, setup auto responders, and filter incoming messages. No longer will you need to use your my.donet.com to make these changes.

Screen Shot 2018-03-10 at 8.45.37 AM

Screen Shot 2018-03-10 at 8.45.45 AM

Screen Shot 2018-03-10 at 8.47.55 AM

 

Let us know if you have any questions, concerns, or just want to chat: 1.800.982.4539 or [email protected]. Remember to follow us on Twitter (@datayardtechops & @datayard)!

Keeping the Internet Safe

Earlier this month was Safer Internet Day, which is a day dedicated to creating awareness around safe internet usage mainly geared towards children and teens. I realized this topic didn’t exist when I was growing up. Think about it for a second. I am in my mid-late twenties and I have had more years with dial-up internet or no Internet at all, than I have with anything close to the high speeds we have today. I’ve grown up with the Internet quite literally. When I was a kid, teachers and parents were just trying to grasp the concept of the Internet and how it was used, let alone talk about how to safely address it. For this reason, I’ve taken it upon myself to catch all of us up on some quick Internet Safety Tips.

Passwords

Creating complex passwords and changing your passwords regularly can go a long way. That means moving past the passwords like ‘Password123’ and ‘Jacob19’, onto more creative phrases and symbols. It is also beneficial to use different passwords for your different accounts and websites, rather than using the same one across the board. For this reason, I would recommend using tools like LastPass, KeePass or 1Password to help keep track of all of your different passwords. These tools can also be set up to remind you to reset your password every couple of months.

Public Network Security

Free public Wi-Fi has essentially become a basic utility, making the internet easily accessible virtually anywhere. This is also making users increasingly vulnerable. The challenge with public Wi-Fi is that it’s often unsecured, making it easy for hackers to access your device. If you want to utilize public Wi-Fi in a secure manner, you can purchase a Virtual Private Network (VPN). A VPN is a software that will provide you with a secure connection to the Internet.

At Home Network Security

Taking a comprehensive look at your home network will allow you to have peace of mind when you are connecting to the Internet at home on your various devices. Changing administrative passwords and implementing a few precautions can make your connection much safer. For a checklist on securing your home network check out our Securing Your Home Network blog.

Safe Browsing

Many times, Internet browsers themselves provide Safe Browsing functions (see Google). However, you can go an extra step and retrain yourself on not giving away personal information, avoiding questionable websites, only downloading software from sites you trust, and increasing your browsers security settings.

  • Click Smart – don’t click on sketchy links or ads
  • Share Selectively – don’t just share your personal information with anyone
  • Shop Safe – when shopping online always make sure to look for https

HTTPS

Keep an eye on the addresses of the sites you are visiting. In the address bar for your website, you will see either HTTP or HTTPS (more about the difference) which represents how data is transferred between a web server and a web browser. With an HTTPS site, the data is encrypted, which keeps your information safe. This is extremely important for any online shopping or banking, and any site taking your personal information. You need to make sure that it has encryption.

Stay Up to Date

Staying up to date on the latest operating systems (OS) and software/application versions will ensure that you have the most up-to-date security measures in place. We recommend turning on auto-update when applicable.

If you have more questions about making your home a safe place please feel free to reach out to us on social media or at [email protected]

Other Resources:

HTTPster Update

HTTP (Hypertext Transfer Protocol) is the default protocol used to transfer data between a Web server and a Web browser. When you open Internet Explorer, Chrome, Firefox or Safari and type a URL in the address bar (for example, https://www.datayard.us); you’re actually sending an HTTP request to DataYard’s Web server requesting information; in this case DataYard’s homepage. When DataYard’s Web server receives this request, it searches for the desired information and responds to your Web browser with the appropriate information. This information is then displayed on your monitor and the HTTP connection is closed. If you were to click on any link within the home page, another HTTP request is sent to the Web server and it responds with the desired data and again displayed on your monitor.

HTTP is inherently insecure, meaning information is sent in plan or clear text. Why is this noteworthy? If a savvy person were to “snoop” on your Internet connection, they’d be able to read the data rather easily using simple tools found all over the Internet. This isn’t such a bother when you’re browsing for the latest football scores or reading up on recent events. However, if you’re paying bills, checking bank accounts or attempting to secure a loan of some type via an online finance tool, this becomes seriously concerning. The answer: HTTPS.

HTTPS (Hypertext Transfer Protocol Secure), as its name implies, is HTTP’s much more secure brother. If you were to type “google.com” into your favorite browser, you’ll likely see the address change and it’ll look like this…

Why is this, though? It’s because Google uses an SSL (Secure Socket Layer) certificate to encrypt data sent between their Web servers and your Web browser. Much the same can be said about almost any other Web domain that would be expected to serve up sensitive information (banks, online shopping, investment entities, utility companies that accept online payments, etc.). Without this certificate or HTTPS, if you were to complete an online shopping transaction and someone happened to be “snooping” on your device or Internet connection, they’d be able to see the details of your purchase in plain or clear text. Credit card information, shipping addresses and other details of your transactions would be wide open for the world to see. So how does HTTPS work exactly?

When an SSL certificate is purchased and placed on a Web server, the Web server holds a private key, basically an encryption algorithm that tells its public key holders how to decrypt the information its sending back and forth. Let’s take our first example of HTTP but this time we’re going to use HTTPS.

It’s time to pay bills and instead of using snail mail, you’ve opted to go green and pay online. You enter your vendors Web address in your browser, https://www.electriccompany.com. Immediately upon this request, Electric Company’s Web server will send your browser a public key, instructions on how to decrypt the encrypted information via the private key. Confused yet? You shouldn’t be. All this decrypting and encrypting is transparent to the user and is exclusively handled by the browser and server.

As you enter your credit card information and click “SUBMIT”, your credit card information, account details and other personally identifiable information is sent to the Web server within a snug, tightly-wrapped blanket of human-unreadable characters that can only be deciphered by the Web server and it’s private key. So the guy that’s been “snooping” on your Internet connection would only see a very lengthy and incoherent string of characters that would envy Da Vinci’s cryptex.

Now that you have a better understanding of HTTP and HTTPS, as well as their differences and advantages; how does one go about “securing” their Web site? It’s rather simple, actually and as more and more people conduct sensitive business in our technologically endowed world, certificate authorities (CA) are making this process even more streamlined than before.

Companies like VeriSign, GeoTrust, DigiCert and GoDaddy specialize in the sale and deployment of SSL certificates on a global scale. A user would simply purchase an SSL certificate from any of these CA’s then install the certificate on the appropriate Web Server(s). Once the installation is complete, any browser requesting information from that Web server would then have the benefits and peace of mind that all the transactions would be safe and secure! If you’re not up for the task just let us know and we’ll be sure to take care of everything giving you a wonderful gift, peace of mind.

Enabling Your Spam Quarantine

By default, the DataYard Mail filter tags some messages and blocks others but has the capability to create a quarantine inbox where you can view and release messages deemed spam by the filter.  This isn’t enabled by default.  If you haven’t logged in to the Mail filter before, please read our article on creating a login and updating your settings, here.

Enabling the Quarantine

Enabling and configuring Quarantine will send some messages to your Quarantine Inbox on the Spam filter rather than tagging them or blocking them outright.  In order to enable Quarantine, go to the Spam Settings page.  Then un-check the Disable checkbox next to the Quarantine field.  Finally, adjust the Block and Quarantine sliders so that the Quarantine value is less than the Block value and click Save.

Spam_Walkthrough_16

You can also adjust how often Quarantine summaries are sent to you and where they are sent. Navigate to the Quarantine Settings page under the Preferences tab.  You can select Daily, Weekly or Never for your Quarantine email intervals.  You can also enter the email address that you would like the notifications to go to if you would like to send them somewhere else than your account.  Make sure to click Save if you make any changes.

Spam_Walkthrough_17

Once you’ve set up your score levels, you can manage your quarantine from the Quarantine Inbox.  Click the Quarantine Inbox tab and then the Quarantine Inbox option.  There you will find all messages that have been quarantined by the filter.  You have options to Deliver, Whitelist or Delete those messages, either individually or in bulk.

Bulk Email options

Quarantine_Bulk

Individual Email options

Quarantine_Individual

Finally, you can click on any message to view the message and its associated details and release the message from there as well.

quarantine_message_detail

That’s all there is to it.  If you have any problems, you can contact us any time at [email protected] or 937-226-6896 for assistance.

How to update your DataYard Mail Filter Settings

DataYard’s new and updated mail filter features improvements to both spam and virus filtering performance and the user interface.  This article explains how to create an account on DataYard’s Mail filter, update your password, add and remove entries from your whitelist and blocklist and adjust your spam filtering levels from the defaults.

Creating an account

Access the Mail filter login page at https://filter.datayard.us.  Enter your email address in the username field and click  “Create New Password”

Spam_Walkthrough_1

It will tell you that an account has been created and will have sent an email to you with your password.

Spam_Walkthrough_2

Spam_Walkthrough_3

Now you can log in to the portal with your email address and password.

Spam_Walkthrough_4

Here is what you’ll see when you log in.  The page will default to the Quarantine Inbox that is disabled by default (you can enable it by following the instructions here).

Spam_Walkthrough_5

 

Changing Your password

Upon logging in, click on Preferences

Spam_Walkthrough_6

Then click Password

Spam_Walkthrough_7

Enter your old password and desired password as directed, then click Save Password.

 

Updating your whitelist/blocklist

Click Preferences, then Whitelist/Blocklist

Spam_Walkthrough_8

You will be presented with the following page.  To add an address to either list, click into the entry box in either list, then enter the address and click Add.  To remove an entry, click the trash can next to the entry you wish to remove.

Spam_Walkthrough_9

To remove an entry, click the trash can next to the entry you wish to remove.

Spam_Walkthrough_10

You can edit the list as a whole by clicking Bulk Edit on the list you wish to edit.

Spam_Walkthrough_11

Never edit the first line and put each entry on its own line, as shown below. Click Save once finished.

Spam_Walkthrough_12

 

Customizing your filter settings

Click on Preferences, then Spam Settings

Spam_Walkthrough_13

In order to change your settings from your Domain defaults, select No for Use Domain Defaults under the Spam Scoring section, then click Save.

Spam_Walkthrough_14

You’ll now be able to adjust the scoring levels for blocking, quarantine (see Enabling Your Spam Quarantine if you’d like to utilize the quarantine feature) and Tagging.  Adjust the sliders to your desired levels and click Save.  Higher numbers are less sensitive and lower numbers are more sensitive. For example, if you change the Block slider from the default level of 5 to 8, you will receive more messages.

Spam_Walkthrough_15

Getting Help

The new mail filter includes comprehensive help, if you need an explanation for a setting or section, simply click the “Help” link at the top right of every section header.

Spam_Help

You can also contact us any time at [email protected] or 937-226-6896 for assistance.