Tap a misspelled word to see suggestions from the built-in dictionary. Tap a suggestion to swap it in.

Android allows you to create icons on your home screen for contacts. To add one, press and hold an empty space on your screen. When the menu pops up select Shortcuts>Contact. You can then scroll thruogh your list of contacts and tap the person you want to add.

If you want to change your typing to capital letters all the time, rather than just for the next letter, then double-tap on the Shift key on the iPhone's keyboard. It will now turn blue, indicating caps lock is on. Just tap it again to turn it off.
 
 
 

Why the password "this is fun" is 10x's more secure than "J4fS!2"

Everyone tells you that you should use complex and difficult passwords. This is not necessarily good advice, because you can make usuable, easy to remember, and highly secure passwords. In fact, usable passwords are often far better than complex ones.

So let's dive into the world of passwords, and look at what makes a password secure in practical terms.

How to hack a password

 

 

 

The work involved in hacking passwords is very simple. There are 5 proven ways to do so:

  1. Asking. Amazingly the most common way to gain access to someone's password is to simply ask for it (often in relation with something else). People often tell their passwords to colleagues, friends and family. Having a complex password policy isn't going to change this.
  2. Guessing. This is the second most common method to access a person's account. It turms out that most people choose a password that is easy to remember, and the easiest ones are those that are related to you as a person. Passwords like: your last name, your wife's name, the name of your cat, the date of birth, your favorite flower, etc. are all pretty common. This problem can only be solved by choosing a password with no relation to you as a person.
  3. Brute force attack. Very simple to do. A hacker simply attempts to sign-in using different passwords one at a time. If your password is "sun", he will attempt to sign -in using "aa, aab, aac, aad...sul, sum, sun (MATCH)." The only thing that stops a brute force attach is higher complexity and longer passwords.
  4. Common word attacks. A simple form of brute-force attacks, where the hacker attempts to sign-in using a list of common words. Instead of trying different combination of letters, the hacker tries different words e.g. "sum, summer, summit, sump, sun (MATCH)."
  5. Dictionary attacks. Same concept as common word attacks - the only difference is that the hacker now uses the full dictionary of words (there are about 500,000 words in the English dictionary).
  

When is a password secure?

  

You cannot protect against "asking" and "guessing", but you can protect yourself from the other forms of attacks. A hacker will usually create an automated script or a program that does the work for him. He isn't going to sit around manually trying 500,000 different words to see if one of them is your password.

The measure of security must then be "how many password requests can the automated program make - e.g. "per second." The actual number varies, but most web applications would not be capable of handling more than 100 sign-in requests per second.

This means it takes the following time to hack a simple password like "sun." Note: "sun" has 17,576 possible character combinations.

  1. Brute-force - 3 minutes
  2. Common Word - 3 minutes
  3. Dictionary - 1 hour, 20 minutes
  
 
 

This is, of course, a highly insecure password, but how much time is enough for a password to be secure?

  • a password that can be hacked in 1 minute is far too risky;
  • 10 minutes - still far too risky;
  • 1 hour - still not good enough;
  • 1 day - now we are getting somewhere. The probablity that a person will have a program running just to hack your account for an entire day is very small. Still, it is plausible;
  • 1 month - this is something that only a dedicated attacker would do;
  • 1 year - now we are moving from practical risk to theoretical risk. if you are NASA or CIA then it is unacceptable. For the rest of us, well - you di not have that kind of enemies, nor is your company data that interesting;
  • 10 years - Now we are talking purely theoretical.
A lifetime - 100 years - this is really the limit for most people. Who care about their password being hacked after they have died? Still it is nice to know that you use a password that is "secure for life."

Usable and Secure Passwords

A usable and secure password doesn't have to be a complex one. It should be one that you can remember - a simple password using 3+ words.

One thing is to choose a secure and usable password. Another thing is to prevent the hacker from hacking your password in the first place. This is a very simple thing to do.

All you need to do is to prevent automatic hacking scripts from working effectively. What you need to do is this:

Add a time-delay between sign-in attempts. Instead of alllowing people to sign-in again and again and again, add a 5-second delay between each attempt.

Add a penalty period if a person has typed a wrong password more than say 5 times in something like 1 hour. Again, this seriously disrupts the hacking script from working effectively.

A hacker can hack the password "alpine fun" in only 2 months if he is able to attack your server 100 times per second. But, with the penalty period and the 5 second delay, the same password can suddenly sustain an attack for 1,889 years.

Remember, passwords can be made both highly secure and user-friendly.

 

NorTex Partners with Local Hospital

See article from Inside Healthcare Magazine, August, 2011.

To view, visit http://www.nortexweb.com//newsletter/article/IHCarticle.pdf.

NorTex Technology Services, LLC
1020 Ft. Worth Highway, Suite 300
Weatherford, Texas 76086
817.599.5494 Phone
877.859.4246 Toll Free
817.599.7929 Fax
Email: support@ntxts.com
Website: www.nortexweb.com

AUGUST 2011 Edition