Archive for the ‘Security’ Category
Protect Yourself
By admin on May 2nd, 2010This episode is sponsored by GotoAssist Express. Try it free for 30 days.
It’s time to take a look at maintaining your Gmail security. It’s no secret that the Internet can be a dangerous place. Fortunately, you don’t have to be an IT security geek to protect your Gmail account. With a few simple, common sense steps, and a little familiarity of some key Gmail features, you can protect yourself from people trying to gain access to your account.
You know the story. You get an email from a friend of yours who is reported to be stranded overseas and needs a couple hundred dollars to get home. This is one of the common messages and, of course, completely false. Your friend’s email account has been compromised, he’s got no idea until it’s too late, and your name happened to be in the address book along with who knows how many others who got a similar message. Remember, they wouldn’t be doing it if it didn’t work at least some of the time.
How do you prevent yourself from the same fate as your friend? (Not the ‘getting stuck overseas part’). The first step is understanding how your account could be breached. One way is forgetting logout on a public computer (a hotel kiosk for example.) Another way would be if someone had installed keylogging software on the computer you used. While undetectable to you, there are steps you can take to mitigate the risk.
First, select a strong password. Use a combination of letters, numbers, and throw in a symbol here or there. Use uppercase and lower case letters. Don’t use dictionary words or common names. Make it meaningful to you. For example: iat#1gmn! would be short for (I am the number 1 Gmail ninja). Also, change your password periodically. Yes, I know this is a pain, but when you think about it, even if someone has captured your password from a keylogger, it won’t be any good once you change your password. You can change your password under Settings> Accounts and Import> Change Account Settings or go to http://www.google.com/accounts
Second, remember to sign out when you’re done. It sounds simple, but it’s easy to forget.
Third, monitor any open sessions and understand what they mean. At the bottom of the main conversation index, there’s a line that says “Last account activity” and a link at the end to display the details. If you, or someone else, is logged on from another computer, it will tell you there. I often see one or two other computers logged in because I forget to logout on my home computer then access Gmail from work. By clicking on the Details link Gmail displays the location and IP addresses of the other sessions, a button to terminate the other sessions immediately, and a history of recent activity. It’s a good idea to become familiar with your home and work IP addresses so you can spot others that you don’t recognize. Remember to periodically scroll to the bottom of the screen and see how many other seessions are going. If it’s one or more, have a look at the details to be safe.
Finally, Gmail has created a feature that removes some of the burden of monitoring your activity. If Google sees activity on your account from two different countries within a few hours, you will see a warning message at the top of the screen in red which starts out “Warning, We believe your account was last accessed from…” You can turn this setting off from the same Activity history details mentioned earlier, but I don’t recommend it. Hopefully you’ll never see this message. While it’s nice to know Gmail is helping with some of the security, it doesn’t relieve you from doing some of the measures mentioned earlier.
Selected Offline Messages and Password Tips
By admin on November 8th, 2009Try gotoassist express free for 30 days by going to gotoassist.com/techpodcast
Back in January 2009, Gmail came out with a labs feature to let you access your Gmail without an Internet connection. The mail was synchronized when you were connected and then you could access it when you were offline. For frequent travelers, this is a terrific feature. You can learn more about it by listenging to the Gmail Podcast episode simply titled Offline from March 1, 2009.
The downside of the standard offline mode is that it took a very long time to download the messages or in some cases, all the messages you wanted were not there due to the way the software chooses which messages to download. You might find yourself with plenty of messages from a year ago that have little value, but not all your inbox was synced.
Gmail Offline now lets you choose which items to download and how far back to get them. This not only saves download time, but also ensures you have relevant information at your fingertips. For example, my Gmail archive is currently around 30,000 messages. It would take a couple hours to download all those messages, and according to the heuristics, I might not get all of the the ones I want.
To setup selected offline messages, you’ll need to enable the “Offline” labs feature from the Labs tab on the Settings screen. Once that is done, you can use the “Offline” tab from the Settings screen. The “Download Options” section of that screen is where you configure how far back you want to sync your conversations and from which labels. The old method would have defaulted to all conversations from all labels. I setup mine to only go back a month and then fine tune it to first, ignore most labels, then chose some like Inbox that I want all conversations, and finally chose a few fairly active labels where I only need the past month. Once I saved those options, I was able to sync my data in a few minutes and take it on the road.
This feature really makes Gmail Offline a lot more convenient, but you will need to remember to check the settings from time to time to ensure you add labels as they are needed and remove those that are not.
Here’s today’s quick tip – Be sure to change your Gmail password at least a couple times a year. There are people on the Internet who make a career out of trying to steal passwords. Some guidelines to follow when choosing a new Gmail password:
- Make it unique. Don’t make it the same as your other Internet accounts. If someone compromises your Gmail account, they could have access to lots of other information on the Internet. If you have lots of different passwords to remember, I recommend a password vault program like KeePass available from keepass.info. I use because I have over 100 different passwords to remember at home and work.
- Use a combination of upper case and lower case letters, numbers, and symbols. One common trick is to replace letters with symbols. For example, replace S with a dollar sign, or T with a 7.
- Don’t use simple words found in the dictionary like “house”, “automobile”, and definitely not “password”.
- Don’t use personal information that is easy to find such as your street name, dog’s name, and so on.
- Putting two or more words together with symbols is a good idea. Something like “dino+eggs”, of course replacing some of those letters with numbers or other symbols would make it a much stronger password.
- Finally, make you password something you are likely to remember. “dino+eggs” would be great if you are a paleontologist, but not necessarily if you are a stock trader.
You can change your password by going to google.com/accounts, or if you are starting from Gmail, go to settings, click on the “Accounts and import” tab, then look near the bottom for a link labeled “Google Account Settings”.
Gmail Backup
By admin on September 19th, 2009Welcome the Gmail Podcast, a collection short hints, tips, and tricks to help you get more from your Gmail account. I’m your host, Chuck Tomasi.
Try GotoAssist free for 30 days at gotoassist.com/podcast
This past week I came across a really neat application called “Gmail Backup”. The name says it all. All you do is download and install the tool, provide your Gmail credentials, point it at a folder on your system, and click the Backup button. It takes care of the rest. And best of all, it’s free.
There’s a Windows command line and GUI vesion, a command line and GUI Linux version, and a Mac command line version only. I have heard rumors that a GUI version for the Mac is in the works so stay tuned to the Gmail Podcast for more information. Running from the command line actually makes sense if you want to schedule regular backups from a script. See the documentation on their website at www.gmail-backup.com.
Regardless of your platform, you will need Gmail IMAP enabled. You’ll find this in the settings under the “Forwarding and POP/IMAP” tab. For Linux users, you will need the wxPython (http://wxpython.org) packages installed. It also requires the ctypes module; which should be included in the Python 2.5 distribution. For earlier versions of Python you can find the package in the repositories of your distribution.
I downloaded and installed the Windows XP version and was up and running fairly quickly. I created a new folder under “My Documents” called “My Gmail Backup”. Feel free to put the folder where you like or create multiple fodlers if you plan on backing up multiple accounts. You can even do this after you start the application. Currently my mailbox is using approximately 1.6GB of storage on Gmail and it took a little over an hour to backup the first 600MB before I stopped. I had to relocate which would have interrupted my Internet connection. When I started it back up again, Gmail Backup recognized how much work it had done, took a few minutes to scan past the 9700 messages already backed up and resumed where it left off.
Other parameters availble in the application allow you to set a “Before date” to backup all messages before a given date, and all message since a given date. On first invokation, both dates are the same so it backs up all messages. As it retrieves the messages, they are stored in individual “eml” files in your backup directory. The ELM files can be opened by Microsoft Outlook, Outlook Express, Internet Explorer, IncrediMail, Thunderbird, and for Mac users, Entourage, and of course Apple’s Mail program. EML files are nice because not only do they preserve the times, sender, and other standard information, they also contain any file attachments that were on the files on Gmail. And yes, Gmail Backup also remembers your labels that you applied to the messages. They are saved in a mapping file called “labels.txt”, although you may run in to problems if your labels contain non-alphanumeric characters (a-z and 0-9).
And what would a backup program be without a restore feature? Gmail Backup allows you to re-upload all or part of your backup. If you’ve got multiple Gmail accounts or host your own domain from Gmail, you can backup messages from one account, and restore them to another account simply by providing the right credentials.
Again, I recommend visiting the website for full documentation, FAQs, and active forums at www.gmail-backup.com
For what it’s worth, there are other ways to backup your Gmail account, including Thunderbird (which has a limitation of 64,000 messages), Fetchmail (a little more technically involved and requires Cygwin to be installed), or Getmail (for you Linux users). I just found Gmail Backup to be quick and easy to use.
Here’s today’s quick tip… If you receive an email with a subject something like “Warning code: VX2G99AAJ”, just report it as spam, a phishing attempt, or delete it. The message body says it’s from “The Gmail Team”, however the message header says something quite differently. This is just an attempt to get your user information. Don’t even bother opening the message.
That’s all for this time… Comments, suggestions, or questions can be sent to gpodcast@gmail.com or check the website for full information and archives of all previous Gmail tips at chuckchat.com/gmail. I have no affiliation with Google other than as a satisfied Gmail user. Thanks to you for listening, and don’t forget to write.
Password Reset by SMS
By admin on July 18th, 2009This show is sponsored by GotoAssist.com – Try it FREE for 30 days!
Let’s face it, sooner or later we all forget a password. There are just so many of them to keep track of. Gmail has made this a little easier by allowing you to recover your password via text message.
Begin by going to http://www.google.com/accounts. Under the personal settings, you should see a section labeled “Security”. Click on the link that says “Change password recovery options”. You’ll need to provide your Google Account credentials one more time to verify your account.
Once that is done, you can add email addresses to send a reset link, or set a mobile phone number to send a password reset code via text message. To this, click on the link under the section “SMS” labeled “Add a mobile phone number”. Choose your country and enter the mobile number you wish to send the text message to and make sure to check the checkbox labeled “Use this phone number for password recovery via text message”. Finally, click the “Save” button at the bottom.
Now if you lose or forget your password, click on the link labeled “Can’t access your account?” in the login box of any Google application. On the right, look for the article labeled “I forgot my password” and click it. This link is also available on the bottom of the page. You will then be taken to the password recovery page where you first need to provide your username. In my case, I entered chuck.tomasi and clicked Submit. You’ll need to enter the text in the captcha page, one of those graphics with squiggly letters. I’ll admit, sometimes these are a little hard to read and I often have to enter more than one.
Once you’ve passed that test, you will be given several options to reset your password based on the account options you chose. If you set an alternate email address, you will receive an email to initiate the password reset process. If you setup the SMS option, you’ll get a text message with a recovery code.
Here’s today’s quick tip. Fight phishing with new labs feature. If you are unfamiliar with the term, Phishing, with a “ph” is a term used for nefarious email that tries to lure you to a website that impersonates another in order to get secure information from you. The most notable of these are eBay and PayPal. For example, some Internet villain will send you a message that looks like it is from PayPal and take you to a site that looks like PayPal, only to get your login and password and exploit your real account. This Labs feature in Gmail verifies that an email that says it’s from eBay or PayPal actually is from one of those sources – making it more trustworthy. To use this, go to the Labs tab in Settings, turn on the feature called “Authentication Icon for verified senders”. Now when you see an email from one of these sources, a little gold key appears next to the sender’s name in the message. This currently only works for eBay and PayPal, but I’m sure Google will be extending this functionality in the future.
Finally, Google has promoted their first labs feature to a full fledged feature. Tasks is now a permanent fixture on the main page for all Gmail users. This labs feature was so successful that everyone is now able to use it by clicking the Tasks link on the left. While there is still no syncing with other systems, I expect more functionality in Tasks in the future. After all, they already implemented my suggestion to move tasks between different tasks lists. Thank you Google!
