BeBizzy Break Podcast : Episode 52 – Insecure Website Warnings & Dropbox Paper Updates

BeBizzy Break Podcast : Episode 52 – Insecure Website Warnings & Dropbox Paper Updates

In this episode we talk about upcoming Google Chrome warnings that will be displayed for website forms not protected by SSLs and a little about Dropbox Paper.

  • Dropbox Paper has released some updates
    • Users can now preview Dropbox Paper docuemnts before opening them. Very helpful for admins or project managers.
    • Usera can also now create folders on mobile devives and move Paper documents to them. Great for those of us who work on phones or tablets a good portion of the time.
    • And finally, users can now delete files on their mobile devices. A little less useful for many of us IT guys and creatives who NEVER delete anything, just archive it.
  • Google Chrome will now start displaying a “Not Secure” warning on webpages not protected by an SSL and including a form asking for passwords or credit card information.
    • This means that if your site requires or requests any of this, the warnings will be shown to potential clients and other visitors.
    • I believe this is an incremental step towards Chrome requiring all sites to have SSLs in the very near future, with the next step probably being that ANY form will need to be protected by an SSL.
  • This is a great time for you to get ahead of the inbound wave by activating an SSL on your site as soon as possible to take advantage of the extra search weight assigned by Google for sites with SSLs.
  • It’s also a great chance to take a look at current forms on your website and maybe change them to ask additional questions you may have ommitted due to not having and SSL in the past.
  • Keep in mind there are some obstacles beyond cost to purchasing and installing an SSL. More to come on that in a future episode.

Don’t forget to send us any suggestions for apps to review or people to interview. And subscribe to the BeBizzy Break Podcast on iTunes and Stitcher Radio

And as always, leave the technical stuff to us!

GoDaddy Smartline : BBP – Episode 51

GoDaddy Smartline : BBP – Episode 51

In this episode we talk about Android Oreo, Skype, Chromebook Bluetooth issues, Facebook bandwidth limitations and GoDaddy Smartline.

BBP : Episode 51 – GoDaddy Smartline

  • New Android version is officially Oreo.
    • Google announced this on during the solar eclipse in New York.
    • Faster, better battery life, better copy and paste, picture in picture.
    • No specific date on release, but most compatible devices should have it by the end of 2017
    • Watch the announcemet here : https://www.youtube.com/watch?v=fDLc-QPFNs0
  • My phone situation
    • The cell towers seem to be back up as my connection is much better
    • However, I did choose Skype as my inbound/outbound backup.
    • Worst part is now when I get a phone call, my phone, my Chromebook, my iPad and my computer all ring. I finally stopped leaving Skype on all the time on my Chromebook, so that removed one of the devices.
  • One issue I’ve discovered is common with Chromebooks in general is a bit of an issue with Bluetooth audio. Seems that streaming audio via BT on the Chromebooks is a bit flakey So factor that into your decision making. LOVE the Chromebook, but that makes two big things I don’t like, the other is a limit on
  • Facebook will start distributing files based on the ability of users to view the content due to their bandwidth.
    • This means that if you have a large video file or even a very large image, it may be NOT shown to users on slower mobile devices, or even slower home and office connection
    • This does not mean you should NOT use video or images, it just means you should make sure you take some time to compress or optimize your file before you upload.
    • This will make sure your message, advertising, or video of your dog playing will get seen my more people.
    • BeBizzy Consulting can help you with your social media. Contact us today!
  • GoDaddy Smartline
    • 100 minutes per month
    • 100 texts s/r per month
    • Add a second number so you don’t have to give out your mobile
    • Make and receive calls using the Smartline business number.
    • Also use Smartline to send/receive text messages

Don’t forget to send us any suggestions for apps to review or people to interview. And subscribe to the BeBizzy Break Podcast on iTunes and Stitcher Radio

And as always, leave the technical stuff to us!

WEBSITE LAUNCH – North Dakota Recreation and Parks Association

WEBSITE LAUNCH – North Dakota Recreation and Parks Association

BeBizzy Consulting is proud to announce the launch of our latest website, NDRPA.com!

The North Dakota Recreation and Parks Association supports park and rec organizations in communities across North Dakota by providing education opportunities, resource material and recognition.

Visit the site at http://ndrpa.com.

Ready to redesign and launch a website for your business or organiztion?

Contact BeBizzy Consulting to talk about how a responsive WordPress site hosted and backed up in our server environment can help you get noticed by your customers. 

Change Your Passwords… Again : BeBizzy Break Podcast Episode 50

Change Your Passwords… Again : BeBizzy Break Podcast Episode 50

EPISODE 50!! AND, it’s our one year anniversary. So all around a big day for the BeBizzy Break Podcast!

In this episode we talk about what NIST has recommended for a new password strategy.

BBP : Episode 50 – Change Your Passwords… Again

First of all, congratulations to Dana and her team at the North Dakota Recreation and Parks Association on their new website. We launched http://NDRPA.com earlier this week. It’s a WordPress site with a calendar, subpage navigation and more. Check it out!

Also, I rescued two websites earlier this week from hacking. I’ll use this as my weekly reminder for all of your to back everything up. Websites, databases, financial information, personal photos… everything. Better to put a little bit of prevention and spend a little bit of money now than pay a bunch of money to possibly recover (or worse, possibly NOT recover) lost data.

Passwords

Back in 2003, Bill Burr (not the comedian) was a mid-level manager at NIST, the National Institute of Standards and Technology. They recommend standards on all sorts of things like official weight calibration, timing, and even technology guidelines like passwords. In 2003, Burr published NIST Special Publication 800-63 Appendix A, which spelled out the proper guidelines for creating and managing secure passwords on websites and networks. Those guidelines are still followed today.

The standards included a long password (8-12 characters), upper and lower case alphabet charcters, numbers, special characters and random. Sounds like every website you sign up for, doesn’t it?

But now, Mr. Burr has stated that in regards to this document and policy, “Much of what I did I now regret.” That’s an unfair statement by Bill. Back in 2003, we didn’t have much history of what computer network security was, and we definately didn’t have the case studies of how criminals and mischief-makers would do to gain access to computer networks. All of his recommendations sounded solid, and while possibly flawed, are still in use today.

What NIST and computer analysts are finding though is humans always find an easy way to get around something tough, and frankly secure. The requirements would allow a user to create a seemingly random password like “Pa5sW0rD”. You and I both know that says “PaSsWOrD”, but the computer sees it matches Burr’s recommendations.

So, when it comes time to update the password becasue of time requirements placed by the system adminstrators, or a data break. instead of creating a new, secure passwords, often we add something simple to it. “Pa5sW0rD” becomes “Pa5sW0rD1”, the “5” and “s” switch places, or something simple like that to remember but still meeting Burr’s recommendations.

Well the computer hackers have also figured out our shortcuts and have added some smarts into their password cracking to test out some of these easy switches. And it’s working.

In June 2017, NIST has published a new version of NIST Publication 800-63, which outlines a very different recommended password architecture. What started out as a project to simply review and slightly revise Burr’s policy recommendations became an eye-opening look into how users and criminals were using passwords. And results came back with a HUGE change in password policy.

Instead of a hard-to-remember, cryptic password, it was instead recommending four or five easy to remember words all pressed together. This is easy for the user to remember, change and use, and tough for the computer hackers to crack due to the length and randomness of the password.

A cartoon on XKCD.com drawn by Randall Munroe estimated that a password created using Burr’s methods, “Tr0ub4dor&3” would take only three days to crack using current methods. A password of four words all mixed together would take 550 years. That password was “correcthorsebatterystaple.” Which one do you think is easier to remember, and change? And if you DO need to change the password, which is now only recommended in the event of a data breach or similar event, you can swap out an entire word instead of just adding a “1” or “!” to the password.

It will be interesting to see how this is adapted and implemented across websites and networks. Most rules won’t allow passwords regardless of length, to not contain numbers, special charactes and upper/lower case, so there’s a lot of things that have to change for these guidelines to become common, but it makes sense.

Do you have thoughts on this or anything else technology related? Let me know on Twitter or at BeBizzy.com!

Don’t forget to send us any suggestions for apps to review or people to interview. And subscribe to the BeBizzy Break Podcast on iTunes and Stitcher Radio

And as always, leave the technical stuff to us!