• Home
  • About Me
  • Disclaimer

The Researching Paralegal

~ Articles and Research for Legal Professionals

The Researching Paralegal

Tag Archives: Passwords

Law Offices Targeted By Hackers.

26 Tuesday Jan 2016

Posted by Celia C. Elwell, RP in Cybersecurity, Disaster Preparedness, Law Office Management, Legal Technology, Passwords, Technology

≈ Comments Off on Law Offices Targeted By Hackers.

Tags

Cybersecurity, Hacking, Karen Conroy, Lawyerist.com©, Passwords

The Lawyers’ Guide to Hacking Threats, by Karen Conroy, Lawyerist.com

http://bit.ly/1POLdz2

International security authorities spent close to two years pursuing a criminal site called Darkode, where hackers could buy and sell malware meant to steal information. On the international site, which could only be accessed with a referral and a password, hackers advertised and sold their homemade software. Criminals who bought it could steal anything from Facebook follower lists to database account passwords.

*        *        *

Law firms are especially tempting to cyber criminals because of the value of the sensitive information stored on their networks. A majority of law firms have experienced some sort of hacking, with law firms that handle government contracts and international business being targeted most often. About 80% of the largest 100 law firms have experienced some sort of violation. . . .

Continue reading →

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

Lawyers Have Ethical Duty To Ensure Password Security.

19 Friday Jun 2015

Posted by Celia C. Elwell, RP in Cybersecurity, Legal Technology, Passwords

≈ Comments Off on Lawyers Have Ethical Duty To Ensure Password Security.

Tags

iPhone J.D., Jeff Richardson, Legal Technology, Password Managers, Passwords

Hackers Are Hacking; You Need A Password Manager, by Jeff Richardson, iPhone J.D.

http://tinyurl.com/ofet7ar

Password security has been in the news again this week, and I’m using this as an opportunity to remind all iPhone J.D. readers — especially all of us attorneys with a duty a protect confidential attorney-client information — that we ought to be using complex, different passwords. . . .

Continue reading →

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

iPriviledge – Is It Legal To Be Forced To Use Your Fingerprint To Unlock Your iPhone?

05 Wednesday Nov 2014

Posted by Celia C. Elwell, RP in Admissibility, Appellate Law, Apple, Cell Phones, Civil Rights, Criminal Law, Evidence, Fifth Amendment, iPad, iPhones, Legal Technology, Passwords

≈ Comments Off on iPriviledge – Is It Legal To Be Forced To Use Your Fingerprint To Unlock Your iPhone?

Tags

Colin Miller, DNA Sample, EvidProf Blog, Fifth Amendment, Fingerprints, iPhone, iPriviledge, Password, Passwords, Touch ID

iPrivilege: Virginia Beach Judge Finds Prosecution Can Force Defendant To Supply Fingerprint To Unlock iPhone, by Evidence ProfBlogger, Editor Colin Miller, EvidProf Blogger

 http://tinyurl.com/lyvlk4o

In relevant part, the Fifth Amendment states that:

“No person…shall be compelled in any criminal case to be a witness against himself….”

The Supreme Court has stated that the Fifth Amendment only covers “testimonial” evidence that results from compelled communicative acts, i.e., acts which disclose the content of one’s mind. Therefore, the Fifth Amendment does not cover a suspect’s act of appearing in a lineup or giving a blood sample to determine whether there are drugs in his system. The Fifth Amendment also does not cover the act of completing a handwriting exemplar. Imagine that the police find an alleged confession note written by the defendant. The prosecution can force the defendant to complete a handwriting exemplar in which the defendant writes a pre-printed paragraph in his handwriting so that a handwriting expert can compare the exemplar and the confession note. All of these and similar acts are not communicative because they are nontestimonial in that they do not force the defendant to disclose the contents of his mind.

What about if the defendant has encrypted files on his computer? Can the prosecution force the defendant to decrypt them? Some courts have said no. Other courts have said yes.

Can the prosecution force a defendant to supply his fingerprint to use for the TouchID on his iPhone? For the last year, I’ve used this article to teach my students that a judge could likely order a defendant to supply his fingerprint to unlock his iPhone. Recently, this possibility has become a reality.

According to an article in SlashGear:

[A] judge has ruled that you can be forced to relinquish your fingerprint to investigators seeking access to your device. The reason, says the judge, is that the fingerprint isn’t knowledge like a password, but is instead a physical object of sorts, like a key or a DNA sample.

The ruling was made recently by Virginia Beach Circuit Court Judge Steven Frucci, and was the result of a case against EMS captain David Baust, who was accused of attempted murder. The case’s prosecutors wanted access to Baust’s phone, believing that it might have a video of the alleged crime, but the defendant’s lawyer argued against this.

And, according to an article in the Huffington Post:

[I]t’s unclear how the ruling will impact Baust’s case. If his phone is protected by Touch ID, prosecutors could access it using Frucci’s ruling. If the phone is protected by a passcode or both a passcode and Touch ID, they can’t . . . .

One workaround to this issue could be to just turn off your phone if cops approach. In that case, you’d have to enter your four-digit pin when you turn it back on, even if you use Touch ID. . . .

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

Want Stronger Passwords? Here’s How.

11 Saturday Oct 2014

Posted by Celia C. Elwell, RP in Legal Technology, Passwords

≈ Comments Off on Want Stronger Passwords? Here’s How.

Tags

Hackers, iCloud, Kerry Davis, Macworld, Passwords, PCWorld, Splashdata

Make Your Passwords Harder To Crack, by Kerry Davis, PCWorld

http://tinyurl.com/ahnpsk4

There’s nothing you can do if hackers get into a database with your password in it, but you can still protect yourself for all the other worst-case scenarios involving hacking. In this video, we go over ways to make your passwords harder to crack. [Video found at PCWorld link.-CCE]

First, don’t make it easy on hackers by choosing a common password. Splashdata uses security breaches to gather ‘most popular passwords’ lists each year. The word ‘password’, number sequences, and other simplistic phrases or numbers fill the top spots. Also, don’t use your name, a password related to another one you might have on a different site, or a login name.

Instead, experts recommend using 15 characters, upper-case letters, better yet nonsensical words with special characters and numbers inside them.

Need help? Check out some free websites, like Strong Password Generator. This Macworld article on security in the iCloud age also has some suggestions on strong password creation.

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

Log In With Your Thumb – Now There’s An App For That.

20 Saturday Sep 2014

Posted by Celia C. Elwell, RP in Apple, Apps, Cybersecurity, iPad, iPhones, Legal Technology, Mac, Passwords

≈ Comments Off on Log In With Your Thumb – Now There’s An App For That.

Tags

1Password app, iOS, iPads, iPhones, Legal Productivity Blog, Logins, Passwords, Safari, Tim Baran

App of the Week: 1Password – Login to Apps and Sites with Your Thumb, by Tim Baran, Legal Productivity Blog

http://tinyurl.com/kw24hjs

Everyone should be using a password manager. It provides a strong, unique password for each online account and keeps them all in a secure, encrypted, yet quickly accessible place. Our favorite, 1Password, just got even better.

Here are three of the many new enhancements:

  • Login to Apps – Use 1Password to log into a growing list of your favorite apps and even update your passwords—all with just a tap!
  • Login to sites in Safari browser on your iPhone – You can now fill 1Password Logins directly within Safari.
  • Unlock with your thumb – After unlocking with your Master Password, get back into your vault in 1Password, Safari, and your favorite apps with just your thumb on devices with Touch ID. Check Settings > Security to learn how this works and pick your auto-lock time.

And, for the first time, 1Password is free for iOS devices.

I’ve used 1Password for a couple of years on my desktop, phone and iPad, and it’s quickly become indispensable. And, it keeps getting better!

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

Apple iCloud’s Two-Step Verification – Why It Didn’t Stop Hackers.

01 Monday Sep 2014

Posted by Celia C. Elwell, RP in Apple, Cell Phones, Clouds, Cybersecurity, Encryption, iPad, iPhones, Legal Technology, Mac

≈ Comments Off on Apple iCloud’s Two-Step Verification – Why It Didn’t Stop Hackers.

Tags

Apple, FireEye, iCloud, iPad, iPhone, Passwords, Two-Step Verification

Apple Says It Is “Actively Investigating” Celeb Photo Hack, by Arik Hesseldahl,

http://tinyurl.com/les3wqe

Apple said Monday it was ‘actively investigating’ the violation of several of its iCloud accounts, in which revealing photos and videos of prominent Hollywood actresses were taken and posted all over the Web.

*     *     *

Security experts said the hacking and theft of revealing pictures from the Apple iCloud accounts of a few celebrities might have been prevented if those affected had enabled two-factor authentication on their accounts.

Apple hasn’t yet said anything definitive about how the attacks were carried out, but security researchers at the security firm FireEye, examined the evidence that has emerged so far, and said it appears to have been a fairly straightforward attack. That said, it is also one that could have been thwarted had some additional steps to secure the targeted accounts been taken.

That additional step is known as two-factor authentication. Apple calls it ‘two-step verification,’ although it doesn’t work very hard to tell people about it, said Darien Kindlund, director of threat research at FireEye.

‘In general Apple has been a little late to the game in offering this kind of protection, and doesn’t advertise it,’ he said. ‘You have to dig through the support articles to find it.’

When enabled, two-factor authentication requires users to enter a numerical code that is sent to their phone or another device, in addition to using their regular password. Since the number constantly changes, it makes it much more difficult for attackers to gain access the account, even if they know the password.

Assuming the compromised accounts were running without the two-step option turned on, it would then have been relatively easy for the attacker to gain access to the accounts.

As The Next Web reported earlier today the attack may be linked to software on GitHub called iBrute that is capable of carrying out automated brute-force attacks against iCloud accounts. In this scenario, an attacker simply guesses a password again and again until they succeed. While tedious and time-consuming for a person, it’s a simple and infinitely faster process for a computer.

The as-yet unknown attacker had one other thing going for him: Apple allows an unlimited number of password guesses. Normally, systems limit the number of times someone can try to log in to a system with an incorrect password before the account is locked down entirely. Apple has since fixed that aspect of the vulnerability.

‘The attackers never should have been allowed to make an unlimited number of guesses,’ Kindlund said. . . . [Emphasis added.]

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

Is It Time For A “Bring Your Own Device” Policy for Your Law Office?

01 Tuesday Jul 2014

Posted by Celia C. Elwell, RP in Android Phones, Apple, Blackberry Phones, Cell Phones, Clouds, Computer Forensics, Confidentiality, Cybersecurity, Disaster Preparedness, Emails, Encryption, Google, Intellectual Property, iPad, iPhones, Law Office Management, Legal Blogs, Legal Ethics, Legal Technology, Mac, Management, Marketing, Passwords, PC Computers, Social Media, Supervising Support Staff, Tablets, Technology, Using Social Media

≈ Comments Off on Is It Time For A “Bring Your Own Device” Policy for Your Law Office?

Tags

Apple, Blackberry Phone, Cell Phones, Confidentiality, Curo Legal Blog, Cybersecurity, iPads, iPhones, Legal Ethics, Mobile Device Policy, Passwords, Tablets, Will Harrelson

Mobile Device Security for Lawyers: How Solos and Small Firms can Ethically Allow Bring Your Own Device, by Will Harrelson, Curo Legal Blog (with hat tip to Jeff Richardson, iPhone J.D. Blog!)

http://tinyurl.com/lrrnp7g

The Start of Bring Your Own Device Policies

It really is the iPhone’s fault. Yes, Apple is to blame for designing the most desirable piece of technology of the last decade. So desirable, in fact, that employees of all stripes requested (and, often, begged) their IT departments to toss the increasingly-‘corporate’ Blackberry out the window and allow the use of their personal iPhones for corporate emails and calls. As a result, we have been living in the age of ‘Bring Your Own Device’ where employees use a single personal mobile phone (or tablet) for both their personal email, texting, and social media while also using it for work email, word processing, and other enterprise applications.

Before the Bring Your Own Device era, a company’s greatest out-of-office security concern was an employee who left a briefcase in a taxi. Today, the worry is an employee misplacing a device the size of wallet containing almost limitless amounts of data that criminals or hackers would easily and quickly exploit if given the chance. Clearly, there is an obvious financial motivation for all businesses to protect their own or customer’s sensitive data.

However, lawyers face particular ethical consequences if they fail to take reasonable efforts to either investigate the technologies that they implement or protect their client’s confidential information. . . .

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

Worst Passwords in 2013.

27 Sunday Apr 2014

Posted by Celia C. Elwell, RP in File Naming Conventions, Law Office Management, Legal Technology, Office Procedures, Passwords

≈ Comments Off on Worst Passwords in 2013.

Tags

Jared Newman, Passwords, PC World, Splashdata, Worst Passwords

 The 25 Worst Passwords Of 2013: ‘Password’ Gets Dethroned, by Jared Newman, PC World

http://bit.ly/1ePbr3c

‘123456’ is finally getting some time in the spotlight as the world’s worst password, after spending years in the shadow of ‘password.’

Security firm Splashdata, which every year compiles a list of the most common stolen passwords, found that ‘123456’ moved into the number one slot in 2013. Previously, ‘password’ had dominated the rankings.

The change in leadership is largely thanks to Adobe, whose major security breach in October affected upwards of 48 million users. A list of passwords from the Adobe breach had ‘123456’ on top, followed by ‘123456789’ and ‘password.’ The magnitude of the breach had a major impact on Splashdata’s results, explaining why ‘photoshop’ and ‘adobe123’ worked their way onto this year’s list.

Fans of ‘password’ could reasonably petition for an asterisk, however, given that the stolen Adobe passwords included close to 100 million test accounts and inactive accounts. Counting those passwords on the list is kind of like setting a home run record during batting practice. Don’t be surprised if “password” regains the throne in 2014. . . .

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

The Mashable Hit List.

13 Sunday Apr 2014

Posted by Celia C. Elwell, RP in Android Phones, Apps, Cell Phones, Clouds, Computer Virus, Disaster Preparedness, Dropbox, Emails, Encryption, Google, Heartbleed, Identity Theft, Law Firm Web Sites, Law Office Management, Legal Blogs, Legal Technology, Malware, Office Procedures, Passwords, PC Computers, Search Enginges, Technology, Using Social Media

≈ Comments Off on The Mashable Hit List.

Tags

Computer Bugs, Computer Fraud, Heartbleed, Identity Theft, Law Office Management, Password Managers, Passwords, Social media, The Mashable Team

The Heartbleed Hit List: The Passwords You Need to Change Right Now, The Mashable Team

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

If you wondered whether any main specific websites are affected, such as Yahoo, this list will help you.  It will also help explain the Heartbleed bug,  and why you should pay attention to what it is. If you want to know whether your specific bank was compromised, this list may not answer all your questions. So, if you’re not sure whether you should change your password, go ahead and do it.

Even better, find a password manager in this list of the best of the best from PC Magazine by Neil J. Rubenking — http://www.pcmag.com/article2/0,2817,2407168,00.asp. If you use one password for more than one website — and lots of people do — this is a good solution and a wise move regardless of the Heartbleed bug. -CCE

 

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

More on Heartbleed.

12 Saturday Apr 2014

Posted by Celia C. Elwell, RP in Android Phones, Apple, Apps, Cell Phones, Chrome, Clouds, Heartbleed, Malware

≈ Comments Off on More on Heartbleed.

Tags

Computer Virus, Computers, Divorce Discourse, Hackers, Heartbleed, Lee Rosen, Malware, Passwords

Heartbleed Security Flaw Got You Worried? Good., by Lee Rosen, Divorce Discourse

http://www.divorcediscourse.com/heartblead-security-flaw-worried-good/

If I haven’t gotten your attention yet, more on Heartbleed. -CCE

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

The Heartbleed Bug – What Is It And What To Do About It.

12 Saturday Apr 2014

Posted by Celia C. Elwell, RP in Android Phones, Apps, Cell Phones, Chrome, Clouds, Computer Virus, Legal Technology, Malware

≈ Comments Off on The Heartbleed Bug – What Is It And What To Do About It.

Tags

Computer Security, Fraud Alert, Hackers, Heartbeat Bug, Identity Theft, Passwords, PC Magazine, PCMag, Scammers

Heartbleed: The Complete Rundown, by PCMag Staff http://tinyurl.com/muscrx5 The Heartbeat Bug was THE news this week.  Knowing that it is here, and cannot be avoided is one thing.  Knowing about to do about it is critical. Change your passwords, especially to to online banking, e-mail, apps, and other things we’ve taken for granted. -CCE

The Heartbleed bug is the big news in tech this week, an exploit that has been in the wild since 2012 and has left countless Internet users open to scammers. PCMag and the SecurityWatch team have been keeping tabs on all the news, so check out our coverage below, and check back for updates. . . .

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

Stolen Passwords – Is It Too Late?

07 Saturday Dec 2013

Posted by Celia C. Elwell, RP in Adobe Acrobat, Passwords, Search Enginges, Using Social Media

≈ Comments Off on Stolen Passwords – Is It Too Late?

Tags

Adobe Acrobat, Larry Seltzer, Password Managers, Passwords, ZDNet Blog

How to find out if your password has been stolen, by Larry Seltzer for Zero Day, ZDNet Blog

http://tinyurl.com/qcgnlzx 

There are many public databases of breached accounts, the largest breach being that of Adobe.com, but no way to search across all of them. Until now.

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...

App to Secure Your Logins, Documents, and Pictures

19 Saturday Oct 2013

Posted by Celia C. Elwell, RP in Android Phones, Apps, iPad, iPhones, Legal Technology, Passwords, Tablets

≈ Comments Off on App to Secure Your Logins, Documents, and Pictures

Tags

Android, Apps, iPads, iPhones, Logins, Passwords, Security

App Of The Week: OneSafe Password Manager – Secure Your Logins, Documents And Pictures, by Tim Baran, Legal Productivity
http://bit.ly/16ncoLv

Share this:

  • Print
  • Tweet
  • Email
  • Share on Tumblr
  • Pocket
  • More
  • Telegram

Like this:

Like Loading...
Follow The Researching Paralegal on WordPress.com

Enter your email address to follow this blog and receive notifications of new posts by email.

Search

Sign In/Register

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.com

Categories

Archives

  • March 2022
  • January 2022
  • November 2021
  • October 2021
  • January 2021
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • June 2020
  • May 2020
  • April 2020
  • January 2020
  • December 2019
  • October 2019
  • August 2019
  • July 2019
  • May 2019
  • March 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013

Recent Comments

Eric Voigt on Top 20 Paralegal Blogs, Websit…
profvoigt on Research Guides in Focus – Mun…
Make Your PDF Docume… on Make Your PDF Document Edit-Pr…
madlaw291282999 on Using Hyperbole -Are You Riski…
How to Treat Bad Cli… on Why Do Bad Clients Deserve The…

Recent Comments

Eric Voigt on Top 20 Paralegal Blogs, Websit…
profvoigt on Research Guides in Focus – Mun…
Make Your PDF Docume… on Make Your PDF Document Edit-Pr…
madlaw291282999 on Using Hyperbole -Are You Riski…
How to Treat Bad Cli… on Why Do Bad Clients Deserve The…
  • RSS - Posts
  • RSS - Comments

Blog at WordPress.com.

  • Follow Following
    • The Researching Paralegal
    • Join 454 other followers
    • Already have a WordPress.com account? Log in now.
    • The Researching Paralegal
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...
 

You must be logged in to post a comment.

    %d bloggers like this: