Better Password Practices

Anything we do online, which is nearly everything, is protected by a string of characters. Whether it’s your bank account, email, or social media, that one key holds a lot of power. But here’s the problem: most of us don’t give our passwords the attention they deserve. Weak, reused, easy-to-guess passwords are like leaving your front door wide open.

So, how do we fix it?

It starts with a few simple habits that make a world of difference. Practicing good password hygiene will help you keep all of your sensitive information safe from hackers trying to access your accounts.

Turn on Multifactor Authentication.

Enabling multifactor authentication is likely the most crucial action you can take to protect yourself right now. It adds an extra layer of protection to your accounts, in addition to your password.

Once you log in to your account using your password, you’ll be prompted to enter an additional form of verification, such as an identification code sent via SMS to the phone number associated with the account, to ensure that the person logging in is the account owner. This is also handy because if someone else has your password and is trying to get into your account, you will be notified before they can break in.

Use strong passwords.

You might hear this one a lot, but what makes a password “strong”?

Essentially, a strong password is one that is hard to guess. Avoid using names, birthdays, or common words. A password like “123password” is not going to cut it. It’s not very secure because it uses a standard number sequence followed by a dictionary word. With today’s hacking tools, a password like that can be cracked in an average of two seconds. For example, “S!mpl3r@nD0mK#ey2534” can be considered a safe password.

Some general guidelines to follow to create a secure password:  

  1. Must use at least 16 characters (try to aim for at least 20)
  2. Must include uppercase and lowercase characters (a, A, b, B, etc.)
  3. Must include numeric characters (1, 2, 3, etc.)
  4. Must include special characters (!, @, #, etc.)
  5. Doesn’t have to be completely random; you can use a unique but memorable sentence as well (ex. “Do you own 20 cats?”)

If you are unsure about whether your password is secure enough, you can use a zxcvbn test, such as this free online password checker.

Don’t reuse passwords.

Oftentimes, people use the same password across multiple websites and accounts. This can be risky because if a hacker gains access to one of your accounts, they will have access to all of them. Always use a unique, strong password to prevent this from happening.

Use a password manager.

It can be overwhelming having to memorize a separate password for every account you have, especially when they’re intentionally difficult to guess. That’s why having a password manager is your best friend. There are apps that securely store your passwords and help you create strong ones, and all you need to remember is a “master password” to unlock the password manager. Some popular choices include LastPass, KeePass, 1Password, and iCloud Keychain.

Change passwords if you think you’ve been hacked.

If you get any indication that your account has been compromised, or if you accidentally click on a suspicious link, change your password immediately. This is also where a password manager can be particularly helpful, as some services, such as LastPass Premium, can automatically change passwords for you. It’s always better to be safe than sorry!

Avoid public Wi-Fi for sensitive logins.

Logging into your bank account on your local coffee shop’s Wi-Fi can be dangerous. Hackers can sometimes intercept what you’re typing. If you have to use public Wi-Fi, avoid logging into important accounts. If you need to log into those accounts, it’s strongly recommended that you use a VPN to stay protected.

If you want to stop online tracking over all of your accounts when in public, turn Wi-Fi off on your phone and other devices when they’re not in use. When you do decide to use a device, have a VPN running in the background so that all your information stays protected. Some trusted VPN services are NordVPN, Surfshark, and ProtonVPN.

Stay Alert to Phishing

Even the world’s most secure password is of no use if you just give it away. Be wary of texts and emails asking you to log into something or click on a link. Always check if a website address looks correct. When in doubt, go directly to the website rather than clicking the link. Sometimes, organizations will ask for a special code for verification or access to your account to investigate a possible issue. However, they will never call you first and ask for a PIN or MFA code. If you receive a call requesting an MFA/verification code without any prior notice, be aware that it is likely a phishing attempt.

By putting these simple tips into practice, you’re not only protecting your passwords but also your identity, money, and peace of mind. Think of them as digital self-care. Your future self will thank you!

Cyber Threats at Home: How the AirBorne Vulnerability Puts Domestic Violence Survivors at Risk

// This article was authored by Aaron Thomas//
The discovery of vulnerabilities in Apple’s AirPlay technology—collectively referred to as “AirBorne”—has sparked significant concern. For survivors of domestic violence and the organizations that support them, these vulnerabilities present new risks that could compromise their safety and privacy.

Researchers from the cybersecurity firm Oligo recently identified the AirBorne vulnerabilities—a series of security flaws in Apple’s AirPlay technology that significantly increase the attack surface for cybercriminals. These vulnerabilities allow an attacker on the same Wi-Fi network as an AirPlay-enabled device to execute arbitrary code, effectively taking control of the device without the owner’s knowledge.


The Technical Details: How AirBorne Compromises Security

Oligo researchers discovered the AirBorne vulnerabilities while investigating issues related to unauthorized access to internal services on a target’s local network. During this research, they found that the AirPlay protocol could be exploited, leading to the identification of this critical vulnerability. While Apple has collaborated with Oligo to patch its own devices, the real challenge lies with third-party manufacturers who may not prioritize or provide timely updates.

Oligo estimates that tens of millions of third-party AirPlay-enabled devices remain vulnerable, with many potentially never receiving necessary security updates. This situation creates a significant risk for users, particularly those who may not be aware of the need to regularly update their devices or how to do so.


Potential Attack Scenarios

Exploitation could occur in various scenarios, including when an attacker gains access to a home Wi-Fi network through weak security settings or connects to the same public Wi-Fi as the targeted device, such as in cafes, airports, or shared accommodations. Once connected, attackers could use the AirBorne vulnerability to gain unauthorized control over the device, manipulate its functions, or gather sensitive data.


Impact on Domestic Violence Survivors

For survivors of domestic abuse, these vulnerabilities pose a particularly grave risk. Many individuals in abusive situations rely on technology to communicate with support networks, friends, or family. If their devices are compromised, abusers could potentially monitor communications, track movements, or even eavesdrop on conversations, all without the survivor’s knowledge.

Support organizations like Operation Safe Escape must also be vigilant. As these organizations increasingly use technology to connect with clients, the risk of exposure to cyber threats becomes more pronounced. Training staff to recognize potential vulnerabilities and guiding clients on device security can make a critical difference in maintaining safety.


Taking Proactive Security Measures

To mitigate the risks associated with the AirBorne vulnerabilities, it is vital for survivors and the organizations that support them to adopt proactive cybersecurity practices:

  1. Keep Devices Updated: Ensure all AirPlay-enabled devices, including smart speakers, TVs, iPhones, Macs, and iPads, are updated with the latest firmware and security patches. Regular updates are crucial for closing security gaps that hackers may exploit.

  2. Secure Your Network: Implement strong, unique passwords for all Wi-Fi networks, and ensure that encryption settings are enabled to safeguard data.

  3. Be Cautious with Public Wi-Fi: Whenever possible, avoid using public Wi-Fi for sensitive activities, as these networks often lack adequate security. If public Wi-Fi is unavoidable, utilize a reputable virtual private network (VPN) to secure the connection.

  4. Monitor Connected Devices: Regularly review your network to identify and remove unfamiliar or unused devices. This practice helps minimize the number of potential entry points for hackers.

  5. Disable AirPlay When Not Needed: Consider turning off AirPlay on devices when it is not actively being used. Setting up guest networks for visitors can also help protect your primary network from unauthorized access.

  6. Educate and Train: Support organizations should train their staff and clients about the risks associated with smart devices. Providing resources and guidance on securing devices can empower survivors to take control of their digital safety.


A Call for Greater Awareness

The AirBorne vulnerabilities serve as a stark reminder of how technology can intersect with personal safety, particularly for survivors of domestic abuse. As smart devices become more integral to daily life, understanding and mitigating cybersecurity risks is essential to protecting vulnerable individuals. By taking proactive steps to secure AirPlay-enabled devices and fostering awareness among support organizations, survivors can better safeguard their digital privacy and personal safety.


About Operation Safe Escape

Operation Safe Escape is dedicated to providing resources, education, and support for survivors of domestic violence, human trafficking, and stalking. The organization works to enhance the safety and privacy of at-risk individuals through cybersecurity training, advocacy, and community outreach. Operation Safe Escape collaborates with technology experts to ensure survivors and support networks have the tools and knowledge to protect themselves in the digital age. To learn more or get involved, visit https://safeescape.org.

julei and dins ride for awarensss julie mcmahon and din thomas

Julie & Din’s Ride for Awareness is coming this January!

julei and dins ride for awarensss julie mcmahon and din thomasHere is some amazing news.

Every year, Julie McMahon and Din Thomas do a bike ride across Florida for charity. 2022’s January Ride for Awareness will be for Operation: Safe Escape!

The two-day ride, currently planned to start on January 8th, will take Julie & Din across the state, from Titusville to Clearwater. Operation: Safe Escape will be giving away prizes and swag, and sponsorships will be available first week of December (next week!) OSE will also have swag available at our upcoming swag store in December!

The People:
Julie McMahon is a Floridian Life Coach and avid advocate for safeescape.org and livetrained.com.
Din Thomas is a Coach, a former Pro MMA Fighter and as well as being an ally in our mission.

We will be psting more news here on the website as things progress.

The landing page for the event will be https://safeescape.org/rideforawareness

The owner of this website has made a commitment to accessibility and inclusion, please report any problems that you encounter using the contact form on this website. This site uses the WP ADA Compliance Check plugin to enhance accessibility.