Tech Talk #190–October 29, 2022
Browser password checkup
Every time we hear about a data breach, we know that a new bunch of usernames and passwords were just stolen and are about to be used against us. Somehow, and by somebody.
But how do you tell if they stole YOUR email address and or password?
You can always check by going to https://haveibeenpwned.com/ and entering your info, but wouldn’t it be handy to have something that could check for you, something you already have on your computer?
Google has a tool for the Chrome browser that will alert you about any username/password combination that Google knows to be unsafe. Google’s database contains 4 billion stolen credentials from various data breaches. So Chrome can check your saved credentials, find any that are stolen and need changing, and check for weak passwords. The list of sites where you’re vulnerable includes a button to take you to the site to change your password.
But doesn’t that mean Google can “see” your passwords?
Well, sort of. Google says the extension reveals no personal information and that all queries are anonymous. Here’s what Google has to say about it:
“At a high level, Password Checkup needs to query Google about the breach status of a username and password without revealing the information queried. At the same time, we need to ensure that no information about other unsafe usernames or passwords leaks in the process, and that brute force guessing is not an option. Password Checkup addresses all of these requirements by using multiple rounds of hashing, k-anonymity, private information retrieval, and a technique called blinding.”
To use Chrome to check your login information, click the three vertical dots up near the top-right corner of your browser. Click Settings > Autofill > Password Manager. Now click on the right arrow in Check your passwords, just above the start of your saved password list.
If you use Firefox, Mozilla offers Firefox Monitor that checks your credentials. Offered as a stand-alone website anyone can use, it is also included in your Firefox account. While logged in to your account, click the shield icon next to the security lock in the address bar, then scroll down the Protections dashboard at the bottom of the list. Now scroll down to Lookout for data breaches. You can even sign up for monitoring. Mozilla uses the haveibeenpwned (HIBP) database for checking your credentials.
Many paid versions of password managers (you are using one, right?) also query against the HIPB database.
Very short extension cords
If you have your computer, router, monitor, printer, cell/tablet chargers, pencil sharpeners, and calculators all plugged into a good surge protector or an uninterruptible power supply (UPS,) you know what a pain it can be to get everything plugged in. Not only do warts, bricks, and transformers come in different sizes and prong orientations, but most are also so big they cover up the outlet next to them.
The best way to get everything plugged into a surge protector/UPS is to buy a pack of 6 or 12-inch extension cords. The cords will get those bulky and weird prong orientation warts/bricks/transformers things away from the outlet and let you plug in everything neatly.
Check online or at a hardware store for short extension cords and get a multi-pack.
Show some respect
A guy at a funeral is looking at his phone, frustrated. He whispers to the priest sitting next to him, “Do you have the Wi-Fi password”?
The priest looks at the man, shocked. “Respect the dead, sir.”
Looking at his phone, the guy replies, “All lowercase?”
Do you have a computer or technology question? Greg Cunningham has been providing Tehachapi with on-site PC and network services since 2007. Email Greg at firstname.lastname@example.org.