security

Vietnam is blessed with free wifi at nearly any cafe even if it doesn't always work as advertised, like most things in Vietnam. Vietnam is also blessed with cafes on nearly every block. So finding a wireless access point to get online is pretty easy for anyone traveling or living in Vietnam.

Hackers can see what websites you're visiting and then log into those websites as you

The problem is security. Many times cafe owners will leave their wifi access points completely open without needing a password to get on. This makes it basically trivial for a hacker to sniff the airwaves and see everything on the network. If you are on such a network you should secure your connection with an SSH tunnel or a VPN.

If they do have a password, they may be using older security schemes like WEP or WPA, rather than WPA2. Without WPA2 or more secure systems that require the network owner setting up an authentication server (too much to ask for any cafe owner) it is also possible to break the encryption.

Security setting: WPA2

For now, insist on at least WPA2. If you're setting up wifi at your house and you don't want people to sniff your traffic, use WPA2 with a long random password and be sure to change the SSID from the default network name provided by the manufacturer. (The reason that using a default SSID is less secure is that rainbow tables exist for these, making password cracking potentially easy.)

Using WPA2 means that it's harder for crackers to guess your network's password and then either use your network connection or sniff your traffic. But if you give out your password, anyone with the password can do the same. With WPA2 it's harder for other people to sniff your traffic, but there are ways (ARP poisoning) around it. You should thus still create an encrypted connection (for normal people I would recommend using a VPN) to an outside server and tunnel your traffic over that connection.

Besides sniffing your traffic, a hacker who steals your cookies can then login to websites which you're currently logged in by pretending to be your computer. So they could post on Facebook as you, send emails as you from Gmail, or worse.

MAC Address Filtering

What else can you do on your home wifi network? Since you usually know what computers you want to allow to access the wifi router, you can set it so only known computers are allowed on the network by using MAC address filtering. The MAC address the hardware address built into your wireless card or in the wireless hardware of a laptop and it's very difficult to lie about what your MAC address is so this will help keep the riff raff out.

Advanced users can install DD-WRT or OpenWRT firmwares onto their wireless access point, thus enabling tons of extra features and the ability for finer grained security controls.

I have turned the Correct Horse Battery Staple post's Foreign Language Random Password/Passphrase Generator into a Google Chrome extension.

Here is what it looks like:

And in the Chrome web store:

Chrome App Store screenshot of Multi-Lingual Password Generator

Go install it and easily generate a secure and memorable passphrase anytime you need it!

Inspired by XKCD, this is a password generator for those of you who know English and Vietnamese or another language. Once a random set of words in your languages has been generated, images for those words will be shown to help you visually remember your new password. If the random password seems too hard to remember, you can always spin the wheel a second time!

Each time you click, 4 random words from the selected languages will be loaded. I chose the number 4 so as to not overload Google Image search, so you may want to run it twice to get 5 or more words for added security. I find that the images help to visually remember the password.

If you still want a password like "!Agt:m%p>" then it's also an option below.

Choose Languages

English

Vietnamese

Japanese

German

French

Your Random Password

Click that button up there!

Or use this harder to remember but shorter string of 9 characters

The other day there was an XKCD strip about password security. The idea is that we've been trained over the years to use passwords like 'Tr0ub4dor&3' because they mix upper and lower case, use numbers, and special characters. But a password like that is based on a common English word using a common substitution pattern (l33tsp34k) of letters for numbers and is much easier for a hacker to guess than four random words like 'correct horse battery staple', which is longer but much easier to remember.

A good password should be random. Humans aren't random and 'Tr0ub4dor' looks random enough but it isn't. Even translating the word into a foreign language is by itself weak. Generally, if you come up with the password yourself then it's not anything close to random.

Plenty of software exists to come up with passwords made up of random characters. The problem is that these passwords weren't meant to be memorized. Writing your password down somewhere sort of defeats the purpose.

So four random English words makes a pretty good password, but is still hard to remember if they are obscure and unfamiliar words. Out of the over one hundred thousand words in an English dictionary a few thousand are commonly used.

So a few thousand English words are generally useful. But those of us who are bilingual can basically double the size of the vocabulary used! This foreign language random password generator seeks to take advantage of that numerical weapon, and with a large number of possible languages (and even more language combinations), even if a hacker got an encrypted password file it would be as hard to crack as a random 9-character totally impossible to remember string.

You can increase the security of your password further by using a "salt" random string (non-dictionary word) that you remember and always use with your passwords, and by adding punctuation in one of the words.

UPDATE: There is now a Chrome extension that makes creating passwords on the fly really fast and easy! Check out the Correct Horse Battery Staple Google Chrome Extension

Syndicate content
© 2010-2014 Saigonist.