<![CDATA[Consumerist: online security]]> http://cache.gawker.com/assets/base/img/thumbs140x140/consumerist.com.png <![CDATA[Consumerist: online security]]> http://consumerist.com/tag/online security http://consumerist.com/tag/online security <![CDATA[ Add Super-Protection To Your Logins With $5 Security Key ]]> con_paypalsecuritykey.jpg If you have a PayPal or eBay account, or use OpenID to login to participating sites, then for $5 you can add a second layer of security that is virtually impossible to break unless the thief physically locates you and steals a little plastic device. The PayPal Security Key is a small, keychain-ready fob with a unique ID that's tied to your account. It generates a new six-digit code very 30 seconds, which you have to enter whenever you log in. The down side is you have to have your security key with you in order to read the code. But the benefits are huge: you basically have a 2nd password that changes 2,880 times every day—and that isn't available anywhere online.

PayPal is selling the security keys directly, although they're made and maintained by Verisign. According to this technology blog, the keys "will work with many banks in the future," but Verisign makes no mention of this anywhere on its site. However, if you have begun to use an OpenID on sites like Basecamp, Zooomr, LiveJournal, Technorati, and hundreds of others, then you can create an OpenID account through Verisign and use the security key with OpenID.

If you lose the security key, PayPal says there are ways to verify your account in order to regain access, but they don't provide details on their website. So, uh, don't lose it.

[Update: Ben says if you lose your security key, you can regain access to your account by answering a few additional security questions.]

PayPal Security Key [PayPal]
"PayPal's New Security Key Opens a World of Possibilities" [CaveMonkey50]

RELATED
Entry on OpenID [Wikipedia]
Verisign Identity Protection Token [Verisign]

]]> Consumerist-311886 Wed, 17 Oct 2007 11:38:22 EDT Chris Walters http://consumerist.com/index.php?op=postcommentfeed&postId=311886&view=rss&microfeed=true <![CDATA[ Protect Yourself From Badware ]]> con_themangoesallshiningjpg.jpg Stopbadware.org has just released its "Trends in Badware 2007" report, a free overview of all the ways you and your computer can be slipped digital roofies while you're online looking at LOLpornography and doing your banking through Twitter. It's written in a deliberately non-technical style, so if you're put-off or intimidated by the Slashdot crowd, this is a great way to educate yourself or a naive loved one about the dangers of drive-by downloads, website hacking, and so on.

The report isn't the prettiest or most exciting thing to read, and the section on how to spot a fake MySpace profile is hilarious. (Wait, you mean I'm not friends with all these sexy ladies?) But it's worth a read just to bring yourself up-to-speed on the current state of the art in badware.

Their closing advice is fairly obvious: install anti-virus software, keep your operating system up to date, and stay educated. We also suggest Ad-Aware 2007, a free program that helps monitor your Windows PC for unwanted programs, and AdBlock Plus, a free cross-platform Firefox add-on that lets you block specific third-party feeds from pages you visit.

"Trends in Badware 2007" (pdf) [stopbadware.org]
"'Trends in Badware 2007' released" [stopbadware.org]

RELATED
Ad-Aware 2007 [Lavasoft]
AdBlock Plus [Mozilla.org]
(Photo: Getty)

]]> Consumerist-308212 Mon, 08 Oct 2007 11:54:19 EDT Chris Walters http://consumerist.com/index.php?op=postcommentfeed&postId=308212&view=rss&microfeed=true