Extra Steps for Remote Access Safety
As with everything these days, the motto, Safety First, should cover all of your everyday activities. In particular, this article focuses on cyber security and accessing your computer remotely, with particular attention to passwords.
Do you access your computer in another location using some form of remote access software, such as VNC, AnyDesk, or TeamViewer? I use AnyDesk to access my home computer from wherever I may be, as well as headless Linux servers in my home. Obviously, remote access is a major convenience if you are at work, on the road, at someone else’s house, or in the library. All you need is the access software and a good Internet connection. I like AnyDesk because it has client/server software for Windows and Linux, as well as both Android and iOS apps (all are free for non-commercial use).
So, the link between you and the remote machine are encrypted so that you are less vulnerable for someone listening in and capturing your remote session. So that should be enough, right? Not really. I find that you need to take some of the usual steps to insure as high a level of security as possible. While I was thinking about this article today while cleaning in the garage, I realized there are some additional safeguards required. So let’s go through them!
Strong Passwords in the Client and Server Software
I think this is fairly obvious and constantly ignored. The thing I find most absurd about it being ignored is that it make your password too difficult to remember! So much easier to remember something like “password”, “12345678”, “stupid”, or (the worst) not setting a password. There is a very simple set of rules that I follow for making up passwords:
- 10 characters long: I find being consistent with the length makes it easier to recall. Longer the better.
- Mixed-case: Upper and lower case letters. Follow a plan such as every other character (example: RoYgBiV).
- Numbers, too: Not some memorable number associated with you or your family (birthdates, etc.) Like the square root of 3 – 1732 – which also happens to be the birth year of George Washington.
- Punctuation: Most packages and websites will now accept some punctuation in passwords. Rule I use is to stick to the exclamation point and question mark.
- Randomness: No string of characters like “asdfghjkl;”. Mnemonics are your friend, however! Something that is memorable to you. Yes, I used ROYGBIV above, as I could have used TVMDC and many other memory devices. Make up your own!
Here is a sample (no, I do not use this as a password and neither should you):
- Take a phrase: Graduated from Bishop Denis J. O’Connell High School in 1969!
- Take the highlighted bold letters and characters GfBDJ.O’CHSi1969! and you have a password!
Now that may seem a bit extreme, but even using common words will work in random order will work! Something like “!BarneyIsStinky!”. Nonsensical phrases that mean something to you with length and, most importantly, added punctuation, are for the most part strong.
I must give a caveat to this discussion of passwords. The problem with passwords is a two-sided coin. Yes, you as the user, are responsible for making your password difficult. The flip-side of the coin is the software or website creator. Best practice for storing password and other sensitive information is to use the strongest form of encryption possible, both in data transmission and in data storage. Data transmission is taken care of by what I use on my web sites, SSL or Secure Socket Layer. From your browser to the web server and back is encrypted. You can tell SSL is in use if the URL starts with https:// and your web browser says that the certificate is good and completely in use.
But even if the data connection is secure, the way your sensitive information is stored for verification and future use is even more important. You read in the news constantly about how a web site is hacked and millions of accounts have been compromised. If the data is strongly encrypted, it makes it more difficult the data to be decoded by the hackers. Google “company hacked passwords stored in plain text” if you don’t believe me. For this reason, most major web sites are adding to their access strategy methods like Two Step Authentication (perhaps I will cover that in a later post).
Strong Password on All of Your Computers
Sound like a mantra? You bet it is! If you are using Windows 10, your IDs on the computer should be a Windows Live Email Address, not a local account. I hear the groans already. Why do I suggest this? Because you have an easy way to recover it if you forget your password. Most people create local accounts because they do not require a password. I now hear you saying those infamous words “but I am the only one who uses it!“. True as long as that machine is in your possession. Your house is burglarized. Your computer is stolen. Having no password gives the thief the opportunity to take whatever personal information is on it. You leave your laptop in your car, at Starbucks, anywhere. Wonderful world we live in, right? Any questions? I think not.
The nicest part of getting a Windows Live account is that you do not have to get another email account. Use any valid email address, set the password, and you are ready to go. It also gives you easy access to any Microsoft services you use, such as Office 365, OneNote, and OneDrive.
If you are using Linux, insure that your password is strong. If you are using a desktop windows environment, make sure you do not have auto login set. If you are using Mac, sorry I do not own any Apple products, but again, it is just a matter of a strong password and no automatic login.
Screen Lock When Not In Use
The same reasoning from above applies here. If your machine is on and you are away from it, lock the screen with a screensaver. If you are using Windows, you can simply press the Windows key and “L” at the same time to lock it.
This is particularly important if you are accessing your machine away from home. If you are not sitting at the keyboard, your computer is vulnerable to physical attack (theft, unauthorized use). Isn’t it much simpler and safer to lock the screen or logoff? Most remote access software will remain running as long as your machine is powered on, even if a user is not logged into the system.
Whether it is buckling your seat belt, putting your cell phone down, or not pouring gasoline on a grill to start it, safety is the lack of carelessness. With all of the recent events of cyber security issues, a hard to guess password is much better than having your valuable personal and business data stolen or compromised.