Helping passwords better protect you



Knowing how to stay safe and secure online is important, which is why we created our Good to Know site with advice and tips for safe and savvy Internet use. Starting today, we'll also be posting regularly with privacy and security tips. We hope this information helps you understand the choices and control that you have over your online information. -Ed.

It could be your Gmail, your photos or your documents—whatever you have in your Google Account, we work hard to make sure it’s protected from would-be identity thieves, other bad guys, or any illegitimate attempts to access your information.

But you can also help keep your information safe. Think of how upset you would be if someone else got access to your Google Account without your permission, and then take five minutes to follow the steps below and help make it more secure. Let’s start with the key to unlocking your account—your password:

1. Use a different password for each important service
Make sure you have a different password for every important online account you have. Bad guys will steal your username and password from one site, and then use them to try to log into lots of other sites where you might have an account. Even large, reputable sites sometimes have their password databases stolen. If you use the same password across many different sites, there’s a greater chance it might end up on a list of stolen passwords. And the more accounts you have that use that password, the more data you might lose if that password is stolen.

Giving an account its own, strong password helps protect you and your information in that account. Start today by making sure your Google Account has a unique password.

2. Make your password hard to guess
“password.” “123456.” “My name is Inigo Montoya. You killed my father. Prepare to die!” These examples are terrible passwords because everyone knows them—including potential attackers. Making your passwords longer or more complicated makes them harder to guess for both bad guys and people who know you. We know it’s hard: the average password is shorter than 8 characters, and many just contain letters. In a database of 32 million real passwords that were made public in 2009, analysis showed (PDF) only 54 percent included numbers, and only 3.7 percent had special characters like & or $.

One way to build a strong password is to think of a phrase or sentence that other people wouldn’t know and then use that to build your password. For example, for your email you could think of a personal message like “I want to get better at responding to emails quickly and concisely” and then build your password from numbers, symbols, and the first letters of each word—“iw2gb@r2eq&c”. Don’t use popular phrases or lyrics to build your password—research suggests that people gravitate to the same phrases, and you want your password to be something only you know.

Google doesn’t restrict password length, so go wild!

3. Keep your password somewhere safe
Research shows (PDF) that worrying about remembering too many passwords is the chief reason people reuse certain passwords across multiple services. But don’t worry—if you’ve created so many passwords that it’s hard to remember them, it’s OK to make a list and write them down. Just make sure you keep your list in a safe place, where you won’t lose it and others won’t be able to find it. If you’d prefer to manage your passwords digitally, a trusted password manager might be a good option. Chrome and many web browsers have free password managers built into them, and there are many independent options as well—take a few minutes to read through reviews and see what would be best for your needs.

4. Set a recovery option

Have you ever forgotten your password? Has one of your friends ever been locked out of their account? Setting a recovery option, like an alternate email address or a telephone number, helps give the service provider another way to contact you if you are ever locked out of your account. Having an up-to-date recovery phone or email address is the best thing you can do to make sure you can get back into your account fast if there is ever a problem.

If you haven’t set a recovery option for your Google Account, add one now. If you have, just take a second to make sure it’s up to date.

We have more tips on how to pick a good password on our Help Center, and in the video below:



Your online safety and privacy is important to you, and it’s important to us, too. We’ve made a huge amount of progress to help protect your Google Account from people who want to break into it, but for the time being, creating a unique, strong password is still an important way to protect your online accounts. Please take five minutes today to reset your important passwords using the tips above, and stay tuned for more security tips throughout the summer.

Etecsa officials provide some details and make some promises

Etecsa officials held a press conference in which they made the point that the 118 new Internet access rooms are just the start of improved Internet service.

They promised lower prices, more access rooms, WiFi in access rooms, mobile connectivity, etc., but did not give specifics.

The article did, however, give some specifics about the service which will be offered starting June 4. The connection speed will be "up to" two megabits per second, depending upon the available infrastructure at each location. All Web services will be available -- chat, social networks, email, uploading and downloading of files, etc.

However, VOIP calls will be prohibited in accordance with Resolution 120/2003 of the Telecommunications Company of Cuba. I wonder whether "click to talk" services on Web sites will work. The VOIP restriction protects Etecsa revenue for now, but it may turn out to be difficult to enforce.

The slow connection speed -- up to 2 mbps -- reflects the remark of Jorge Luis Legros, Director of Etecsa Strategic Programs,  when asked about the impact of the undersea cable.  He said that it will improve service but "investments in networks and systems to bring access closer to the end user are needed."

What can Cuba do to attract that investment from China or other nations?

-----

Update 5/31/2013

Related commentary on the opening of the new access rooms from Granma:

La estrategia es continuar ampliando los servicios de Internet a la población
Vague promises of things to come

No será el mercado quien regule el acceso al conocimiento
Interview of Wilfredo González Vidal, viceministro del Ministerio de Comunicaciones

New public access will open June 4

The undersea cable link between Cuba and Jamaica came online in mid May and that connection may now be bearing fruit. Etecsa will open 118 new public access centers on June 4.

It is noteworthy that the access centers are dispersed throughout the island. Only 12 of the 118 are in Havana. That indicates the existence of a domestic backbone.  It would be interesting to get some information on it.

It is also indicative of a Cuban policy of developing areas outside the capital and major cities, which has been followed since the early networking days.  Even then, Cuba was less focused on one or two major cities than other developing nations.

Pricing will be as follows:
  • Domestic browsing and email .60 CUC/hour
  • International email plus domestic navigation 1.50 CUC/hour
  • International browsing and email 4.50 CUC/hour
Patrons will also be allowed to bring flash drives for uploading and downloading files.

This is a step in the right direction, but these rates are very high by international standards and beyond the reach of many Cubans.  Given the capacity of the undersea cable, it is hard to understand the high prices and the large difference between domestic and international connectivity.  Perhaps Etecsa consulted with AT&T, Comcast and Verizon in setting their rates :-).

-----

Update 5/28/2013

Cuban access prices

Here is full price schedule for permanent (rechargeable) and prepaid tourist Internet access.

The graphic design of the page is trendy by Cuban standards -- they must have been watching ads for MicroSoft Windows 8!

-----

Update
5/29/2013

The New York Times had an article on the new centers and prices (nyti.ms/18tZEr8). It makes the usual points about cost, constraints and survailance. Here is an ironic quote:

“It’s a real bargain,” said a user on the state news Web site Cuba Si who gave the name Osvaldo Ulloa. “I mean, I work for a week and then I can get online for hour — fabulous.”

-----
Update 5/29/2013

It is noteworthy that only 12 of the 118 new access centers are in Havana.

Havana  12
Pinar del Rio  5
Artemis  8
Mayabeque  2
Matanzas  18
Cienfuegos  5
Villa Clara  15
Sancti Spiritus  9
Ciego de Avila  4
Camaguey  9
Las Tunas  9
Holguin  4
Granma  7
Santiago de Cuba  7
Guantanamo  3
Isle of Youth  1
Total 118


Cuba-Jamaica link of the undersea cable is operational

Doug Madory of Renesys reports that the Cuba-Jamaica link of the ALBA-1 cable is carrying Cable and Wireless (C&W) traffic.

The first plot shows Transit, a Renesys-defined metric which is a function of several variables and may be interpreted as a surrogate for total capacity.  As you see, the orange area, indicating C&W capacity, starts May 13.

The traceroute data shown in the second plot is generated by 100 machines located around the world, which run traceroutes to approximately 1.5 million targets daily.  The plot shows the number of successful traceroutes, and, eyballing the data, it looks like about 1/8 of the traffic went over the Jamaican link.

Note that both plots show a sharp drop for Telefonica's cable service.  Again, just eyeballing the data, it looks like there may actually be a decrease in total cable utilization versus satellite.

I asked Doug whether he thought that might have been due to a policy decision or just the result of an automated configuration algorithm, but he could not say.

I guess time will tell.  It also remains to be seen whether this change has any impact upon those using the Internet in Cuba or those trying to reach Cuba from the rest of the world.

Protecting Seniors from Identity Theft


Posted by Jenny Backus, Public Policy Team

Every day in this country, someone’s mother, grandfather, or older neighbor is a victim of identity theft. Whether the identity thieves attack through a confusing telemarketing scam, a misleading piece of mail, or over the Internet, seniors and their families are increasingly at risk of long-term financial and emotional damage that can take years to undo.


In order to address this issue, the Federal Trade Commission and a coalition of public and private partners like the National Consumer League’s Fraud.org are working together to protect seniors from identity theft. Google will also be recognizing Older Americans Month this May by offering tips for seniors to help them stay safe and secure online.


The FTC’s report of 2012 consumer complaint data recently showed that complaints about identity theft from older Americans are increasing at a faster rate than for any other age group. In fact, identity theft complaints from those over 70 increased by almost 70% since 2010, while complaints from 60 to 70 year olds increased by 53% in the same period.  

Google’s Good to Know site is designed to help educate consumers of all ages about online threats and tools they can use to protect themselves, including information on how to protect themselves from identity theft.

Here are five tips from our security experts:

  • Don’t reply if you see a suspicious email, instant message or webpage asking for your personal or financial information. Identity thieves can steal your information and then use it to withdraw money from your bank account.
  • Never enter your password if you’ve arrived at a site by following a link in an email or chat that you don’t trust.
  • If you see a message from someone you know that doesn’t seem like them, their account might have been compromised by a cyber criminal who is trying to get money or information from you. Think before responding!
  • Don’t send your password via email, and don’t share your password with others. Legitimate sites won’t ask you to send them your passwords via email, so don’t respond if you get requests for your passwords to online sites.
  • Report any suspicious emails and scams. Many email providers, including Gmail, provide an easy way for you to report fishy emails and scams, and it can help our teams stop similar mail from being sent to you and others.

Seniors around the country can also learn more by attending or viewing by webcast the FTC’s workshop today on protecting seniors from identity theft. With speakers from some of the most trusted consumer groups, local, state and government leaders, and lead experts on fraud prevention, the FTC workshop will focus on forms of ID theft that are particularly significant for seniors, from the risks that seniors face in nursing homes to the identity theft concerns that arise when they file their taxes or seek government assistance, which is increasingly happening online.

Stopping bad actors who target seniors and preventing the rise of identity theft is a shared mission for all of us. Google is committed to making the Internet safer, and protecting our users of all ages.