PlanetBlog - Komunitas Blog Indonesia

Rabu, 09 Mei 2012

10 tips menjaga Twittermu Tetap Aman . [[Ten tips to keep your Twitter Account Secure ]]

www.google.co.id

If you think your account has already been comprimised, follow these steps:
If you think someone has hacked your Twitter account, immediately post a tweet stating that you think your account has been comprimised and to treat any messages with suspicion. This will help your friends stay secure. Next, update your anti-virus and firewall software, then run a full scan. If you think you have a virus and your anti-virus software isn't helping, find someone who can help you. This could be your techie-friend, or a local computer repair company. You could also try sites like Geekatoo, which find you people that are willing to help with your problems. Once you've cleaned up your computer, change your password. Changing your password before you clean your computer might allow the attacker to capture the new password using a keylogger. If you've used the same password on multiple sites, change those too. Your email account's password should be top of the list to change, since it's a great resource for hackers to use to break into your other accounts.

Now, here are ten ways to keep your account secure:

1) Use at least a half-decent password.
Whilst this is pretty obvious, it's one of the most common problems out there. If your password is a word in the dictionary, or isn't longer than 5 characters, it's not secure. These days hackers will scan hundreds of thousands of accounts for common passwords (e.g. password, qwerty, letmein, dragon) and catch all the low-hanging fruit. If a password isn't easy to guess, they'll go onto the next account. A lot of security personnel will advocate ridiculous passwords like My_p4$Sw0Rd, but most people don't have a photographic memory and forget them after an hour. My personal suggestion is to choose a password that is at least 8 characters, isn't a word in the dictionary, and has at least one number in there. Something like bac0nsandwich or ca11ofduty is plenty secure enough.

2) Don't use the same password everywhere.
I know it's hard to remember a whole bunch of different passwords, but this rule is much more important than you might expect. Imagine my password for Twitter is "superawes0mepassw0rd". It's a pretty good password, right? Now imagine I sign up to 100 sites, using that password for every single one. All it takes is for a hacker to breach one site, and every account I own is comprimised. All the effort I put into selecting a good password was for nothing, because I used it everywhere. It's not hard to Google for usernames and email addresses, so it's easy to find other places where you have accounts - Facebook, Hotmail, gmail, etc. This kind of breach isn't rare, either. In the last few months alone I've notified four websites about security flaws that would allow me to dump their entire database, some of which had unencrypted passwords in them. Use different passwords for each site. You can always use software like KeePass to keep track of them.

3) Keep your anti-virus and firewall software up to date.
Your anti-virus software can only protect you against threats that have been analysed and entered into the database by the company's analysts. New viruses and malware come out every day, so make sure you keep up to date with your anti-virus updates. Just like anti-virus software, your firewall can also only block threats it knows about. Keep up with the updates!

4) Install updates for your operating system.
I know it's annoying, but those Windows Updates (or OSX updates) are important. When a bug is found in your operating system, the vendor (e.g. Microsoft or Apple) create a patch. If you don't install those updates, you may miss critical security patches that protect you from threats.

5) Install updates for your browser and its plugins.
Your browser can be attacked by malicious code on websites, so make sure you keep it up to date to avoid such problems. Also, update software that provides browser plugins, such as Adobe Flash, Adobe PDF Reader, Windows Media Player, etc. These sometimes have bugs that are hijacked to drop malware onto your computer, so keep them updated too.

6) Be careful when sites/apps ask to use your Twitter account.
Sometimes sites and apps will ask you to give them access to your Twitter account, so that you can post a comment or access some content using your normal Twitter credentials. When this happens, a popup will appear with the Twitter logo, telling you what kind of access you're giving to the site. Sometimes this will include things like allowing the site to post tweets, or even send DMs to followers. Think twice before allowing this, because a rogue site or app might then use your account for spam. You can go to https://twitter.com/settings/applications to manage the applications that can access your account.

7) Avoid clicking suspicious links.
Spammers often post links to sites that will attack your browser. They make these links look interesting using enticing subjects such as "win a free iPad 2" or "find hot girls/guys in your area". The general rule is that if it's too good to be true, it's probably a scam. You can block and report these spam accounts quite easily, and it helps keep Twitter safe. Scammers will often use a mixture of spam bots and comprimised accounts, which means that even tweets from your friends might be spam. If your friend suddenly starts telling you about how they got a free iDevice by going to some unusual link, or lost 40lbs in a week using some diet pills, don't click it. Instead, tweet them back, telling them that their account has probably been comprimised.

8) Watch out for fake Twitter sites.
When you're on Twitter, make sure to check the address bar at the top of your browser. It should point to twitter.com, and (if you're using HTTPS) the address bar should be green to prove that the site is verified secure. Fake sites, known as phishing sites, create a fake version of the Twitter site that is designed to capture your login credentials and steal your account. Such sites might look slightly different, and will have a different website address. Some are quite clever, e.g. twitter.com.badsite.com - make sure you don't get caught out!

9) Always use HTTPS when browsing Twitter
HTTPS is a protocol that secures (encrypts) the traffic between you an the Twitter servers. It also provides authenticity verification, which means that it makes sure that you are actually talking to Twitter, and Twitter is actually talking to you. This stops hackers from performing "man in the middle" attacks, where they trick your browser into thinking that the hacker is actually Twitter's server, so that they can steal your password. You can enable HTTPS for all pages on Twitter by going to https://twitter.com/settings/account and selecting "Always use HTTPS" at the bottom of the page.

 10) Associate your mobile phone with your account.
By associating your mobile phone with your Twitter account, it makes the recovery process easier if a hacker breaks in and changes your password. You also get notifications when security questions are changed. You can alter your mobile settings at https://twitter.com/settings/devices

* Written by Graham Sutherland (follow @gsuberland on Twitter) in www.pastebin.com



































0 comments:

Template by:

Free Blog Templates