25. Strong Passwords Can Work Against You

Learn how even strong passwords can work against you
UPDATE to last week's Headlines:
US Gov formally accuses Russia for SolarWinds/Orion attack.  Biden issues state of Emergency, giving him the power to issue executive order: emphasizing an exploitation on US and Russian elections, kicks-out Russian diplomats in DC, prohibits US financial entities from trading in Rubles, issues sanctions against Russian networking infrastructure.

This Week's Security Tip:
There are two mistakes we see with usernames and passwords, even if they are GOOD strong ones. The first is using the SAME password across multiple sites. The second is using the same e-mail usernames and prefixes across multiple free e-mail services. For example:
When you use the same password and the same username across multiple sites, you make it easy for a cybercriminal to compromise multiple accounts of yours. With the first part easy to figure out, they can get access to other online services and data or even spoof your e-mail addresses to others. Variety is the spice of life, so make sure you’re using UNIQUE, strong passwords along with unique usernames on free e-mail accounts. 

Today's Headlines:
  • 2 Google Chrome zero-day exploit dropped on twitter last week, both remote code executables, affects Chrome, Edge, and other Chromium-based borwsers
  • Google announced plans to roll out a new privacy-focused feature called Federated Learning of Cohorts (FLoC), Vivaldi, Brave, DuckDuckGo, and now WordPress reject it.  - Thousands of browsers with identical browsing history (belonging to the same "cohort") stored locally will have a shared "cohort" identifier assigned, which will be shared with a site when requested.  - "At Vivaldi, we stand up for the privacy rights of our users. We do not approve tracking and profiling, in any disguise. We certainly would not allow our products to build up local tracking profiles," says Jon von Tetzchner, Vivaldi CEO and co-founder. 
  • Signal CEO and founder Moxie Marlinspike slams Cellebrite (company that police and gvmt uses to unlock Android and iOS phones ) after they say they can now access Signal data.
Next Week's Teaser:
Here is what you should do with your data on your laptop..

Call to Action:
We talk a lot about stupid (nothing bad ever happens to me; head in the sand; too busy; I’ll do it later). So what’s smart? Taking this seriously TODAY. Book a 10-minute Discovery Call right now. I’ll ask some key questions and give you a quick score. If you’re doing everything right, you can sleep better at night. If there’s room for improvement, we’ll discuss options. NO PRESSURE, NO STRINGS. JUST BOOK THE CALL!