Category: Security
IMA on the air waves – IT Security

It was great to hear our MD and founder Ian Metzke on Fiona Parkers morning radio show on Tuesday (20th October) morning.

Have a listen to a quick grab of his conversation about IT Security

 


Security, Fanboi’s and Passwords… time for 2 factor authentication
Ian, our owner and MD. Ian started IMA back in 2004 and has driven its growth ever since. Ian is always open to new ideas, and sometimes he even takes a few on!

Ian, our owner and MD. Ian started IMA back in 2004 and has driven its growth ever since. Ian is always open to new ideas, and sometimes he even takes a few on!

His response was that this opened me up to hacking. Specifically if any website or system where I’d typed in one of those passwords were compromised then all of my accounts were compromised.

He told me that he didn’t know what his passwords were.

He used an application to randomly generate them and then store them for later use. He and a friend, who is a massive apple fanboi, sold me on this and also on 1Password as one of the best solutions (http://bit.ly/ZFX2U9).

 

I thought a lot about the message and went and installed 1Password on my phone, PC, Mac and iPad.

 

Now I was secure

Actually, I was no more secure than before.

What I did next was go through my passwords file and changed all my passwords, storing them in 1Password. My file was just a note on my phone containing prompts for all the systems and passwords I used. It wasn’t very secure and it wasn’t amazingly accurate. 

About one week later I’d gone through every system I could think of, or had recorded, and changed the password to a randomly generated one, created by 1Password … all except my email.

As I explained to the manager, all my passwords are random strings now, except my email, I type it in so often it needs to be easy.

The manager gently took me aside and pointed out that almost every password reset involves sending a reset link to your email account and once they have access to your email they can access every system you have. He suggested that not only do I get a secure password, but I consider 2 step authentication. Two step authentication sounded like too much work, but I did use a random password for my email.

Today I read this wired article from 2012 on how Mat Honan’s account got hacked: http://bit.ly/15vSvTA;

Now I have 2 step authentication for my email. If companies like Amazon & Apple can compromise your security, then I reasoned I need to take some appropriate security steps myself.

I hope my fanboi friend is happy.