PC Security Options, Fixing Slows PCs, and Internet Password Security (incl Password Managers)
Disclaimer. The following information was provided by Shed members and whilst most is generic and available from Microsoft and others, comments on any products are neither endorsed nor recommended by Melba Shed
PC AntiVirus, Malware and Firewalls Options
Suggested Free Security Programs for Windows Users
Microsoft’s suite of free protection programs will protect most users. These include Windows Firewall, and Microsoft Security Essentials. (The latter replaces the basic Windows Defender). However if you want more robust protection you might consider some of the better free options like Avast, AVG or paid solutions like ESET NOD.
If you just use the above you should also have in your arsenal Spybot, SuperantiSpyware and MalwareBytes, Spybot is useful in picking up common spyware and cookies problems. The last two are more successful in getting rid of some nasty Trojans like Vundo and Virtumonde and their derivatives. However you generally will not need to run these programs regularly. For day to day Windows Defender or Security Essentials will handle most things
The best free Antivirus programs are AVG free and Avast Free Antivirus (Phil likes AVG as do many users. Others prefer Avast as it runs easily and updates auto and it hardly slows you down. It’s also a firewall). Also, Avira and Comodo are excellent free programs
In a voting poll in Lifehacker, readers voted AVG best, with Security Essentials, second, NOD third, followed by Avast and Avira
Malware/Spyware Spybot, SuperantiSpyware and MalwareBytes. The last two are excellent for nasty things like Vundo/Virtumonde trojans. Only use when required
Free firewalls Zone Alarm free is good and also Comodo’s firewall. Avast also has a firewall built in. Microsoft’s included fire wall is probably good enough for most users
Windows Defender. This is Microsoft’s original antivirus program. It will be uninstalled if you use MSE. In Windows 8 this has been reborn and MSE dropped.
Windows Firewall. This is Microsoft’s built in Firewall and will work well in conjunction with MSE and the MSRT
Avast! Free Antivirus avast! Free Antivirus represents the best free antivirus protection currently available on the market. This edition is FREE OF CHARGE for non-commercial & home use
AVG Free Edition Version AVG Anti-Virus Free Edition is trusted antivirus and antispyware protection for Windows available to download for free. In addition, the new included LinkScanner® Active Surf-Shield checks web pages for threats at the only time that matters – when you’re about to click that link
Avira AntiVir Personal Avira AntiVir Personal – FREE Antivirus is a reliable free antivirus solution, that constantly and rapidly scans your computer for malicious programs such as viruses, Trojans, backdoor programs, hoaxes, worms, dialers etc. Monitors every action executed by the user or the operating system and reacts promptly when a malicious program is detected
One of the best is ESET NOD32 NOD32 AntiVirus ESET NOD32 Antivirus is the most effective protection you can find to combat today’s huge volumes of Internet and email threats. It provides comprehensive antivirus and antispyware protection without affecting your computer’s performance. Using advanced Threat Sense technology, ESET NOD32 Antivirus proactively protects you from new attacks, even during the critical first hours when other vendors’ products aren’t aware the attack even exists. ESET NOD32 Antivirus detects and disables both known and unknown viruses, trojans, worms, adware, spyware, rootkits and other Internet threats. ESET NOD32 Antivirus is also one of the fastest antivirus solutions, so fast you won’t even notice it running. And it’s both incredibly easy to use yet simple to tailor for your specific needs.
Free Spyware Removers
Spybot – Search & Destroy detects and removes spyware, a relatively new kind of threat not yet covered by common anti-virus applications. Spyware silently tracks your surfing behaviour to create a marketing profile for you that is transmitted without your knowledge to the compilers and sold to advertising companies.
Spybot-S&D can also clean usage tracks, an interesting function if you share your computer with other users and don’t want them to see what you have been working on. And for professional users, Spybot-S&D allows you to fix some registry inconsistencies and extended reports
SUPERAntiSpyware Professional features advanced Real-Time Protection to ensure protection from installation or re-installation of potential threats as you surf the Internet
Malwarebytes’ Anti-Malware can detect and remove malware that even the most well known anti-virus and anti-malware applications fail to detect. Malwarebytes’ Anti-Malware monitors every process and stops malicious processes before they even start
Free Firewall Programs (you don’t need these if you use MSE or Avast)
ZoneAlarm Free Firewall blocks hackers from infiltrating your home PC by hiding your computer from unsolicited network traffic. By detecting and preventing intrusions, ZoneAlarm Free Firewall keeps your PC free from viruses that slow down performance, and spyware that steals your personal information, passwords, and financial data
Comodo claim that their firewall is unique in that it passes all known leak tests to ensure the integrity of data entering and exiting your system. Comodo has put firewall through all kinds of sophisticated tests to ensure its firewall powerful enough to ward off these attacks with default settings. It also offers an antivirus option which you can optionally instal
Excellent Software and Security Sites
SUPERAntiSpyware Professional features advanced Real-Time Protection to ensure protection from installation or re-installation of potential threats as you surf the Internet.
Malwarebytes’ Anti-Malware can detect and remove malware that even the most well known anti-virus and anti-malware applications fail to detect. Malwarebytes’ Anti-Malware monitors every process and stops malicious processes before they even start.
Password Security and Password Managers
You should also read and comprehend Password Security and Password Managers below
Internet Password Security (including Password Managers)
Lifehacker rates the best password managers 2015 KeePass, LastPass, Dashlane, 1Password and RoboForm were the five.
FilterJoe’s Best Password Manager site and reviews. Also defines what you need in a password manager
A secure Life’s Review of the best password managers. They also give a good overview of the concepts
Free Password Managers Options
Keepass Password Safe is a free password manager and worth looking at. It manages the password for the Windows network logon, your e-mail account, your FTP password, online passwords (like website member accounts), etc. KeePass doesn’t come with built-in browser integration, but you can invoke a global, auto-login keyboard shortcut (Ctrl+Alt+A by default) when KeePass is running in your system tray. There are two versions of KeePass with 2.1 being the best but does require Microsoft Net Framework >2.0. This is definitely worth considering and as its free maybe should be at the top of our choices. It can be used with Dropbox to provide a nice synchronised solution for multiple machines
LastPass is definitely worth considering as its free and supposedly does all that RoboForm does. It works in Firefox, Internet Explorer, Chrome and Safari (Mac) and acts as a password manage for all your web logons. LastPass is gaining recognition as an excellent and secure system. See Lifehackers Guide to mastering password with LastPass
You can import from most major password storage vendors (such as RoboForm, 1Password, KeePass, Password Safe, MyPasswordSafe, Sxipper, TurboPasswords, Passpack, Firefox and Internet Explorer’s built-in password manager) and export too
Your sensitive data is encrypted using 256bit AES locally before upload so even LastPass cannot get access to it. Please see https://lastpass.com/technology.php for more details on our Host Proof Hosting methods that make this safer than you thought possible. Note that encrypted passwords are stored on central servers. Passwords are also encrypted and stored locally on your machine
How to Update your Insecure Passwords and make them Easy to use. Another Lifehacker guide
Paid Password Managers Options
Kaspersky Password Manager provides similar function to Roboform, reviewed below.
Newsletter Article by Phil (easy logon with password to PC, and RoboForm Password Manager)
(Ed Note: some parts and $ updated since the Newsletter)
See also Phils’ presentation in the Computer SIG on Password Managers.
As promised here are a few ideas that will help you avoid internet attacks or loss of identity when using your Windows based PC or laptop whilst connected to the Internet. I hope you find the article which only covers passwords interesting and thought provoking.
There are three main password essentials:
• Have strong passwords for all users of your PC or laptop
• Change these passwords regularly
• Don’t use the same password for different sites.
Let’s start at the beginning and that is by ensuring that you log in to your computer. Too often, when a user’s access is established, no password is entered and the computer is simply allowed to start up without requiring the user to log in. Often this is done to save time but it exposes the Internet connected computer to potentially dangerous hacker activity as a hacker who gains access to your computer does not need to know any password detail before accessing your personal data. This access can involve all your data and the ability to load software onto your PC with a view to trapping keystrokes to access your personal details which can include your banking details, logins and passwords.
You can set up your Windows based computer to automatically start using a predefined user and a predefined password of your choosing each time it is booted. In Windows 7, do the following (if you are using Windows XP or Windows Vista the commands are similar):
Go into Control Panel ->User Accounts and make sure you have allocated a strong password against your User login. Make a note of the User account name and the password. Exit from the Control Panel.
Select ‘Run’ from the Start Menu after left clicking the ‘Start’ button. [If there is no ‘Run’ option, close down the Start Menu, then right click on the ‘Start’ button and click on ‘Properties’. Then under the ‘Start Menu’ tab click ‘Customise’ and then click on ‘Run Command’. Exit these menu and go back to the Start Menu and ensure the ‘Run’ command appears.]
In the dialog box that opens after clicking ‘Run’ from the Start Menu, enter (without the quote marks) ‘control.exe userpasswords2’ and hit your ‘Enter’ key. You should be presented with a ‘User Accounts’ dialog box. Make sure the ‘Users must enter a user name and password to use this computer’ checkbox is empty. Click on ‘Apply’ and a new dialog box opens requiring you to nominate the user and password to be used for automatic log on. Fill in this information and apply the changes.
Your PC or laptop will now automatically log in to the nominated user using the nominated password whenever it is started up. When you change your password you need to repeat these procedure otherwise your PC will continue automatically attempting to log in using the original password.
The strength of your password is important. I can assure you that the use of any word that appears in a dictionary will be cracked by an experienced hacker in a very short time. Click on: https://www.comparitech.com/privacy-security-tools/password-strength-test/ to check the strength of your chosen password.
Microsoft recommends that a strong password should appear to be a random row of characters. It should be at least 14 characters long. Where possible it should include a combination of uppercase and lowercase letters, numbers, punctuation, and symbols. It should not be a well-known quote. However, you have to be able to recall your password and here you need to be a bit more clever. I use the full title of a personal document that I have which includes dates and upper and lower case. You should consider choosing something similar to this but exclude spaces between words and add a few upper case letters and numbers such as might appear in a date.
Ideally you should change your passwords on a regular basis and this means once a month or so, or more often if you suspect your password may have been compromised.
You should have a different password for every Internet site that requires a password for access as you would be crazy to assume that any site will protect your password detail. There are many recorded instances where passwords have been stolen from banks and similar supposedly ‘safe’ sites. Recently millions of Visa Cards had to be cancelled and re-issues globally due to the theft of personal detail from a US clearing house.
So – always use a different password for every different site you use that requires you to log in and change these regularly particularly where you have bought something on-line and that establishment has details of your credit card or banking details.
Now, how do we keep track of our passwords particularly when we are diligent and regularly change them? Some people open us a Word Document and record these details on their computer. Even if this file is password protected itself, it is not really secure and it is a very ‘user-unfriendly’ way to record such detail.
Here’s a suggestion – use a password control and generation program such as ‘RoboForm’. Get the details and try it at no cost.
If you buy this product it will cost you $US9.95 to $39.95 depending on which version is chosen, but it is well worthwhile as you’ll appreciate after looking at the video and other information on the above site. I have purchased the product and fully recommend it. It does much more than securely store your varied password detail – it provides a secure repository for unlimited personal information such as tax file numbers, bank account details, magazine subscriptions etc, generates unique strong passwords of any length (eg qX4@HioSmj#r$j9W81Pr), automatically logs onto your chosen site, and fills out all the detail requested by on-line sites without you having to remember anything other than one master password which is required each session when you use the facility. It remains active for a time you can specify – eg one minute or two hours. It can also work on a USB stick providing identical functionality that can be used on any PC without leaving any traces (extra cost).
I’m sure there are other similar products – I’ve tried others but none go anywhere near matching the functionality of RoboForm. Sounds like an ad, doesn’t it?
If you have any questions on this article, please call Phil
End of Phil’s Article
If you let your computer go into sleep mode as is often the case and wise, you will find that the auto log feature won’t work and you will be required to enter the PC’s password. However in some units it is possible to define what scenarios cause a PC/laptop to sleep, close down and when a log out occur