Tag Archives: security

How to Recover Password for Windows

What if you forget or lose your login credentials because you are accessing your account after a long time or there are so many IDs and passwords that’s why it is tough for you to remember. In such tricky situations, password recovery tools can be useful. These tools can be handy for you if you work as IT or network engineer. Password recovery tools can be useful as a computer user also while reinstalling or upgrading your version of Windows. These tools can help you to understand certain security risks like storing credentials unencrypted, and mitigating them.

Window Support
Window Support

How to Recover Passwords Saved by Web Browsers

It is easy to recover passwords saved in the popular web browsers like Internet Explorer, Google Chrome, and Mozilla Firefox. To recover password in Chrome and Firefox, you can access a list of saved passwords via the browser settings. You can view a list of saved passwords in the Credential Manager of Windows for Internet Explorer in Windows 8 and Windows 10. You can use these ways to double-check passwords you’ve saved.  For instance, you may need to know a password to login to a website from another computer on which it isn’t saved. However, it is risky also to save browser passwords and someone quickly could get to them.

Moreover, there are third-party tools also that can help you to recover passwords from multiple browsers. These tools allow you to save a list of all the passwords and will prove handy when you are reinstalling Windows or upgrading it and don’t utilize browser syncing. To keep your passwords more secure, you can import them in password managers which encrypt them for better security.

Alternatively, Firefox users need to enable their native master password feature that put encryption on the passwords so that third-party tools cannot recover them.

How to Retrieve Passwords for Wi-Fi Networks

Yu can also recover WEP keys, Wi-Fi passwords, and the PSKs of WPA or WPA2, saved by Windows.In Windows 7, open the Network and Sharing Center, select Manage Wireless Networks, click on the desired network to open it, and view the password on the Security tab. In Windows 8 and Windows 10, you can view the passwords in that same place, but you won’t find Manage Wireless Networks screen as it is gone. In Windows 8 and late, you can only open the wireless network properties of the specific network you’re connected to via the Network and Sharing Center. Windows 8 and later also, you can use third-party tools to capture and export a list of all the Wi-Fi passwords.

As you have seen how easy and insecure it is to retrieve Wi-Fi passwords stored by Windows.  You can see that the personal (PSK) mode of WPA/WPA2 can be very insecure than the Enterprise mode. The personal mode means if all the users will have and use the same password and their device is stolen or lost, or they leave the company, you will have to change the password in order to keep your network secure. But when you use the enterprise mode of WPA/WPA2, you could simply change or revoke a particular user’s login or password. Though the enterprise mode needs a RADIUS server the 802.1X authentication, but these days there are cloud-based options so you don’t have to deploy your own server.

How to Catch Login Credentials Sniffed from the Network

In recovering lost or forgotten passwords, catching login credentials sniffed from the network might not have a big practical use, but it helps demonstrate network security risks. In order to capture usernames and passwords for various kinds of services via protocols like HTTP, SMTP, FTP, and POP3, you can use tools to monitor a certain PC’s or the entire network’s traffic.

When you are on public Wi-Fi hotspots that have no encryption, remember to ensure that all services and sites you login should be using the standard SSL encryption. To check if site is using SSL encryption, check for the https in the URL. You also need to ensure that email clients and other apps should be using encryption as well. For peace of mind, encrypt all your Internet traffic using a VPN server provided by your company or a third-party VPN service.

On private Wi-Fi networks that are secured and encrypted, you’re also vulnerable to password hacking and hijacking. Users can still snoop on each other’s network traffic on networks secured with the personal (PSK) mode of WPA/WPA2 security. However, with the enterprise mode of Wi-Fi security, this is not the case. So businesses and organizations should use it.

Email Server and Login Credentials Details

You may want to save the server and login credentials details along with the emails themselves if you are reinstalling Windows.  Windows has an email client Outlook that you may be using. To get the email server and login credential details, go into the account settings of the email client. But this usually doesn’t show you the password in clear-text. There are fair chances to forget the password if you don’t use it often. To quickly retrieve the server details and password, use a tool instead of having to reset it via the email provider and then save them to a text file for later reference.

How to Reset Windows Account Passwords

It’s typically easier to reset a forgotten password instead of having to reinstall Windows when working with non-domain Windows computers. You can reset anywhere via the Microsoft site if it’s a Microsoft Account on a Windows 8 or newer computer. You can use bootable tools to do an offline password removal for Windows 7 and earlier (or local accounts on Windows 8 and later). However, when performing offline resets like this, some of your secured data like any passwords saved by Windows and any files encrypted by Windows may be wiped out.

It’s easy to retrieve and save most passwords when reinstalling or clean upgrading Windows. It can save your passwords as well as time and frustration that may develop because you accidently wiped out your passwords and forgotten them. But it also impose risk if you store login credentials so it is recommended to you that for better security, utilize encryption for your saved passwords or a whole-disk encryption solution.

Though it is easy to find passwords for saved Wi-Fi networks, when trying to connect other devices to the wireless, but in this case hackers can also snoop on your public and private network connections. They can hijack your accounts and capture your passwords so for the superior security, use enterprise mode instead of the personal (PSK) mode.

Precautionary Measures to Stay Protect You are on the Internet

Internet is not a safe place who doesn’t take care of their online privacy and security. There are millions of infections available online which are attacking more and more number of users on daily basis. So here some precautionary measures are given to keep yourself protected against online infections and scams.

pctech24au

Verify data is encrypted

Encrypt all the confidential information that you are sharing and transferring over the internet. Encrypt information such as credit card numbers, usernames, or passwords and send it securely. To verify this, look for Internet browser security lock (a small lock) next to the address bar or in the bottom right corner of your browser window. Once you are able to see this, makes sure that it should be in the locked position. Also make sure that the URL begins with https.

Data is encrypted if the lock is in the locked position. No one can intercept the data if try to intercept it if the data is locked. All information can be read if there is no lock visible and once it is intercepted. Use a password that you don’t use with protected sites if a web page such as online forum is not secure.

Use a safe and strong password

You should use strong and safe passwords for those websites which store confidential data. It is advised to you that use a different and strong password for each website that requires a login. Use a password manager if you cannot remember your passwords.

If available, enable two-factor authentication

If you enable two-factor authentication, you add an additional step for your online protection while verifying a login. Typically with two-factor authentication, after entering password, if the service does not recognize your device, you will receive a text message with a specific code to login. It is a good way of protection because no one can access your account even though one has a valid password because it requires that specific code to login.

E-mail is not encrypted

Never transmit you highly confidential data like your credit card information, passwords, and bank details over e-mail is not encrypted and any intruder may hack and read it.

Be careful while accepting or agreeing to prompts

Read and understand the agreement before clicking on the Ok button while installing any program. Cancel or close the window if you do not understand the agreement or feel that it is not necessary to install the program.

Additionally, check out for any check box that asks if it’s ok to install a third-party program, toolbar, etc. If it asks so, leave these boxes unchecked or cancel the install as these third-party programs causes more issues than good.

Be aware of phishing scams

Be aware of different types of phishing scams and techniques, which are meant to trick innocent users into providing their account information.

Stay concerned where you’re logging in from

Business: Your place of work can install key loggers or use various ways of monitoring you system when you are online. Someone who has access to this information may be able reading and recording this information. So it is recommended to you that don’t store any password in your browser if your system is shared with co-workers.

Wireless network: Your computer can be intercepted and read by someone else who is nearby when you are on a wireless network. Log onto a secure network using WEP or WPA to prevent this from happening. If you are on a home network. Make sure that it secure.

Friend’s house: Be careful if logging into an account on a friend’s computer because a computer or network you are not familiar with could unintentionally or intentionally log usernames and passwords. Never save the password information on the browser if you are logging into any site on a friend’s computer.

Use the latest browser

An outdated browser is highly insecure so use the latest version of the browser like use Microsoft Edge instead of Internet Explorer and also use alternative browser such as Google Chrome or Mozilla Firefox to stay safe.

Be attentive of those around you

Be careful of anyone’s shoulder surfing at work, school, library, or anywhere else. At such places, people may watch you filling up your confidential information like login ids and passwords. To keep your information private that display on the screen, use privacy filter for the display.

Update Internet browser plugins

Make sure all installed Internet plug-ins like Adobe Flash are up-to-date as often attackers find out security vulnerabilities through browser plugins.

Secure saved passwords

Always store passwords and login information in a secure area. Never write login information in a text file that is not encrypted or on a sticky note. Use a password manager to keep your login information secure.

Have against malware, spyware, and viruses

Give the complete protection to your device by installing an anti-virus program on it. Software programs like Trend Micro, Norton, Avira, etc. can keep your computer safe against malware, viruses, and other such infections.

If in case you don’t want to install anti-virus protection and running the latest version of Windows, run at least Windows Defender on your computer.

Learn to Hide Annoying MacOS Update Notifications

It is really annoying if you log into your MacOS Yosemite and Sierra systems and you quickly hit with an Apple notification that says “You have updates”. It seems a pain if you are in the middle of something and you need to get your work done and your computer screen keeps on displaying notifications about updates. It not only disturbs you while interacting with your device, but also wastes time and create nuisance. It is really distracting to get updates that you don’t care about.

This guide will help you in learning the ways to hide some updates which may be annoying you:

pctech24comau

Get rid of a few unwanted MacOS update notifications

Though you cannot hide all update notifications, but a few of them, you can hide for sure. You can hide at least a few of update notifications that Apple doesn’t think are important. To get rid of a few of those updates follow the steps given below:

  • Head to the MacOS App Store
  • Click the “Updates” tab (icon)
  • Right-click in the area next to an update when your updates are shown and then select the option “Hide Update” from the popup menu

About a few of other update notifications

Below given tricks will work only for selected update notifications. It is not known how Apple has decided which updates are necessarily important and which are not. This T may not work out for all the Mac users and all updates. Some of you may find these tricks helpful and some of them may not. This technique doesn’t work on Keynote, Pages, Numbers, Xcode, iPhoto, iMovie, etc.

You may follow these steps to hide their notifications, but it is not necessary that they will work for you:

  • Open the MacOS App Store app
  • Click the Purchased tab (icon)
  • There will be bit open area next to an app, right-click there and choose the option “Hide Purchase”

These steps don’t work on Apple apps, but may work on third-party.

MacOS App Store Preferences

Many of the Mac users want that they get notifications if there is any update available rather than it get installed automatically. It is better to get notification about available updates as there may be updates to update those programs that you are not going to use for a long time and there may be crucial updates like security updates that you need to install immediately.

It would be better if there will be more granular notification of updates, but as of now, you can only put them off for a day at a time.

High Popularity is the Menace for Android

Android is one of the most popular platforms which acquire more than 80 percent market share whereas iOS has a market share in the teens and rest is distributed among other smartphones operating platforms. With every new smartphone launching in the market is stretching more and more share that is why Android phones rule. One of the major reasons of Android popularity is Google’s decision to make it an open OS, but this also makes this platform vulnerable to attacks.

As Android is an open OS, it allows many manufacturers to make devices that can run Android. However, when so many venders are there to use and release it in several models, it leads to OS fragmentation and results in thousands of active version of Android. Tough it is not a big deal if the vulnerabilities of each version of software are patched as soon as they come to notice. Actual problem starts when Google, a smartphone manufacturer, or an OEM is not able to release the patch on time.

Android

Attackers have taken notice that most of the times there is a delay in releasing the security patches so they trade on such delays and mange to attack on the vulnerabilities of an Android device. Hackers and attackers may put malware in the Google play store to exploit these vulnerabilities. Google uses a tool called Bouncer to scan apps before allowing them to be listed and sold through the Google Play store, but attackers do this by obfuscating infectious contents of their apps to slip past Bouncer.

Using a dropper is another way to get malware past Bouncer security scans. A dropper attack initiates when the attacker uploading an app to Google Play that doesn’t have malware. Once the victim downloads and installs the dropper app, it communicates with the attacker’s server to downlaod malware and other infections to the user’s device. One more case in point for Android devices that security researchers recently analyzed is “Charger” ransomware. Researchers found that Charger is embedded in an app, which is available through Google Play. Once Charger infected the app, it steals SMS messages and contacts from user’s device and asks for admin permissions. Once you give it permission, the ransomware locks down your device and send you a message demanding payment.

Attackers are not using only these three ways to attack Android user’s devices, but they are also using malware for Android in more dangerous ways. Attackers are putting redundant components in malware to make their attacks successful. To execute their attacks successfully, the second component keeps attacking if in case security disables one component. Camouflaging malware to look like a legitimate, hiding the app’s icon, delay to run a program when malware runs, and using social engineering to get elevated privileges in order to stop users from uninstalling the app are other persistent threats that deter user from getting rid of malware..

An alarm should go off in your head if your organization’s employees connect their Android devices to your network services like email and VPNs. To prevent users’ mobile phones from becoming an entryway for hacking and attacking attempts in your organization, make sure that you have mobile security controls in place.

If you are facing any issue in android device contact Avast Technical Support.

Make Your Browsing Experience Safe with VPN

Privacy is the basic right of everybody. In case of web browsing, VPN security can give you complete protection from cyber threats and serve your security purpose well. Its adoption can bring two technical results as advantages: First It encrypts the signal so that intruders couldn’t intercept your network identity and your activities remain imperceptible to them and second it alters your IP address and it seems a different location, nation and machine identity to the eavesdroppers. There are lots of productive reasons to clock your device with VPN protection apart from a drawback that it compromises the speed of the machine.

Make Your Browsing Experience Safe with VPN

VPN enables a network-enabled device (like computer, mobile phones, etc.) to exchange the data as if you are connected to the private network.  It provides multiple layers of protection to the users using encryption and tunneling protocols. But tunnel endpoint must be secure before VPN tunnels are established. For the authentication purpose a user-created remote-access VPN can be secured by using two-way authentication, biometrics, passwords and other cryptographic arrangements.

They are beneficial because accessing a public Wi-Fi network without complete protection is not a safe option for your confidential activities. Public Wi-Fi networks don’t offer any security to the users rather they create the challenges. In this condition your connection will be open to the hackers and even newbie intruders can intercept your signal. This insecurity forces the user to have a safe VPN connection. Before logging into a public network, encrypt your signal so that you remain hidden from the eyes of snoopers and hackers.

VPN protection, also allows to access your home network while you are not in the territory of your home location. If you have enabled VPN tunnel, you can demand to your existing network which you have borrowed for the instant to provide the access of your home connection. It provides confidentiality of information in such a way that if the snooper has sniffed the data at the basic level, they will see the encrypted data only but can’t decode that. It accepts the data after confirming the authentication of the sender, so that the message integrity remains intact with the message.

Gitanjali is a tech blogger who is associated with Fix My Computer. She is an experienced writer in tech domain.