PC Pro - UK 2021-12)

@PCPRO FACEBOOK.COM/PCPRO Realworldcomputing

RIGHTBrokersarecashingin

boominransomwareattacks

Skipthewholethreewordsthing,
don’tmentionitatall,gostraight
forthe“useapasswordmanager,
dammit”jugular.Thatwayyoucan
createtrulyrandom,complexand
extremelylongpasswords,orthe
applicationcan,andhaveaunique
oneforeverylogin.
Ofcourse,theperennialproblem
ofmasterpasswordcreationrearsits
veryuglyheadoncemore.Rather
thangooveroldgroundinvolving
musclememory,encryptedUSBsticks
(whichneedyetanotherpassword),a
biometricdevice(JEMpass)oreven
dicewithmultiplepatternsrolled
randomlyintoalockedbox
(DiceKeys),let’sapproachthisfrom
thethree-random-wordsangle.Or,
rather,let’snot.Justthreewords,no
matterhowrandom,wouldmakea
spectacularlypoormasterpasswordif
youaskme.Instead,goforfiveorsix,
ormoreifyourmemorywillallow.
Thesewould,ofcourse,needtobe
randomratherthanyourideaof
random.Whichiswhereone
passwordmanager,infact1Password,
comesin.DidyouseewhatIdid
there?Anyway,ithasapassword
generatorthatanyonecanuse–visit
1 password.com/password-generator
–whichhastheoptionofgenerating
apassphraseusingrandomwords.
JustselecttheMemorablePassword
dropdown,setthenumberofwords
tosomethingyou’recomfortable
with,andyou’reaway.
AsIsay,don’tgoforanythingtoo
shortasthisisthekeythatunlocksall
yourotherpasswords.I’dalsoavoid
untickingthe“fullwords”box,asthis
producesgibberishwordsthataren’t
reallyeasierthanalongpasswordto
memorise.Practisetypingtheresult
overandovertogetthatmuscle
memoryworking,andifyou’rea
1Passworduser,besuretosavethe
“emergencykit”thatcanbeprinted
outandstoredsomewheresecure.
Therealityisthatfor99%ofuse
cases,athreatactorisn’tgoingto
ransackyourhousesearchingfora
masterpassword,noryouroffice
forthatmatter.Ifyoudofallinto
the1%,thenthechancesarehigh
thatyou’llalreadybeusingsome
kindofsecurityprotocolthatmakes
theentirethree-random-words
argumentmootanyway.
Talkingofpasswordsinthe
workplace,Ican’twrapupthis
conversationwithoutmentioning
somemoreresearch,thistimefrom
BeyondIdentityatpcpro.link/
326 beyond.Thisfoundthatnotonly
didnearlyaquarterofemployees
questionedstillhaveaccessto

accountsfromapreviousjob,but41%

admittedtosharingpasswordsinthe

officeand20%usedthesame

passwordsathomeastheydidfor

work-relatedaccounts.

youwerewonderingw

onabouttheimpo

passwordhygiene,mon

aftermonth.

Goingforbrokers

Althoughyoumay

nothaveheardofit,

unlessyou’reashady

typewhohangs

aroundonline

Russiancriminal

forumsorhavethreat

intelligenceonyourjob

description,theinitialaccessbroker

(IAB)marketisahugesuccess.Which

isabadthing.Thatsuccess,albeit

mainlyforjustsevenplayerswho

temostofthe

,isbeingdrivenlargely

inransomware

overthepast 18

sorso.

IABsdealin

ompromise;thesale

ofaccesstoyour

compromised

network,tobeprecise.

Thisisbecausemost

ransomwaregroups

operateanaffiliate

mewherebythe

alreconnaissance

nfiltrationofa

essnetwork,tocarry

ttack,isdoneby

BewareofgeeksbearingGIFs

Itdoesn’tseempossiblethatitwasnineyearsagothatIwroteafeatureforPCProdetailingmyfightwith

wetmaculardegenerationthathadseriouslyimpairedmyvision.ThestoryisstilloutthereonAlphr

(pcpro.link/ 32 6alphr)ifyouwanttorefreshyourmemory.ThegoodnewsisthatInolongerhavetoweara

pirateeyepatchand,evenbetter,myvisionhasstabilisedaftermanyinjectionsintomyeyeballs(Ikidyenot)

sothatInoweasilypassthelegalrequirement,withspectacles,fordriving.

Imentionthisbecausethosedaysofstrugglingwithanonlineworldlargelynotaccommodatingof

peoplewithimpairedvisionwerebroughtbackintofocusrecently.Likemanyothers,Iregularlypost

animatedGIFsonTwitterwhenrespondingtotweets.Sosueme.However,itwasonlyafteracoupleof

peoplemessagedmetoaskifIcouldaddAlttexttomyGIFsbecausetheyusedscreen-readersoftwareand

couldn’ttellwhatIhadpostedthatIrealisedI’dbeenguiltyofnotpractisingwhatIpreviouslypreached.

BewareofgeeksbearingGIFs,indeed.

Here’sthething:eventhoughtheoptionwassittingthereinplainsightafteranupdate,Ihadn’tnoticed

itanddidn’trealisethatyoucouldaddAlttexttoGIFsonTwitter.Torectifythis,here’sastep-by-stepguide

todoingso,whichIrecommendeveryoneshouldfollow.

1

WhenyouselectaGIFtoaddtoatweet,clickon

“Adddescription”.Yes,Ihadn’tnoticedthosewords

sittingtherebefore,either.

3

Andthat’sit,yourGIFwillnowbereadablebythose

usingaccesssoftware.Unfortunately,Facebook

doesn’thaveanoptionforaddingAlttexttoGIFs,butyou

candosoforanyphotosyouupload.

2

EnteryourAlttextinthebox,beingasdescriptiveas

possible.FollowtheadviceofthelategreatRoy

WalkerofCatchphrasefameandsaywhatyousee.

4

Uploadyourimageandthenhitthebig“Addalttext”

buttoninthetoprightoftheframe.LinkedInhasa

similaroptionforyourphotosbutdoesn’tsupport

animatedGIFs,letaloneaddingAlttexttothem.