Archive for November 1st, 2011

Facebook – How to harden your account settings

The Avira Security blog shares basic tips on how to strengthen account setting controls in Facebook to improve safety

Facebook – How to harden your account settings
http://techblog.avira.com/2011/11/01/improve-your-security-6-harden-your-facebook-account/en/

QUOTE: In order to configure the access to your Facebook account setting controls, you must go to Home >>> Account Settings >>> Security Tab 

You can select in this window a couple of options. Read below what each of them means.

* Secure Browsing – if activated, no matter where you are, as soon as you login in your account you will use Facebook over an encrypted connection. It is highly recommended to always activate this option.

* Login Notifications – can notify you when your account is accessed from a computer or mobile device that you haven’t used before. There are two notification methods available : Email  and Text message. It is highly recommended to use at least Email.

* Login Approvals – requires to enter a security code each time an unrecognized computer or device tries to access your account. Recommended to be activated. This requires to have a mobile phone to be set up in the account.

* App Passwords – if the Login Approvals is activated, some Apps might not be able to function because they are not ready to work with codes. Instead, you could generate a password for these Apps which is different than your Facebook password. This allows a more granular control over your security. Highly recommended if you use third party Apps.

* Recognized Devices – Facebook will store a cookie on your device as soon as you login. If that cookie is no longer found, Facebook will consider the device you are using a new one and will ask for authentication. If you use many computers, enabling this option is highly recommended.

* Active Sessions – this options allows you to remotely control the sessions which are using your account. This means nothing else than removing from the server side the cookie which was created on login. If you think that your account was misused, the first thing to do is to end all active sessions and change your password.

Windows Live – Confirm your account scam circulating

Microsoft is warning users to avoid responding to this threat which is actively circulating in spammed email.  Account/password information is usually never shared by email.

Beware of “confirm your account” scams
http://blogs.msdn.com/b/securitytipstalk/archive/2011/11/01/beware-of-confirm-your-account-scams.aspx

QUOTE: Last week a member of our team shared a phishing scam that she’d received in her personal email account. The bogus email claims to come from Microsoft and asks the recipient to respond to the email with their user name and password to avoid permanent cancellation of their account. This is a scam. Microsoft never asks for user names and passwords in an email.

Microsoft Computing Safety Index (MSCI)

Microsoft has released the new MSCI rating concept for measuring user safety
 
Microsoft Computing Safety Index (MSCI)
http://www.microsoft.com/security/resources/mcsi.aspx
MSCI – Users can assess their own MSCI safety
https://survey2.securestudies.com/wix/p122560761.aspx
QUOTE:  Microsoft encourages you to take an abbreviated version of the MCSI survey to help safeguard your digital lifestyle. We will release updates to the Index annually, in conjunction with National Cyber Security Awareness Month in the United States. The MCSI tallies points for basic and advanced computer security behaviors such as:
  • Using a newer operating system
  • Updating antivirus and antispyware software regularly
  • Using automatic updates
  • Keeping a firewall turned on
  • Connecting to secure wireless networks
  • Limiting information-sharing
  • Creating strong passwords
Read the results
Online safety resources