Award Recognizes the 100 “Most Promising” Asian Companies Driving the Future of Technology

Silicon Valley, CA, Dec 9th, 2008— Red Herring today announced that iYogi is a winner of the Red Herring 100 Award, a selection of the 100 most innovative private technology companies based in Asia.

IYogi delivers technical support services directly to consumers and small businesses and is the first, global, technical support brand based out of India with more than 50,000 customers. The company offers consumers an unlimited, annual subscription service for $119.99 per desktop that includes support for a wide range of technologies, including PC hardware, Microsoft Products Support, Windows Operating systems, Computer Support, Software applications, MP3 players, Networking devices, Digital camera, Printers and scanners etc.

The Red Herring editorial board diligently surveyed the entrepreneurial scene throughout Asia and identified the top 100 out of more than 1,000 closely evaluated companies that are leading the next wave of innovation.

“Our winners and Finalists demonstrate that Asia is increasingly becoming a leader in innovation, contrary to common stereotypes", said Joel Dreyfuss, editor-in-chief of Red Herring. " It was tough to choose just the top 100 finalists from such a large list of excellent contenders, and we are very happy with the quality of the companies we selected as finalists."

“We believe consumers and small business owners should have low-cost access to the highest quality support available on the planet", said Uday Challu, CEO of iYogi. “We are thrilled that our innovative approach to solving everyday technology problems for consumers and our managed services for small businesses has been recognized by Red Herring’s keen-eyed leadership. We are continuously innovating in adding new services that includes PC recovery, anti-virus, anti-spyware, data back-up and PC optimization in providing the best tech support experience for our customers”, adds Uday.

The 100 winning companies have been announced at the Red Herring Asia event in Hong Kong. The CEOs of the winning start ups presented their innovative ideas and technologies to an audience of leading entrepreneurs, financiers, and corporate strategists at the event at the Hong Kong, JW Marriott Hotel earlier this week.

About iYogi

iYogi is the first direct-to-consumer and small business technical support service from India. Providing an annual unlimited subscription to technical support, iYogi now boasts of more than 50,000 customers. The company employs 600 professionals servicing customers in the US, UK, Canada, Australia and fast expanding to 12 new geographies across the globe. iYogi’s resolution rate of 87 percent and customer satisfaction rate of 93 percent are amongst the highest published benchmarks in the industry. For further information, please visit www.iyogi.net.

iYogi Contact

Vishal Dhar
President Marketing, iYogi Inc.
Phone: 212 229 0901
Email: vishal@iyogi.net

iYogi Computer Repair, PC Repair Support Video

How many passwords and user names do you have to keep track of?

Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted user name/password list. With Password Safe all you have to do is create and remember a single "Master Password" of your choice in order to unlock and access your entire user name/password list.
Security starts with you, the user. Keeping written lists of passwords on scraps of paper, or in a text document on your desktop is unsafe and is easily viewed by prying eyes (both cyber-based and human). Using the same password over and over again across a wide spectrum of systems and web sites creates the nightmare scenario where once someone has figured out one password, they have figured out all your passwords and now have access to every part of your life (system, e-mail support, retail, financial, work).
Password Safe allows you to manage your old passwords and to easily and quickly generate, store, organize, retrieve, and use complex new passwords, using password policies that you control. Once stored, your user names and passwords are just a few clicks away.
Using Password Safe you can organize your passwords using your own customizable references—for example, by user ID, category, web site, or location. You can choose to store all your passwords in a single encrypted master password list (an encrypted password database), or use multiple databases to further organize your passwords (work and home, for example). And with its intuitive interface you will be up and running in minutes.

Design of the protected software

Every Body wants to secure out Computer and protect Software. We can protect our password to unauthorized user here we give some technique for Computer help which is used to apply password for security. Common techniques used to improve the security of software systems protected by a password include:
• not echoing the password on the display screen as it is being entered or obscuring it as it is typed by using asterisks or circular blobs
• allowing passwords of adequate length (some legacy operating systems, including early versions of Unix and Windows, limited passwords to 8 characters
• requiring users to re-enter their password after a period of inactivity (a semi log off policy)
• enforcing a password policy to increase password strength
• requiring periodic password changes
• assigning randomly chosen passwords
• providing an alternative to keyboard entry (eg, spoken passwords)
• using encrypted tunnels or password-authenticated key agreement to prevent access to transmitted passwords via network attacks
Some of the more stringent policy enforcement measures can pose a risk of alienating users, possibly decreasing security as a result.

5 tips for top-notch password security

Whether it's a few PCs or hundreds on your network, there's one thing that can separate your system from being compromised: a great password.

Why? Hackers want access to anything and everything. If they can guess your user name and password, you might as well have given them your wallet and the keys to your building.

Before we talk about what makes a good password, let's begin with the first of five things to know and practice in using

Passwords.

1. Don't be complacent: Attacks can and do happen.

Hackers are a devious bunch and will stop at nothing to get into your network and files. They use three different methods to get to you: brute force, dictionary attacks and social engineering.

Brute force is the most time-consuming method. Basically, it involves a program that tries every combination of letters, numbers and keyboard characters to guess your password. It starts with trying every character, and then tries two-character combinations and so on.

I want to share about Outlook Support and Email Support with password Security.

Choosing an appropriate password policy

The level of password strength required depends, in part, on how easy it is for an attacker to submit multiple guesses. Some systems limit the number of times a user can enter an incorrect password before some delay is imposed or the account is frozen. At the other extreme, some systems make available a specially hashed version of the password so anyone can check its validity. When this is done, an attacker can try passwords very rapidly and much stronger passwords are necessary for reasonable security. (See password cracking and password length equation.) Stricter requirements are also appropriate for accounts with higher privileges, such as root or system administrator accounts.

Usability considerations

Password policies are usually a tradeoff between theoretical security and the practicalities of human behavior. For example:

• Requiring excessively complex passwords and forcing them to be changed frequently can cause users to write passwords down in places that are easy for an intruder to find, such as a Rolodex or post-it note near the computer.

• Users often have dozens of passwords to manage. It may be more realistic to recommend a single password be used for all low security applications, such as reading on-line newspapers and accessing entertainment web sites.

• Similarly, demanding that users never write down their passwords may be unrealistic and lead users to choose weak ones. An alternative is to suggest keeping written passwords in a secure place, such as a safe or an encrypted master file. The validity of this approach depends on what the most likely threat is deemed to be. While writing down a password may be problematic if potential attackers have access to the secure store, if the threat is primarily remote attackers who do not have access to the store, it can be a very secure method.

• Inclusion of special characters can be a problem if a user has to logon a computer in a different country. Some special characters may be difficult or impossible to find on keyboards designed for another language.

• Some identity management systems allow Self Service Password Reset, where users can bypass password security by supplying an answer to one or more security questions such as "where were you born?," "what's you favorite movie?," etc. Often the answers to these questions can easily be obtained by social engineering, phishing or simple research.

Other approaches are available that are generally considered to be more secure than simple passwords. These include use of a security token or one-time password system, such as S/Key.

I want to share some thing about Online e-mail Support, email error support, Outlook Support and Computer Help

Methods of verifying a password over a network

A variety of methods have been used to verify passwords in a network setting:

Simple transmission of the password

Passwords can be vulnerable to interception (i.e., "snooping") while being transmitted to the authenticating machine or person. If the password is carried as electrical signals on unsecured physical wiring between the user access point and the central system controlling the password database, it is subject to snooping by wiretapping methods. If it is carried as packetitzed data over the Internet, anyone able to watch the packets containing the logon information can snoop with a very low probability of detection.

An example of cleartext transmission of passwords is the original Wikipedia website. When you logged into your Wikipedia account, your username and password are sent from your computer's browser through the Internet as cleartext. Anyone could read them in transit and thereafter log into your account. More recently, Wikipedia has offered a secure login option, which, like many e-commerce sites, uses the SSL (TLS) cryptographic protocol to eliminate the cleartext transmission. But, because anyone can gain access to Wikipedia (without logging in at all), and then edit most articles, it can be argued that there is little need to encrypt these transmissions. Other websites (eg, banks and financial institutions) have quite different security requirements, and cleartext transmission of anything is clearly insecure in those contexts.

Another example of transmission vulnerability is email. Emailed passwords may be read by anyone with access to the transmission medium. Using client-side encryption will only protect transmission from the POP server to the client. Previous or subsequent relays of the email will not be protected and the email will be stored on multiple computers in cleartext.

Transmission through encrypted channels

The risk of interception of passwords sent over the Internet can be reduced by, among other approaches, using the Transport Layer Security (TLS, previously called SSL) feature built into many Internet browsers. Most browsers display a closed lock icon when TLS is in use. See cryptography for other ways in which the passing of information can be made more secure.

Hash-based challenge-response methods

Unfortunately, there is a conflict between stored hashed-passwords and hash-based challenge-response authentication; the latter requires a client to prove to a server that he knows what the shared secret (i.e., password) is, and to do this, the server must be able to obtain the shared secret from its stored form. On Unix-type systems doing remote authentication, the shared secret usually becomes the hashed form and has the serious limitation of exposing passwords to offline guessing attacks.

Zero-knowledge password proofs

Rather than transmitting the password, password-authenticated key agreement systems can perform a zero-knowledge password proof, which proves knowledge of the password without exposing it.

Moving a step further, augmented systems for password-authenticated key agreement (e.g. AMP, B-SPEKE, PAK-Z, SRP-6) avoid both the conflict and limitation of hash-based methods; An augmented system allows a client to prove knowledge of the password to a server, where the server knows only a (not exactly) hashed password, and where the unhashed password is required to gain access.

I want to share some thing about Online e-mail Support, email error support, Outlook Support and Computer Help

Number of users per password

Sometimes a single password controls access to a device, for example, for a network router, or password-protected mobile phone. However, in the case of a computer system, a password is usually stored for each user name, thus making all access traceable (save, of course, in the case of users sharing passwords). A would-be user must give a name as well as a password. If the user supplies a password matching the one stored for the supplied user name, he or she is permitted further access into the computer system. This is also the case for a cash machine, except that the user name is the account number stored on the bank customer's card, and the PIN is usually quite short (4 to 6 digits).

Allotting separate passwords to each user of a system is preferable to having a single password shared by legitimate users of the system, certainly from a security viewpoint. This is partly because users are more willing to tell another person (who may not be authorized) a shared password than one exclusively for their use. Single passwords are also much less convenient to change because many people need to be told at the same time, and they make removal of a particular user's access more difficult. Per-user passwords are also essential if users are to be held accountable for their activities, such as making financial transactions or viewing medical records. You can go to take Computer Help and Technical Support.

Password Policy

A Password Policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly. A password policy is often part of an organization's official regulations and may be taught as part of security awareness training. The password policy may either be advisory or mandated by technical means.

Password length and formation

Some policies suggest or impose requirements on what type of password a user can choose, such as:

• the use of both upper- and lower-case letters (case sensitivity)
• inclusion of one or more numerical digits
• inclusion of special characters
• prohibition of words found in a dictionary or the user's personal information
• prohibition of passwords that match the format of calendar dates, license plate numbers, or other common numbers

As of October 2005, employees of the UK Government are advised to use passwords of the following form: consonant, vowel, consonant, consonant, vowel, consonant, number, number (for example pinray45). This form is called an Environ password and is case-insensitive. Unfortunately, since the form of this 8-character password is known to potential attackers, the number of possibilities that need to be tested is actually fewer than a 6-character password of no form (486,202,500 vs 2,176,782,336).

Other systems create the password for the users or let the user select one of a limited number of displayed choices.

Password Cracking

Hi, I am continuing with password cracking topic. I am already discussing importance of password and what is the role of password and how it helps to protect our PC. I want to share my experience with password and Computer Help and Technical Support.

Password Cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. The purpose of password cracking might be to help a user recover a forgotten password (though installing an entirely new password is less of a security risk, but involves system administration privileges), to gain unauthorized access to a system, or as a preventive measure by system administrators to check for easily crack able passwords.

Passwords to access computer systems are usually stored, typically not in cleartext form, in a database so the system can perform password verification when users attempt to login. To preserve confidentiality of system passwords, the password verification data is typically generated by applying a one-way function to the password, possibly in combination with other data. For simplicity in this discussion, when the one-way function (which may be either an encryption function or cryptographic hash) does not incorporate a secret key, other than the password, we will refer to the one way function employed as a hash and its output as a hashed password.

Even though functions that create hashed passwords may be cryptographically secure, possession of a hashed password provides a quick way to test guesses for the password by applying the function to each guess, and comparing the result to the verification data. The most commonly used hash functions can be computed rapidly and the attacker can test guesses repeatedly with different guesses until one succeeds, meaning the plaintext password has been recovered.

The term password cracking is typically limited to recovery of one or more plaintext passwords from hashed passwords, but there are also many other ways of obtaining passwords illicitly; without the hashed version of a password, the attacker can still attempt access to the computer system in question with guessed passwords. However well designed systems limit the number of failed access attempts and can alert administrators to trace the source of the attack if that quota is exceeded. With the hashed password, the attacker can work undetected, and if the attacker has obtained several hashed passwords, the chances for cracking at least one is quite high.

Otherwise it is possible to try to obtain the passwords through other different methods, such as social engineering, wiretapping, keystroke logging, login spoofing, dumpster diving, phishing, shoulder surfing, timing attack, acoustic cryptanalysis, using a Trojan Horse or virus, identity management system attacks (such as abuse of Self-service password reset) and compromising host security (see password for details). However, cracking usually designates a guessing attack.

Cracking may be combined with other techniques. For example, use of a hash-based challenge-response authentication method for password verification may provide a hashed password to an eavesdropper, who can then crack the password. A number of stronger cryptographic protocols exist that do not expose hashed-passwords during verification over a network, either by protecting them in transmission using a high-grade key, or by using a zero-knowledge password proof.

Password Recovery Tools

NirSoft Web site provides free password recovery tools for variety of programs, including Internet Explorer, Outlook Express, Microsoft Outlook, Dialup entries of Windows, Yahoo Messenger, MSN Messenger, and more...

The following table describes the most popular password recovery utilities in this Web site:

MessenPass	Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.
Mail PassView	Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free. Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts.
IE PassView	IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 - v6.0
Protected Storage PassView	Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more...
Dialupass	Password recovery tool that reveals all passwords stored in dial-up entries. (Internet and VPN connections) As opposed to many other tools, this tool works in all versions of Windows, including Windows 2000 and Windows XP.
Asterisk Logger	Recovers passwords stored behind asterisks (****) characters. You can use this tool to recover the passwords of many applications, like CuteFTP, CoffeeCup Free FTP, VNC, and more...
AsterWin IE	Reveals the passwords stored behind the asterisks in the web pages of Internet Explorer 5.0 and above. You can use it for recovering a lost web site password, if it's stored on your computer. Visual Basic source code is included.
Network Password Recovery	Recover network passwords stored by Windows XP operating system.
SniffPass Password Sniffer	capture the passwords that pass through your network adapter, and display them on the screen instantly. You can use this utility to recover lost Web/FTP/Email passwords.
PstPassword	Recovers lost password of Outlook PST file.
WirelessKeyView	WirelessKeyView recovers all wireless network keys (WEP/WPA) stored in your computer by the 'Wireless Zero Configuration' service of Windows XP and by the 'WLAN AutoConfig' service of Windows Vista. It allows you to easily save all keys to text/html/xml file, or copy a single key to the clipboard.
Remote Desktop PassView	Remote Desktop PassView is a small utility that reveals the password stored by Microsoft Remote Desktop Connection utility inside the .rdp files.
PocketAsterisk RemotePocketAsterisk	Reveals the password stored behind the asterisks in Pocket PC device.

The use of passwords goes back to ancient times. Sentries guarding a location would challenge for a password. They would only allow a person in if they knew the password. In modern times, passwords are used to control access to protected computer operating systems, mobile phones, cable TV decoders, automated teller machines (ATMs), etc. A typical computer user may require passwords for many purposes: logging in to computer accounts, retrieving e-mail from servers, accessing files, databases, networks, web sites, and even reading the morning newspaper online. I want to share my experience with Computer Help how to.

Random password generator

A random password generator is software program or hardware device that takes input from a random or pseudo-random number generator and automatically generates a password. Random passwords can be generated manually, using simple sources of randomness such as dice or coins, or they can be generated using a computer.

While there are many examples of "random" password generator programs available on the Internet, generating randomness can be tricky and many programs do not generate random characters in a way that ensures strong security. A common recommendation is to use open source security tools where possible, since they allow independent checks on the quality of the methods used. Note that simply generating a password at random does not ensure the password is a strong password, because it is possible, although highly unlikely, to generate an easily guessed or cracked password.

A password generator can be part of a password manager. When a password policy enforces complex rules, it can be easier to use a password generator based on that set of rules than to manually create passwords.

I want to share here with you is my experience of sharing the Microsoft Outlook ,

Password Security , Technical Support and providing computer support assistance.

What is Password synchronization

Password synchronization is defined as any process or technology that helps users to maintain a single password that is subject to a single security policy and changes on a single schedule across multiple systems.

Password synchronization is an effective mechanism for addressing password management problems on an enterprise network:

• Users with synchronized passwords tend to remember their passwords.
• Simpler password management means that users make significantly fewer password-related calls to the help desk.
• Users with just one or two passwords are much less likely to write down their passwords.

Password synchronization considered as easier to implement than enterprise single sign-on (SSO), as there is no client software deployment, and user enrollment can be automated.

Some (in particular those who sell single signon systems) claim that password synchronization is less secure than single signon, since compromise of one password means compromise of all. The counter-argument is that, with single signon, compromise of the primary password (from which an encryption key is derived and used to protect all other, stored passwords) also compromises all, so the security of password synchronization and single signon is similar -- i.e., both systems depend strongly on the security of a single password, and that password must be well defended, regardless of such academic arguments.

Two types of password synchronization processes are commonly available in commercial software:

• Transparent password synchronization, triggered by a password change on an existing system. The new password is automatically forwarded to other user objects that belong to the same user, on other systems (of the same or different types).

• Web-based password synchronization, initiated by the user with a web browser, in place of the existing native password change process. The web-based process allows the user to set multiple passwords at once.

Password synchronization is a type of Identity management software.

I want to share here with you is my experience of sharing the Microsoft Outlook , Password Security , Technical Support and providing computer support assistance.

Early UNIX password vulnerability

Early UNIX implementations used a 12-bit salt, which allowed for 4096 possibilities, and limited passwords to 8 characters. While 12 bits was good enough for most purposes in the 1970s (although some expressed doubts even then), by 2005 disk storage had become cheap enough that an attacker can precompute encryptions of millions of common passwords, including all 4096 possible salt variations for each password, and store the precomputed values on a single portable hard drive. An attacker with a larger budget can build a disk farm with all 6 character passwords and the most common 7 and 8 character passwords stored in encrypted form, for all 4096 possible salts. And when several thousand passwords are being cracked at once, memoization still offers some benefit. Since there is little downside to using a longer (say 32-, 64- or 128-bit) salt, and they render any precomputation or memoization hopeless, modern implementations choose to do so.

What is Password manager

A password manager is software that helps a user organize passwords and PIN codes. The software typically has a local database or files that hold the encrypted password data. Many password managers also work as a form filler, thus they fill the user and password data automatically into forms. Some have password generator capabilities.

In view of the rising threat of Phishing, password managers are also used as the best defense against such threats. Unlike human beings, a password manager program, which can handle automated login script is not susceptible to visual imitations and look alike websites. With this built-in advantage, the use of a password manager is beneficial to everyone, even if he or she only has a few passwords to remember. However, one must keep in mind that not all password managers can automatically handle the more complex login procedures now imposed by banking websites.

Whilst providing a user with a convenient way of storing and retrieving one's passwords, a compromised master password would render all stored passwords vulnerable. This demonstrates a common relation between usability and security: one might enjoy better security having memorized all his passwords but with cumbersome usability. Thus, some password managers, now provide means for entering master passwords, which are key logging-proof some password managers hold passwords unencrypted in memory while access is being made to records. This poses a security risk should one obtain read privileges of the given memory segment.

Password managers come in 3 basic flavors:

• Desktop - desktop software (usually a browser extension), storing passwords on a computer hard drive.
• Portable - portable software (usually a browser extension), storing passwords and program on a portable drive (U3 and the like).
• Web based - online password manager where passwords are stored on a provider's website.

source en.wikipedia.org

Website password systems

Passwords are used on websites to authenticate users and are usually server-side, meaning the browser sends the password to the server (by HTTP POST), the server checks the password and sends back the relevant content (or an access denied message). This process eliminates the possibility of local reverse engineering as the code used to authenticate the password does not reside on the local machine.
The transmission of the password through the browser in plaintext means it can be intercepted along its journey to the server. Most web authentication systems use SSL to establish an encrypted session between the browser and the server. This is done automatically by the browser and ensures integrity of the session.
So-called website password and membership management systems often involve the use of Java or JavaScript code existing on the client side (meaning the visitor's web browser) HTML source code (for example, AuthPro). Drawbacks to such systems are the relative ease in bypassing or circumventing the protection by switching off JavaScript and Meta redirects in the browser, thereby gaining access to the protected web page. Others take advantage of server-side scripting languages such as ASP or PHP to authenticate users on the server before delivering the source code to the browser. Popular systems such as Sentry Login and Password Sentry take advantage of technology in which web pages are protected using such scripting language code snippets placed in front of the HTML code in the web page source saved in the appropriate extension on the server, such as .asp or .php.

What is Graphical Password

The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. For example, users tend to pick passwords that can be easily guessed. On the other hand, if a password is hard to guess, then it is often hard to remember. Spywares such as key logging also make text-based password vulnerable. To address this problem, some researchers have developed authentication methods that use pictures as passwords. In this paper, we conduct a comprehensive survey of the existing graphical password techniques. We classify these techniques into two categories: recognition-based and recall-based approaches. We discuss the strengths and limitations of each method and also point out the future research directions in this area. We also try to answer two important questions: “Are graphical passwords as secure as text-based passwords? ”; “What are the major design and implementation issues for graphical passwords?” This survey will be useful for information security researchers and practitioners who are interested in finding an alternative to text-based authentication methods.

Website password systems

Passwords are used on websites to authenticate users and are usually server-side, meaning the browser sends the password to the server (by HTTP POST), the server checks the password and sends back the relevant content (or an access denied message). This process eliminates the possibility of local reverse engineering as the code used to authenticate the password does not reside on the local machine.

The transmission of the password through the browser in plaintext means it can be intercepted along its journey to the server. Most web authentication systems use SSL to establish an encrypted session between the browser and the server. This is done automatically by the browser and ensures integrity of the session.

So-called website password and membership management systems often involve the use of Java or JavaScript code existing on the client side (meaning the visitor's web browser) HTML source code (for example, AuthPro). Drawbacks to such systems are the relative ease in bypassing or circumventing the protection by switching off JavaScript and Meta redirects in the browser, thereby gaining access to the protected web page. Others take advantage of server-side scripting languages such as ASP or PHP to authenticate users on the server before delivering the source code to the browser. Popular systems such as Sentry Login and Password Sentry take advantage of technology in which web pages are protected using such scripting language code snippets placed in front of the HTML code in the web page source saved in the appropriate extension on the server, such as .asp or .php.

source en.wikipedia.org

What is Password Safe

Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted user name/password list. With Password Safe all you have to do is create and remember a single "Master Password" of your choice in order to unlock and access your entire user name/password list.

Security starts with you, the user. Keeping written lists of passwords on scraps of paper, or in a text document on your desktop is unsafe and is easily viewed by prying eyes (both cyber-based and human). Using the same password over and over again across a wide spectrum of systems and web sites creates the nightmare scenario where once someone has figured out one password, they have figured out all your passwords and now have access to every part of your life (system, e-mail, retail, financial, work).

Password Safe allows you to manage your old passwords and to easily and quickly generate, store, organize, retrieve, and use complex new passwords, using password policies that you control. Once stored, your user names and passwords are just a few clicks away.

Using Password Safe you can organize your passwords using your own customizable references—for example, by user ID, category, web site, or location. You can choose to store all your passwords in a single encrypted master password list (an encrypted password database), or use multiple databases to further organize your passwords (work and home, for example). And with its intuitive interface you will be up and running in minutes.

How do I change my password

If you would like to change your Yahoo! password, just sign in to your Yahoo! account with your current password and click the Account Info or My Account link at the top of the page. You will be asked to re-enter your current password for verification. Then:

1. Click the "Change Password" link.
2. Enter your current password in the first box.
3. Enter your new password (as you would like it to be) in the second box.
4. Confirm your new password in the third box.
5. Click the "Save" button.

Your Yahoo! password will always apply to your entire Yahoo! account. This means that it will be valid not only for Yahoo! Mail, but also for Yahoo! Messenger, Yahoo! Chat, My Yahoo!, Yahoo! Finance, and all of Yahoo!'s other personalized services.

Please Note: To better protect your account, make sure that your password is memorable for you but difficult for others to guess. Never use the same password that you have used in the past, and do not share your password with anyone. For security purposes, your new password must be a minimum of six characters long. A good password contains a combination of uppercase and lowercase letters (remember that your password is case sensitive) and numbers.

For additional information on choosing a strong password, please visit the Yahoo! Security Center.

source: lastbit.com

Email Password Recovery

Mail Password is an universal password recovery tool for POP3 email accounts. It recovers all POP3 email logins and passwords stored in your computer by your email software. Virtually all e-mail clients use password caching because it's very inconvenient to enter a password every time you get your mail. This means it is possible to find out a stored email password. The universal solution lies in POP3 server emulation. Mail Password uses this method to recover lost email passwords. Mail Password emulates POP3 server and E-mail client tells the password. As a result Mail Password supports ALL email programs. However there are two limitations, please read carefully.

· Mail Password does NOT recover passwords to Web-based email accounts (such as hotmail, yahoo, usa.net, etc.). Secret Explorer may help you with web-based emails under certain circumstances.

· Mail Password is intended to recover YOUR passwords only. It just extracts passwords stored on your computer. It is not a hacker's tool, Mail Password does not allow cracking any other passwords (in most cases it is illegal). So please do not ask us how to recover your lost password to president@whitehouse.gov account.

You should perform two easy steps to recover your lost password.

1. Run Mail Password and start the recovery process. Enter the POP3 server name to emulate. You can enter several names here.
2. Run your email software and check for a new mail. Mail Password will intercept and display the login name and the password.

Yahoo Messenger Password

Yahoo Messenger Password is a password recovery tool (although not a password cracker) that is used to recover lost or forgotten passwords for your Yahoo messenger accounts. It is important that the password you are trying to recover is stored on your computer (i.e. you are recovering your own password and not trying to crack someone’s passwords). Yahoo Messenger Password recovers stored login information for the current computer user.

Starting from Yahoo! Messenger v7.5, there is no way to recover the password even if it is stored on a local computer. However it is possible to transfer the stored password from one computer to another. You can use Yahoo Messenger Password to transfer the saved password to another computer.

The program is very simple to use, just launch it, make a few mouse clicks and you will get all information about your Yahoo Messenger account including password. You are not required to be a password recovery professional and make it through a lengthy configuration process – Yahoo Messenger Password works in a fully automatic mode. Even better, you don’t have to wait for hours for the password recovery process to complete. Your Yahoo passwords will be recovered instantly!

Note: this program is not a hacker tool. It won’t help you to find password of an arbitrary Yahoo user. Remember that only your own passwords (stored on your computer) can be recovered.

MSN Password

MSN Password is a password recovery tool (although not a password cracker) that is used to recover lost or forgotten passwords for your MSN messenger accounts. It is important that the password you are trying to recover is stored on your computer (i.e. you are recovering your own password and not trying to crack someone’s passwords). MSN Password recovers stored login information for the current computer user.

The program is very simple to use, just launch it, make a few mouse clicks and you will get all information about your MSN Messenger account including password. You are not required to be a password recovery professional and make it through a lengthy configuration process – MSN Password works in a fully automatic mode. Even better, you don’t have to wait for hours for the password recovery process to complete. Your MSN passwords will be recovered instantly!

Note: this program is not a hacker tool. It won’t help you to find password of an arbitrary MSN user. Remember that only your own passwords (stored on your computer) can be recovered.

Source lastbit.com

Password checker

Your online accounts, computer files, and personal information are more secure when you use strong passwords to help protect them.

Test the strength of your passwords: Enter a password in the text box to have Password Checker help determine its strength as you type.

Password:

Strength: Weak

Not ratedMedium

Strong

Note: Password Checker can help you to gauge the strength of your password. It is for personal reference only. Password Checker does not guarantee the security of the password itself.

Do you use strong passwords?

A strong password should appear to be a random string of characters to an attacker. It should be 14 characters or longer, (eight characters or longer at a minimum). It should include a combination of uppercase and lowercase letters, numbers, and symbols.

About Password Checker

Password Checker does not collect, store, or transmit information beyond the computer that you use to access Password Checker. The image works on your computer desktop until you navigate away from the page.

The security of the passwords entered into Password Checker is similar to the security of the password you enter when you log into Windows. The password is checked and validated on your computer, but is not sent over the Internet.

Create a Strong, Memorable Password

Create a strong, memorable password in 6 steps

Use these steps to develop a strong password

1. Think of a sentence that you can remember. This will be the basis of your strong password or pass phrase. Use a memorable sentence, such as "My son Aiden is three years old."

2. Check if the computer or online system supports the pass phrase directly. If you can use a pass phrase (with spaces between characters) on your computer or online system, do so.

3. If the computer or online system does not support pass phrases, convert it to a password. Take the first letter of each word of the sentence that you've created to create a new, nonsensical word. Using the example above, you'd get: "msaityo".

4. Add complexity by mixing uppercase and lowercase letters and numbers. It is valuable to use some letter swapping or misspellings as well. For instance, in the pass phrase above, consider misspelling Aiden's name, or substituting the word "three" for the number 3. There are many possible substitutions, and the longer the sentence, the more complex your password can be. Your pass phrase might become "My SoN Ayd3N is 3 yeeRs old." If the computer or online system will not support a pass phrase, use the same technique on the shorter password. This might yield a password like "MsAy3yo".

5. Finally, substitute some special characters. You can use symbols that look like letters, combine words (remove spaces) and other ways to make the password more complex. Using these tricks, we create a pass phrase of "MySoN 8N i$ 3 yeeR$ old" or a password (using the first letter of each word) "M$8ni3y0".

6. Test your new password with Password Checker. Password Checker is a non-recording feature on this Web site that helps determine your password's strength as you type.

What makes a strong password

To an attacker, a strong password should appear to be a random string of characters. The following criteria can help your passwords do so:

Make it lengthy. Each character that you add to your password increases the protection that it provides many times over. Your passwords should be 8 or more characters in length; 14 characters or longer is ideal.

Many systems also support use of the space bar in passwords, so you can create a phrase made of many words (a "pass phrase"). A pass phrase is often easier to remember than a simple password, as well as longer and harder to guess.

Combine letters, numbers, and symbols. The greater variety of characters that you have in your password, the harder it is to guess. Other important specifics include:

The fewer types of characters in your password, the longer it must be. A 15-character password composed only of random letters and numbers is about 33,000 times stronger than an 8-character password composed of characters from the entire keyboard. If you cannot create a password that contains symbols, you need to make it considerably longer to get the same degree of protection. An ideal password combines both length and different types of symbols.

Use the entire keyboard, not just the most common characters. Symbols typed by holding down the "Shift" key and typing a number are very common in passwords. Your password will be much stronger if you choose from all the symbols on the keyboard, including punctuation marks not on the upper row of the keyboard, and any symbols unique to your language.

Use words and phrases that are easy for you to remember, but difficult for others to guess. The easiest way to remember your passwords and pass phrases is to write them down. Contrary to popular belief, there is nothing wrong with writing passwords down, but they need to be adequately protected in order to remain secure and effective.

Factors in the security of a password system

The security of a password-protected system depends on several factors. The system must, of course, be designed for sound overall security, without which no password protection can have any significance. Early passwords on many systems were limited to a few numbers, or upper-case-letters, only often in prescribed patterns limiting the number of possible passwords. Most passwords today usually have fewer such limits. User input is determined by several limiting factors: allowable inputs (numbers / letters, non-visual codes and/or other keys / device inputs), minimum & maximum of time required for input, availability of cut / delete / paste / copy for input, and error/noise tolerance errors in the password or communications input. Some system administrators also enforce other limitations on passwords, such as compulsory change schedules, safe-password analysis feedback, and compulsory length / composition limits. See computer security and computer insecurity.

Designing a personal, user-friendly password

Designing a personal, user-friendly password

Passwords vary in the degree of public awareness, security protection and frequency of change. The most public, and therefore least secure, password might be one that is given to members of a group, a committee or some other organization. For instance, "publiclibrary", "internet", "AAAfinancecommittee" or "password" are all examples of easily remembered passwords, more or less publicly known passwords.

Less easily attacked passwords might be built from such a basic form, for instance, "smith12nov34street" or "AAAchairpersonSUE". These are slightly more secure, but being relatively easily predictable should not be relied upon to actually block unauthorized access. Effective access control requires passwords which are more difficult to guess or to find automatically, less publicly known (ideally not at all), and these are the subject of much of the rest of this article. One method of creating passwords that are memorable, but difficult to attack are by means of selective substitution of numbers for letters, e.g. 'I' is replaced by '1', 'E' by '3' etc. This becomes even more secure if the numbers are 'shifted' on the keyboard. In this instance, the number '1' may be replaced by '!'.

Authentication Factor

An authentication factor is a piece of information used to authenticate or verify a person's identity for security purposes. Human authentication factors are generally classified into three cases:

Something the user has (e.g., ID card, security token, software token, phone, or cell phone)

Something the user knows (e.g., a password, pass phrase, or personal identification number (PIN))

Something the user is or does (e.g., fingerprint, retinal pattern, DNA sequence, signature, voice recognition, unique bio-electric signals, or another biometric identifier)

Often a combination of methods is used to provide multi-factor authentication. For example, bank machines provide two-factor authentication by requiring a bankcard and a PIN. Business networks may require users to provide a password and a random number from a security token.

Provenance

Provenance is the origin or source from which something comes, and the history of subsequent owners (also known in some fields as chain of custody). The term is often used in the sense of place and time of manufacture, production or discovery. Comparative techniques, expert opinion, written and verbal records and the results of tests are often used to help establish provenance.

The provenance of works of fine art, antiques and antiquities often assumes great importance. Documented evidence of provenance for an object can help to establish that it has not been altered and is not a forgery, reproduction, stolen or looted art. Knowledge of provenance can help to assign the work to a known artist and a documented history can be of use in helping to prove ownership.

The quality of provenance of an important work of art can make a considerable difference to its selling price in the market; this is affected by the degree of certainty of the provenance, the status of past owners as collectors, and in many cases by the strength of evidence that an object has not been illegally excavated or exported from another country. The provenance of a work of art may be recorded in various forms depending on context or the amount that is known, from a single name to an entry in a full scholarly catalogue several thousand words long.

Evidence of provenance can be of importance in the fields of archaeology and palaeontology. Fakes are not unknown and finds are sometimes removed from the context in which they were found without documentation, reducing their value to the world of learning. Even when discovered apparently in-situ archaeological finds must sometimes be treated with caution, the provenance of a find may not be properly represented by the context in which it was found. Artifacts can be moved far from their place of origin by mechanisms that include looting, collecting, theft or trade and further research is often required to establish the true provenance of a find. Fossils can also move from their primary context and are sometimes found, apparently in-situ, in geological deposits to which they do not belong, moved by, for example, the erosion of nearby but geologically different outcrops.

Most museums make strenuous efforts to record how the works in their collections were acquired and these records are often of use in helping to establish provenance.

Provenance is a fundamental principle of archives, referring to the individual, group, or organization that created or received the items in a collection. According to archival theory and the principle of provenance, records of different provenance should be separated.

In archival practice, proof of provenance is provided by the operation of control systems that document the history of records kept in an archive, including details of amendments made to them. It was developed in the nineteenth century by both French and Prussian archivists.

In North American archaeology, and to a lesser extent in anthropological archaeology throughout the world, the term provenience is sometimes used instead. Usually the two terms are synonymous; however, some researchers use provenience to refer only to the exact location in a site where an artifact was excavated, in contrast to provenance which includes the artifact's complete documented history

Authentication

Authentication (from Greek αυθεντικός; real or genuine, from authentes; author) is the act of establishing or confirming something (or someone) as authentic, that is, that claims made by or about the thing are true. Authenticating an object may mean confirming its provenance, whereas authenticating a person often consists of verifying their identity. Authentication depends upon one or more authentication factors.

Password

Password

A Password is a form of secret authentication data that is used to control access to a resource. The password is kept secret from those not allowed access, and those wishing to gain access are tested on whether or not they know the password and are granted or denied access accordingly.

The use of passwords goes back to ancient times. Sentries guarding a location would challenge for a password. They would only allow a person in if they knew the password. In modern times, passwords are used to control access to protected computer operating systems, mobile phones, cable TV decoders, automated teller machines (ATMs), etc. A typical computer user may require passwords for many purposes: logging in to computer accounts, retrieving e-mail from servers, accessing files, databases, networks, web sites, and even reading the morning newspaper online.

Despite the name, there is no need for passwords to be actual words; indeed passwords which are not actual words are harder to guess (a desirable property), but are generally harder for users to remember (an undesirable property). Note that password is often used to describe what would be more accurately called a passphrase. Passcode is sometimes taken to imply that the information used is purely numeric, such as the personal identification number (PIN) commonly used for ATM access. Passwords are generally short enough to be memorized.

Your passwords are the keys you use to access personal information that you've stored on your computer and in your online accounts.

If criminals or other malicious users steal this information, they can use your name to open new credit card accounts, apply for a mortgage, or pose as you in online transactions. In many cases you would not notice these attacks until it was too late.

Fortunately, it is not hard to create strong passwords and keep them well protected.