surfing the web securely and security your website

1. How to tell if a new web site is secure before you visit it for the first time.

2. How to enter your passwords and reduce your chances of being hacked.

3. The correct way of storing your passwords.

4. How to select good passwords (and avoid creating bad ones)

5. How to tell if an ecommerce web site is secure before entering your credit card information into its shopping cart.

6. News for your webmaster: How to tell if YOUR web site is hackable or unsecure…and what to do about it…

Bruce ChamoffHot Web Ideas…HotWebIdeas.Net(516) 263-9529Internet Marketing / Web Site Security/ Blog & Video Podcast Marketing

Web Surfing Security Facts (Google)

Bruce Chamoff HotWebIdeas.Net (516) 263-9529Website Security/ Blog Marketing / Video Podcast Marketing

Web Surfing Security Facts (Firefox)

Do you surf the web with Firefox (Safari) or Internet Explorer?


Entering Passwords Keyloggers from anywhere in the world can see what you are typing!

Pretty scary.

Keyloggers are hacking programs that report over the internet what you are typing into your computer which include: Login information

Your emails

Your chats (Facebook, AIM, Yahoo, Gmail, etc)

How do you protect yourself and your valuable information? Write your emails in MS Outlook if possible

How to Enter Your Passwords1. Store your passwords using one of the Microsoft Office Products:

a) Word, Excel, One Note

2. Enter all your login information into one document:a) Web site address, Username, Password

3. Password-Protect that document with one password. This makes it possible for you to remember only ONE password. You can password –protect MS Word, MS Excel, and MS One Note.

4. When logging into the web site, copy the login information from your password protected document and paste it into the login form on the web site. Do this especially for Facebook!

5. Bookmark all your favorite web sites and use the bookmark to visit the site. Do not type in the web address into your browser.


Bad/Weak Password IdeasCommon unsecure schemes for passwords:

Our Names Children Names Social Security #

Ordinary English Words

Favorite Sports Team Job Name

Business Name The word “Password” Consecutive Numbers

• Hackers can detect these passwords using the “dictionary attack”, which is any word in the dictionary.

• If you are using any of these password schemes, change your password immediately.


Good & Stronger Passwords Can you remember a password like

81jo23pKVcWy5t4RqMzm?

Ideas for creating a good password:

Use a password that contains the initials of the following:Your favorite movie or book:Like Sw3RoTs

Misc:Lz1Tw2+d5

Your favorite proverb:like ArSgnM or dOoaywhTdOY

What other phase types can you think of?


Good Passwords (continued)1. Method for creating a memorable, but complex password:

a) Start with the initials of your favorite phrase, saying, movie title, book title.

b) Mix the case (upper and lower)

c) Add at least 2 numbers to it. The numbers should not be consecutive

d) Substitute symbols and numerals for some letters

Substitute + for T Substitute 3 for E Substitute 1 for I

Substitute 5 for S Substitute 0 for O Substitute 8 for H

Substitute 6 for G Substitute 3 for E Substitute $ for S

Substitute @ for 0 Substitute & for G Substitute % for X

Substitute & for G


How to Tell if an Ecommerce website is Secure Before You Enter Your Credit Card Information1. Look for the Padlock symbol in your web browser and the https in

the web address:

a) "If a website is using secure technology, its web address begins with https and a tiny locked padlock appears at the bottom right of the screen," the website states. According to Econsumer.gov, credit cards are the easiest and safest way to pay online because the shoppers' liability is limited.


http://www.essortment.com/articles/website-lock-symbol_6152.htm

How to Tell if an Ecommerce website is Secure Before You Enter Your Credit Card Information


Is Your Website Secure?1. Hackers always try to break into your web site. There are millions of

hackers hacking millions of sites.

2. Ways hackers will break into your web site:a) SQL Injection – If you have an ecommerce site with a database, hackers can run commands

to bring down your web site including your products, your orders, your customer information.

b) Cross Site Scripting Attack

c) If your web site has a lot of PDF files on it, your web site can and will eventually be hacked. Remove the PDF files if possible. Use regular web pages instead.

d) If your web site has a domain other than .com, .net, .org, .mil, .gov. Usually .tv, .us, and other foreign country domain names can get hacked more often because hackers realize that there are not strong web servers with these.

e) Weak FTP passwords through web site forms. Ask your webmaster if you have a strong FTP password. Otherwise hackers can use what is called the Brute Force attack meaning that they will break into your web site, delete all of your files, and bring your web site down.

f) Weak URLs – Your web address can reveal all your valuable and important files to a hacker.

Is Your Website Secure?1. Hot Web Ideas has a service where we analyze your entire web site

and try to hack it (with no damage), then give you a report that you can give to your webmaster to make the fixes and changes on your web site.

2. We then give you a simple written report that you can give to your webmaster that will tell you if your web site can be hacked and what areas.

3. The report will contain ways to fix the weak security on your web site.


Web Surfing Summary/Checklist1) Change your passwords to more secure passwords.

2) Store your login information on a password-protected document like MS Word, MS One Note, or MS Excel

3) Remember to copy and paste your login information and do not type it in.

4) Bookmark your favorite web sites and use the bookmarks to visit them. Try to avoid typing them into your web browser.

5) Check for the padlock on all ecommerce web sites before entering your credit card billing information.

6) Call Hot Web Ideas if you would like to arrange to have your web site analyzed for security.
