Online security tools: The holiday gift that shows you really care

In an era of conspicuous consumption, many folks have shifted
from material gifts to offering experiences or digital goods.
Here’s a digital gift suggestion: Give the gift of
security. With free and inexpensive options that pay huge
dividends to the recipient, you can be the savviest and most
beloved person in the house.

Why give the gift of security? If a friend or relative uses
two-factor authentication and a password manager, they
dramatically reduce the odds of a hack or breach. Signing up
for password-breach notifications and using password management
lets them quickly change secrets for exposed accounts. In all,
it can save your friends and family from a lot of grief from
what seems like an inevitability these days.

Give a password management app or subscription

Database breaches of user accounts come at a terrifying pace
these days. Billions of accounts across hundreds of major
services have had their information leaked. Weak passwords and
weak storage of password at those services have allowed
malicious parties to crack them open, leading to a person’s
account and password at one service used to break into accounts
elsewhere.

The best current password advice is to create a unique, long
password for every site and service you use, and rely on a
password-management app to generate, store, and fill them in
for you.

The best of these systems live in an ecosystem with native apps
for mobile and desktop devices and a web app for access away
from that hardware. I’ve used and recommended 1Password, and many
clever people I know swear by LastPass.

holiday security 1password demo
IDG

1Password has an ecosystem of apps, and a very affordable
monthly subscription plan for families.

Between browser plug-ins in macOS and the new iOS 12 support
for third-party password management directly in apps and
Safari, your friends and family can generate new passwords and
fill them in while rarely even needing to learn the complexity
of the main apps if they choose not to.

Both products offer free trials, and LastPass has a free tier
with minimal but useful features that includes native apps.

However, the sweetest deal for families are the aptly named
family plans that both services offer. LastPass offers a 6-user family plan for $4 a month and 1Password’s
deal is 5 users for $5 a month
plus $1 a month for
additional family members. (Plans are billed annually.) This
includes some central management features, as well as password
sharing among members.

Your ongoing support costs: You may have to
talk people through some tasks to get them up to speed.

Bonus gift: Tell your recipient they can also
call or email you if they get a suspicious message, especially
if it claims to have recorded them privately via their
computer’s camera—and that they’d stolen their password. A
spate of these scams appeared recently and used old passwords
from long-ago breaches to scare people into thinking they were
legit.

Add a second factor to complement a password

Password breaches are made worse by accounts protected
only by a password. Many sites and companies, from
Apple to Zendesk, let you layer a second element to block
logins from people who only have your password. That extra
element is typically a code delivered to something you have in
your possession, like a text message to a phone or via an app
installed on a device.

This “second-factor” authentication was once the province of
corporations, and is now available widely for average people
from major consumer services. It’s a great bulwark against
account hijacking.

However, it can be tricky to set up and use for someone who
hasn’t before. That’s partly because there are many differences
among two-factor systems, which adds a learning curve. People
can be locked out of their accounts, too, if they don’t set up
a two-factor login correctly or if they lose some recovery
information provided at setup.

A great gift is to walk through friends and family in setting
up two-factor authentication on all the services they use,
pairing that with a password manager to store information about
the account setup, including recovery codes or one-time use
codes used to regain access if the second factor stops working.
(That’s rare, but it can be reset.)

holiday security authy
IDG

Authy simplifies managing second-factor authentication
codes that can be generated by an app. (Some account
information blurred.)

I also heavily recommend using Authy to manage authenticator codes that can
be generated via an app. While Google pioneered this with its
free Authenticator app, Authy is far easier to use and manage;
lets you create secure backups; and can securely sync across
multiple devices and platforms. It’s a perfect complement to
1Password or LassPass, and simplifies logins. (Authy is free to
end users, and the product makes its money providing services
to developers.)

iOS 12 and macoS 10.14 Mojave dramatically improved filling in text-based
codes
, too.

Some services, like Facebook and Google, let their smartphone
apps act as a second factor, too, so you don’t have to install
any extra software or receive a text to confirm a login.

Your ongoing support costs: You’ll probably
have to explain this a few times to people you get set up, and
potentially help them recover accounts from which they’re
locked out from time to time, if they can’t figure out how to
enter the second factor.

Sign them up for account breach notifications

A very generous Australian security expert, Troy
Hunt
, operates a free service called “Have I Been
Pwned?”
, which riffs on hacker speak: Pwned is when your
device or account has been taken over. The service tracks
database breaches that become available to hackers or are
posted generally on the Internet.

It doesn’t store stolen passwords or try to determine them, but
you can visit the site, enter your email address, and see if it
appears in any breach that’s occurred to date among billions of
exposed records.

holiday security have i been pwned
IDG

This free service lets you check on whether your email is
in database and account breaches, and even receive
notification when it’s found in new exposures.

You can also sign up for notifications of new breaches, and
that’s a free gift you can offer to friends and family. Sign
them up with their permission, and explain to them what to do
if they get an email warning of a breach. You can also work
with them to look at the list of services in which their email
is already exposed to change the passwords using 1Password or
LastPass for all those accounts.

Your ongoing support costs: Reassuring friends
and families that they’re safe when they get an email.

Install free or paid anti-malware software

I had mixed feelings about anti-malware software until my
intelligent then-10-year-old clicked a notification that said
Flash on his computer was out of date and installed a virus.
(We’d accidentally left Parental Controls disabled.)

We had a talk about trusting random messages, but we also
installed the excellent and free Avast software, which I
also recommended in a recent Macworld anti-malware software
round-up as the best free option. It quickly removed the
offending items and now protects our two children’s computers.

avast ransomware popup Avast

Avast Security for Mac

It’s easy to install on friends and relatives’ machines, and
requires no ongoing maintenance or fees. This is especially
useful at blocking malicious attempts, more than detecting
unknown viruses.

For a step up, I recommend Sophos Home Premium, our top anti-malware
software pick, because it has active anti-ransomware
monitoring. Ransomware encrypts users’ files and demands a
ransom paid in Bitcoin to unlock them.

A few mild ransomware exploits have affected Mac users through
hijacked software downloads, but it’s an active and enormous
threat to Windows users. More naive users, like my younger
child, might also go through the steps to install ransomware
masquerading as something else, including entering a password
for the installation, that would bypass the normal protections
Apple has in macOS.

Sophos is $35 a year (currently a sale) and protects up to 10
computers in a family grouping. It also offers central
management and control.

Your ongoing support costs: You will almost
certainly get calls about pop-up messages and warnings from the
software.

Other security gifts, free or inexpensive

While the big worries are handled above, there are a few quick
hits you can also give or give instead to help out those you
love:

  • Help them set up online backups at a service with strong
    security (starts at $5 a month). With CrashPlan out of the
    home-backup market, Backblaze is the best, most affordable, and more
    securely operated choice for Mac users. It’s $5 a month, $50 a
    year, or $95 for two years for unlimited file storage.

  • Turn on FileVault on their Macs
    (free). This feature
    encrypts the entire contents of a Mac startup volume at rest
    without slowing things down, and makes a disk drive so much
    garbage if a computer is stolen while shut down. However,
    when setting it up, macOS
    generates a recovery key
    in the event a password is
    forgotten. Help make sure that recovery key is written down
    and stored—you may want to keep a copy if you have that kind
    of trust relationship.
  • Set up a VPN account (about $3 to $7 a month). A VPN
    encrypts all data entering and leaving a device, particularly
    useful for insecure networks, like at libraries and
    coffeeshops. Your relatives and friends may know some of their
    data is at risk on these open Wi-Fi networks, but not what to
    do. You can pick among VPN services we recommended earlier this
    year in
    our Apple-device-friendly VPN round-up
    . Some come with
    monthly bandwidth limits, while others allow unlimited data.
    A single subscription usually works across all of someone’s
    devices. They’re easy to install and can be set up to
    activate automatically on unknown networks.
holiday security backblaze prefs
IDG

Backblaze offers simple, secure, cloud-based backups with
no fuss for your family and friends.

Finally, if all else fails with them securing their data, your
dear compadres and relatives could benefit from a credit
freeze, which helps prevent identity thieves from opening
credit cards and taking out loans using stolen personal data. A
new U.S. law went into effect in mid-2018 that requires the
three major American credit bureaus to offer free credit freezes, which prevent banks and
others from pulling a credit report. These freezes can be
turned off when your loved one has an actual need to obtain
credit, and then back on afterwards.

%d bloggers like this: