Photo Credit: Miodrag Gajic

This system allows you to solve definitely one of the greatest problem of the digital era: the high number of accounts (and as a consequence usernames and passwords), that we are always forced to remember in order to enter in every online service as, for instance, banking, blogs, online tickets and so on…

In order to put a light on the matter I’m dealing with, I want to specify that I’m not only speaking about accounts memorization whenever we digit our access password, but I am referring also to the possibility of visualizing, when requested, our reserved area web sites complete list with the same usernames and passwords we used in our last access.

Set Firefox in order to remember all passwords

If you want to use this function (that I consider quite fundamental) set Firefox as follows:

1. Open the preferences window in Instruments>Options

1. Click on Safety

1. In password form verify that the option remember all sites passwords is selected. This way Firefox will remember for you any username and password.

How to visualize all used usernames and passwords list

At this very moment we can visualize our list always by using our front mask (Tools>Options>Safety) doing a click on the Show my password button. You’ll notice then that Firefox is somehow “shy”: in fact, in that list there are all reserved areas addresses and all usernames, but no passwords! So you must click once more on the button Show my password and after the nth confirmation, here you have your list:

• url

• username

• password

referring to the last accesses. Anyway, pay attention that some wrong passwords will be shown: they appear but they don’t work anymore. I suggest you to delete them from your list as you meet them.

And what about privacy?

The first time I opened the front mask I made the same question. Of course, we can use our pc access password as protection, but showing all our remote banking accesses is absolutely out of any protection.

In order to solve this trouble you can use….try to guess….!! The main password! That is to say: go to Instruments>Options>Safety and then set the main password you will be asked every time you’ll start surfing the net, in order to authorize the access function in all passwords control.

The most common way of phishing is sending an email which invites the user to update his/her own credit card information or other due to various, and clearly false, reasons.

The link the user should click really looks very similar to the one of the actual service supplier, but the real destination is another and the provided information is drawn by unknown people with fraudulent purposes. Media often give the alarm, but never make available to users the few and easy pieces of information to defend oneself from this kind of swindles. To protect oneself against phising is extremely simple.

When the cheat takes place

Phishing does not happen when user clicks on the suggested link, but only when he/she enters personal data in the link destination page. It’s therefore sufficient to check with attention the page address in order to understand whether we are dealing with phishing or not (even if, for non-expert users, it would be better never to click on links of unclear nature).

Page source

Once in the page containing the form for data entering, watch the extended address of the page itself. In particular, examine the domain, which is the part between ‘http:// ‘ and what comes after the next “/”. In the example the domain is displayed in blue: http://cldp.co.kr/ws/redirected.to.paypal.com/cgi-bin/web-run/Paypal.dll It’s a tiny string which reveals whether the page is authentic or not.

Second level domain

The domain is unmistakably made up of words separated by dots. Well, the first two domain words starting from the right identify the actual page source (the so-called second level domain). The actual address source in our example is highlighted in red: http://cldp.co.kr/ws/redirected.to.paypal.com/cgi-bin/web-run/Paypal.dll Even if the creators of the page in our example have made their best to spread the word Paypal in many positions of the address, it is clear, on the basis of what was explained, that the page, no matter how much similar to those of Paypal, is fake.

Phishing, the most skillful ones.

As regards the domain, (in our example cldp.co.kr) the part in red is the identifier, registered to a registar, while the one in blue (what comes before the second level domain) can be set by phising authors as they like. It is then possible that in the domain also appears the name of the company whose users are the target of the cheat, but this can appear only in the blue part of the domain. So, even if our page address was: http://Paypal.co.kr/ws/redirected.to.paypal.com/cgi-bin/web-run/Paypal.dll This address would NOT belong to Paypal because the second level domain is not the correct one. In fact the real second level domain name of Paypal have to be paypal.com and not co.kr

Photo Credit: Mickdam

So, I’ll try to explain in the easiest way possible and with simple words, some few concepts in order to help you protecting your ADSL wireless connection and preventing unknown people from connecting and entering in your personal data.

Let’s start with a very simple thing: an 802.11g wifi router range is 100 meters. That is to say that your wifi router in our sitting-room is sending a signal reachable even from the road.

What shall we protect in a wireless ADSL connection?

It could sound a silly question, but in the effectiveness it is not: an open and unsafe wifi connection means two different risks:

1. An ADSL connection unauthorized use
2. A data wiretapping between your PC and your modem or router

In the first case the risk you run is that someone, in 100 meters range, can connect to your PC with his, then surfing free! The consequence will be that you will pay all his operations and connections! And in case his ADSL use is illegal that will cause you countless troubles too!

In the second case, instead, the risk you are running is that someone very close to you (maybe even a neighbor), is able to catch all data sent by your wifi router to your pc meanwhile you are surfing the net. So, try to imagine how many risks you run whenever you enter any personal data as for instance credit cards numbers, remote banking account, and so on.

So, there are two levels protection for a wireless network:

1. Preventing anyone from surfing the net using your wireless router;
2. Preventing anyone from wire-tapping your net surfing data (as cryptate with a password your connection).

You can either use one or both protections.

How to prevent anyone to use our wireless ADSL

The easiest and really working way to prevent anyone from using our wireless modem is to arrange our modem in order that it can recognize all connection authorized PCs, accepting to connect to these ones only.

For this use we can set an identification code for any PC (or any device as well) which is authorized to a MAC Address connection: we can consider MAC Address as a sort of plate that identifies the net adapter used by our Pc for an internet connection. In few words: a PC can have a cable and a wifi card internet connection, so in this case our PC will have two different MAC addresses, one is for ehernet (cable connection) and the other is for the wireless connection.

Of course, we should consider the wireless card MAC Address only.

How to get MAC Address

Usually you can find Mac Addresses written on notebooks labels, in your laptop lower position. Whenever it is absent, you can follow this guide.

How to cryptate Wifi connection

Another shrewdness is the audio signal cryptation, coming from your router and using a password. Cryptation techniques are usually identified in WEP and WPA abbreviations. The system is a very simple one: the router is configured by a password crypting the signal. Only the computers with access to that password can:

• Connect to the router

• Surf the net thanks to that connection

Of course cryptation solves the first trouble as well, as without password you can’t connect. But, for a reliable protection you should use both methods as:

• You can force a MAC Address on your PC (entering as if you were authorized and so skirting MAC filter)

• It is possible to hack the password of wi-fi signal (and then you can surf undisturbed using a wifi ADSL of anyone).

You can then even expand the protection subject about wireless connections on your own , but if you do what just listed here above you have the guarantee of a good level safety even at home.

Video Guide To Home Wireless Security