J2 News: Prevent Someone From Becoming You

If you got my last newsletter, you know that this is the year when we all — the whole internet-using universe — become targets for bad hackers. We’ve already learned how they will try to get at our Macs. Now we need to look at how our online accounts and identities are vulnerable. Please at least read the first section, on passwords.

Got GSP? Picking a Good, Strong Password

You know how, recently, you might see a spate of emails from a friend that you know are junk — invitations to off-shore pharmacies and the like? And then that same friend emails everyone in his or her address book, to the effect of, “Sorry, someone hijacked my email!”?

Well, that happened because your friend had a password that was too simple, too easy to crack, and someone cracked it and took control of the mailbox.

This intrusion is not just an inconvenience to your friend and the people in their inbox. If someone has your email password, they can get passwords to ALL of your other online accounts, including possibly banking. And hackers make money — more than you might think — by acquiring access to things like passwords, online accounts, credit card numbers, etc. (Hackers commit other kinds of crimes, too, but let’s continue.)

How do they do it? I’m not a hacker, but I can abstract it: The bad guys have their computers scan the internet for, say, @gmail.com addresses. Then they point other software at the Gmail servers, and run software to try to log in to known accounts by guessing all the possible password permutations. Unless you’re famous and being specifically targeted, they’re not researching the names of your kids and pets. They just run through the dictionary, and common names, and number sequences (e.g., “1234”), and their bots work really fast. If your password is more simple than what I’ve outlined below, they can guess it.

Here’s a real disconcerting site, which I found by googling “crack gmail password.” There are others.

So, I’ve already posted this, but it’s well worth restating:
Please — as in, umm, now — please create a Good, Strong Password for your email and any other important online accounts.

A Good, Strong Password contains:

• at least 10 characters of both letters and numbers
• at least 1 capital letter, preferably in the middle
• at least one non-alphanumeric character, preferably in the middle
• no recognizable names or words.

Microsoft words their recommendations slightly differently, and offers one tip for creating a password. I like their suggestion of choosing a memorable phrase and building the password from there. I even think that choosing a full sentence with capitals and punctuation might be a good way to remember the password; a bunch of recognizable words would be safe-ish. I also like passwords that are easy to type, as long as they don’t contain keys in order, such as “fghj.” Here are some other tips.

I have met every different kind of personality when it comes to creating and remembering passwords. And believe me, I have every sympathy for people who feel they have more important things to do with their brains. Unfortunately, we have come to a time when, from here on out, you either keep your digital stuff locked tight, or you get your life messed with.

Keeping Track

The natural question that follows is, how do I keep up with all my passwords? Fortunately, your Mac has an excellent built-in device for this, called the keychain. Several software packages are also available for Macs and PCs. Check out my full write-up on the keychain and other options.

Do the It’s-Really-Me Two-Step

There is another method to lock your ID even tighter. It’s called “two-factor” or “two-step” authentication. Not every service offers it, and I won’t lie and say it ain’t for those who like to keep technology simple. But Google has rolled it out, even to their free accounts, and it is as smooth as I could expect something like this to be.

You dance the Google two-step like this: When you sign into a new computer — or every 30 days on your usual computers — besides accepting your password, Google sends you a text message with a code. You have to enter that code on the Google web site to continue.

Also, for all your other apps that access your account, such as an email or calendar program, Google will generate a single-use “application” password that you only have to enter once; it will get stored by your computer or phone, and if said device gets stolen, you can revoke permission.

“Gosh, this sounds like fun!” you’re saying. You can’t wait for us to come over and show you this awesome new computery thing. Just wait! There’s more…

Google offers a couple of backup verification methods in case you can’t get a text: You can receive a voicemail with the code, or your phone can run an app that generates a code for you, or you can carry a piece of paper with 10 “backup” codes on it. Really, I’m not kidding.

They also will do a retinal scan and test your DNA against a sample they keep in a cryo-vault… OK, that time I was kidding.

Enabling Two-Step Verification for your Google account is in your Account Settings. It’s a bit of a process, and I recommend reading carefully each step of the way.

Facebook also does this login two-step now, which is good because 750,000,000 accounts are a terrifically big honey pot, and we all know someone whose account got hacked. Go to the Account Security section in Account Settings, and make it look like this:

Facebook should already know your cell number, and will text you a code to enter.

I dearly wish more services were doing the two-step. Yahoo, Amazon, eBay, Apple iTunes — they should all get on this bandwagon. But the smart ones are at least starting to require Good, Strong Passwords.

Welcome to the Age of the Hack. Don’t shoot the messenger.

J2 News #4: Preachin’ What We Practice

A Promotion

Before I get to my announcements and tips, I want to tell everyone about some new promotions. We hope you’ll like these new, more affordable ways for you to get Chicken Soup for your Macs.

System Upgrades

At the end of 2008, I said I was going to make some improvements to our service. Today, I’m proud to formally announce our new web site at j2mac.com, a place for you to connect to us, and to get information that we hope you find helpful in your computing life.

First, right away, I’m excited to tell you about our new, incredibly handy Schedule page. There, you’ll find up-to-date calendars for me and Erick.

Whenever you want to schedule some time with J2, please call 210.787.2709, or email us at schedule@j2mac.com. You can pick an available time — a blank spot in one of our calendars — and call or email our new scheduling coordinator, Denise Rangel. When Denise books your appointment, we are able to see it immediately on our iPhones. Denise has freed up a great deal of time for us to concentrate on doing what we do best. Many thanks go to Lynn Gosnell for helping inaugurate this new system.

For me, the most fun and useful part of j2mac.com is the searchable blog, which lets us post commentary on the tech solutions and answers that we employ. Check it out when you have a chance; there are all kinds of tidbits for Mac and iPhone users, and lots to help any surfer get more out of the internet.

We have also begun to create histories of the work we do for you. We keep the documentation online, viewable to anyone in our organization; we also share your sheet with you (and only you), and you can call it up from a web browser any time. I’ll send you a link when we first create your doc.

I recently discovered another powerful online gizmo that I didn’t even know I had: Check out this Client Information Form that folks can fill out online, giving us basic contact information but lots of other things we need to know, such as your internet service provider, current models of computers, etc. We are also going to send out some polls and surveys — check the sidebar to the right of this page for the latest one!

That’s the stuff that you’ll see — what web site designers call the "front end." Behind the scenes, we are using some fantastic online devices that I’ll describe below. They have saved us time, sped up our process, and helped us kept each other informed and up-to-date.

All of these tools are readily available, and easy to set up. But here’s the amazing part: They are all free. 100% of zero dollars. Beyond what I was already paying for my web site hosting, I haven’t had to spend a dime making our working lives more productive and more efficient.

And now, I wanna tell you how.

Better, stronger, faster, and way cheaper

This is a promising time on the internet. As recently as 6 months ago, many of the wishes I have been expressing for years — for easy, affordable services that would let us get to our files and other stuff from any ‘net connection on earth — remained unanswered.

When the second iPhone came out, and Apple promised wireless syncing via the MobileMe service, I hoped that Mac users finally had an alternative to Microsoft’s expensive and complicated Exchange service, with its "push" email, and collaborative address book and calendars.

Email itself has always had drawbacks. It’s inefficient for quick dialogue, and it doesn’t let you involve a whole bunch of people in a town hall-like forum. But instant messaging, through AIM or iChat or what-have-you, feels invasive and annoying to many people.

Oddly, I think we have given up on easy collaboration and sharing of documents. I used to work for a newspaper, and it amazed me how unwieldy the process of editing an article was: getting a document attached to an email, saving it on a server, printing it out so others could read it, emailing the writer back an attachment… That was seven years ago, and most production environments are still doing things that way.

Well, I hate to be maudlin and melodramatic about this, but I’ve gotten my answer, and it is Google Apps.

With Google Apps, the members of my organization can see each other’s calendars, and schedule each other. The appointments show up immediately on our phones. We can email each other address book cards, or look up client contact information online. We can keep client histories as Google Docs, publish them for the appropriate client’s eyes only, and reference them on our phones when the need arises. We can publish spreadsheets so people can calculate, for example, the cost of setting up a small network in their home or office. And those forms I mentioned earlier? Incredibly easy to create in Google Docs, and when someone submits their reply, it automatically sends their answers to a spreadsheet that holds everyone else’s responses as well!

We can even video chat with each other, in a plain ol’ flippin’ web browser!

Google’s new service is either totally free — that’s the flavor we have chosen — or if you need the beefier version of it, with 24/7 tech support and greater storage per user, it costs an extremely reasonable $50/year. Their cost comparison with Microsoft Exchange is enlightening.

In addition, we are taking advantage of a more new-fangled service called Yammer, which enables the three of us to message each other in a running narrative that we can all see. Yammer is based on the idea of Twitter; both are geared toward short messages, and rely heavily on text messaging for posting and receiving updates. This is, for me, an important substitute for email, which is too cumbersome for quick updates while on the go. Yammer’s cost? You know it: $0.

I almost hesitate to mention the phone-number service I am using, because it’s now no longer accepting new sign-ups. I hope that Google re-opens GrandCentral to the public soon.

The new website itself is powered by WordPress, possibly the most accessible and versatile blogging and web publishing system available today. One can publish a WordPress blog for free, or as in our case, it’s a plug-in included with my $4/month GoDaddy web hosting package that I’ve had since the beginning. It took a few days to massage the design into a form I mostly liked, and I took a few months to sit on it, tweak it, and work out the kinks — and I finally feel like it’s a functional extension of this business.

I cannot overstate my gratitude to the guys at Swirl for helping me put a new face on our business — Carlos Zapata gave us a hip new logo, and Jason Risner’s photography makes us look way better than we deserve.

I have posted more information on these services and the way we use them on the blog, here and here. Again, this whole on-the-go, location-agnostic way of working was not possible two or three years ago, certainly not with the minimal effort and expenditure we have spent.

A little learning, a lot of savings

This last year has taught me so much about how to use these new services to communicate with my team, manage my tasks and priorities, stay in touch with my personal and professional relations, and save money in the process.

I know that so many of our clients are paying more than they need to for email and web site solutions that don’t even give them what they need. And I know that many people feel that they aren’t using the technlogy that they’ve invested in to its full advantage.

Let J2 help you, your business, and your household get more for less. Please call us at 210.787.2709 to schedule a consultation.

 

With gratitude and respect,

Jonathan

Email not receiving

My Inbox in Apple Mail has a triangle icon with an exclamation point in it, and isn’t receiving emails. I’m having to use my “All Mail” folder below. How do I fix this?

I get this question from time to time. It happens for different reasons, often when either your internet or your email service is interrupted — which has afflicted Gmail recently. Usually the easy fix is, in Apple Mail, clicking on Mailbox > Take All Accounts Online. I’m actually a little surprised that “All Mail” worked; kudos on finding that!

The triangle went away all on its own!!

It does that. Now, what would be great is if they made a big freakin’ sign that said, “If you see a freakin’ triangle over here, this is what you should do…”

Sheesh.

What email service should I use?

I have an earthlink.net email address, which comes with webmail and 10MB storage. But I’m thinking about changing my internet service provider? And sometimes I run out of storage at earthlink. I just don’t know if it’s worth it to me to convert to a new email address.

May I suggest Google Apps to host your email? It’s free, has a frigton of storage (7.5GB), and has all the bounteous benefit of the Gmail interface, or you can access it from Apple Mail or your email client of choice. There are few comparable alternatives out right now, and none of those are free.

This is important: You can KEEP your current email addresses. In the case of your earthlink.net address, we just start forwarding it to Gmail — either a general @gmail.com address or to your @yourdomain.com. Your correspondents may never have to know that you changed addresses. And for you@ (or whatevertheheckyouwant@) yourdomain.com, Google simply becomes your email host.

You can pay Earthlink a few bucks month to keep the address, but that’s a sucky long-term idea.

Also, the Gmail interface is importantly fantastic. I sometimes switch over to it just to get certain things like automatic organization accomplished. And lemme tell ya, the spam filtering is outta sight. I don’t see spam anymore. One message a month or less, and I can always look in the spam folder in Apple Mail just to double-check I haven’t missed a real message.

One last thing: There was once the perception that a @yahoo.com (or the like) implies an inconstant personality. I can say definitively that, especially since Gmail, that is no longer the case. The service is recognized net-wide as legitimate and unique. I practically insist on my clients using Gmail, unless they are already on Yahoo. If they have any address other than Yahoo, including using their own domain, 7 out of 10 times we get them over to Gmail quick as we can, and they never look back.

Logos in emails

When I see that someone has a graphic in their email signature, I try
to encourage them to ditch it. It always implies that each of their
email messages has an attachment, and sometimes I search for or sort
by messages with attachments.

It's not what email is best at, and nobody in the world will think
your organization less professional if you don't have your logo in
your signature. And there are ways of formatting your signature so it
will look good.

Finally ported to Google Apps

My j2mac.com email, calendar, and docs are now all managed by Google Apps. I’m pretty impressed. Setup is easy. They even gave specific instructions for GoDaddy’s domain manager. And things like syncing calendar (with Calgoo) and address book (with Apple’s iPhone-Google sync) make business so much easier. I’ve also signed a couple of other folks up on it, too.

So if anyone has been using my j2worldofmac-at-gmail address, please delete it and stick with info-at-j2mac.com. It’s official!

Type alphabetically to search Mail.app messages

By accident, I started typing when I was in the message list, and it
went to the nearest best guess. So if I wanted to find "Rodney" I can
type R O D. Sweet!

Find (and delete) previous email recipients

Not using Apple Mail

This has been a little weird, but I’ve recently had to play with browser-based email because my PowerBook died. Also, the Bigfoot mail server that I’d used since 1996 also tanked, which inspired a migration to Gmail. So while my little aluminum baby was away at Apple (you DO have AppleCare, don’t you?), I actually moved away from Apple Mail, and I’m stunned how easy it was.

One thing I found, however, was that Safari didn’t work so hot with the Gmail interface, so I use the free Camino, which is based on Firefox but made for the Mac.

If you have a yahoo.com address, you might try the Yahoo! Mail Beta in Camino and see how you like it. And check out Plaxo to sync your Yahoo! contacts with Apple’s Address Book. (Plaxo doesn’t sync yet with Gmail. Check my recent article in the San Antonio Current for some of my thoughts on that matter.

Incoming mail has stopped coming in

Wondering why I am no longer receiving mail in Apple Mail.app. I have checked the settings, and every other thing I can think to do. I know the account is active because I can go to webmail and get the email.

So, in the left column, next to the word Inbox, is there a circle icon with a triangle or lightning bolt inside it? If so, click that, and take the account online. Then click Get Mail. Tell me if you get any errors.

I was also having a problem with continually having to put in my password on the other accounts.

It would be worth it to open Keychain Access and see if your keychain is unlocked. One should also periodically run "Keychain First Aid" from the application menu (the one next to the Apple menu that changes its name depending on what app you're in).

Next Page →

•   Follow on Pinterest

• Sign up for our newsletter

  Email Address

  Preferred Format

  • HTML
  • Text
  • Mobile

• Recent Posts

  • The most awesome thing you can do with Dropbox
  • If you wondered whether to buy a new iPad…
  • The Malware Cometh
  • Ditch Quicken and QuickBooks, save time and aspirin
  • Should I backup my computer?
  • Was Jobs right about Dropbox?
  • Guessing at iPad 3 arrival + Re: Idea Sketch
  • New Google privacy policy won’t affect Apps for business, government
  • Web and email hosting
  • How to dispose of old technology

• Archives

  Select Month April 2012  (4) March 2012  (1) February 2012  (1) January 2012  (4) December 2011  (2) November 2011  (2) October 2011  (5) September 2011  (1) August 2011  (1) July 2011  (4) June 2011  (3) May 2011  (1) April 2011  (2) March 2011  (2) February 2011  (2) January 2011  (3) November 2010  (3) October 2010  (1) September 2010  (3) August 2010  (4) July 2010  (10) June 2010  (11) May 2010  (10) April 2010  (10) March 2010  (7) February 2010  (3) January 2010  (8) December 2009  (4) November 2009  (2) October 2009  (22) September 2009  (19) August 2009  (1) June 2009  (5) May 2009  (6) March 2009  (2) February 2009  (6) January 2009  (4) December 2008  (4) November 2008  (4) October 2008  (7) September 2008  (23) August 2008  (3) July 2008  (13) June 2008  (4) May 2008  (5) April 2008  (3) March 2008  (9) February 2008  (4) January 2008  (4) December 2007  (3) November 2007  (11) October 2007  (1) July 2007  (2) June 2007  (2) May 2007  (6) April 2007  (2) March 2007  (5) February 2007  (5) January 2007  (7)

• Categories

  • J2 Business (7)
  • Miscellaneous (5)
  • Tech (243)
    • Mac (45)
  • Uncategorized (54)

• Links

  • Apple Store La Cantera
  • Apple Store North Star Mall
  • J2 on Google Local
  • jjmarcus on Facebook
  • Jonathan Marcus on LinkedIn
  • Mac OS X Hints
  • MacTech Match
  • Onsight