Brendan’s Blog

Once upon a time I frequently reused passwords. So if you knew my dogs name, or what kind of car I drove, you could easily have pretended to be me with just a little extra work. This is obviously a very bad idea, but I’m sure many people struggle with managing passwords for web sites and computer systems you access on a regular basis.

Passwords are keys to your identity.  If a malicious person were to figure out your email password, what harm could they cause?  Could they quickly gather the names and contact information for your friends and family?  Could they figure out where you bank?  Could they reset your bank password by telling your bank that your password was forgotten?

A researcher who examined 10,000 Hotmail, MSN and Live.com passwords that were recently exposed online has published an analysis of the list and found that “123456″ was the most commonly used password, appearing 64 times.
- Wired Magazine

Here are my tips for choosing the best passwords:

• Use different passwords for every site/application.  Do not reuse them.
• Change passwords frequently.  The more you use a password, the more you should change it.
• Keep your passwords secret.  Guard them as if they were keys to your identity — they usually are.
• Consider using a random password generator.
• Consider using passphrases (e.g. Myhouseismadeofwoodandhasyellowsiding!)
• Consider using acronyms (e.g. Mhimowahys!)
• Do not use words, birthdays, family and pet names, addresses, or any other personal information in your passwords.
• Do not use repeat characters such as 111 or sequences like abc, qwerty, or 123 in any part of your password.

I strongly recommend using a password managment tool for three important reasons.

1. Tools remember many passwords so you don’t have to.
2. Tools can type passwords for you.  This makes strong passwords easy to use.
3. Tools can create strong passwords which are complex, unique, and random.

I have previously blogged about software based password managers PasswordSafe and KeePass.  Both remain excellent ways to manage your passwords.  I have now begun using a new online password manager services called LastPass.  Why change?  The primary reason is that I can now access my password database from my iPhone.  Otherwise, KeyPass is great!

LastPass is an online service that stores your password data both on your PC and “in the cloud” so that you don’t need to carry it with you.  Remote storage means you can access your accounts from anywhere you have an Internet connection.  LastPass addresses privacy concerns by only storing data in encrypted form (256-bit AES).  They don’t have your encryption key, and the encryption / decryption is all done on your PC.   As a result, LastPass cannot actually read any of the data they store for you.  You can read the technical details here.  You can also save a copy of your encrypted password database on a USB memory key, and use standalone LastPass software to access it.

For the ultra-paranoid among us, LastPass supports multi-factor-authentication mechanisms.  Requiring a combination of something you know (a master password) with something you have (like a YubiKey) to access your data makes it very safe.

One of the unique features of LastPass is the ability to use a PDA to store your password database.  LastPass has mobile versions for iPhone, Blackberry, Android, and other mobile platforms.  I use the iPhone version which updates my local copy every time I start the software (if an Internet connection is available.)  Now I don’t even need a PC to find a password!

LastPass has an assortment of YouTube videos that explain how their solution works, and tips for using it effectively.  I recommend you watch a few of these videos before getting started.

I was able to quickly import my existing password database from KeyPass to LastPass.   Unfortunately the two tools use different methods to auto-type your credentials, so I did need to adjust some of my entries once they were imported.

I am a mobile worker.  During a typical workday I am either working from home, visiting customers, or a combination of both.  As a result, I am a heavy telephone user and rack up lots of usage for both my home office line landline and my cell phone.  My combined cell phone and home office phone usage averages between 3000 and 4000 minutes, which is nearly 2 hours per workday as an average.

Several months ago I began using RingCentral.com as my home office phone provider.  RingCentral provides much more flexibility than my local telephone company (Verizon.)  Outbound calls via RingCentral use VOIP technology, which requries a fast Internet data connection.  Luckily I have Verizon’s FIOS service for Internet access which is very speedy.  (Note: you can check the suitability of your Internet connection for VOIP at this test page.)

This is the RingCentral package I chose.  The “1-line” designation essentially means that I have one outbound phone line.

RingCentral Office  1-Line
Unlimited calling and faxing
$49.99/month

RingCentral Office delivers everything you need for your small office phone system, with dedicated phone lines and integrated Internet fax.
With “Plug & Ring” simplicity, it delivers a virtual PBX, VoIP phone service with unlimited local calling and faxing with voicemail, auto-receptionist, call forwarding and more. 

• Unlimited calling and faxing for one user (US and Canada)
• Local direct dial number
• Toll-free or local main company number
• Dedicated fax number
• 10 Extensions

Outbound Calls

My home office line is used for both inbound and outbound calls.  I spend lots of time on long conference calls.  The RingCentral plan I chose provides unlimited calls within the US at no additional charge.  I use an Analog Telephone Adapter (ATA) to connect my standard telephones to RingCentral.  You can either use an ATA provided by RingCentral or bring your own.  RingCentral’s configuration “wizards” made the configuration of the ATA easy and painless.  Alternatively you could buy a VOIP phone that connects via Ethernet instead of using traditional phones.

Number Portability & New Numbers

One of my most important considerations was the ability to transfer my existing phone number to RingCentral.  They make the process easy, and it took only a couple weeks.  My Verizon home office telephone number was ported to RingCentral as my “main number”.  I also ported a toll-free number I had previously used with uReach.com as a secondary toll-free number.  During the porting process, I simply forwarded my current phone service to “temporary” numbers assigned by RingCentral.

You don’t have to port existing numbers, RingCentral also lets you pick new phone numbers in almost any city/state.  Extra phone numbers cost a modest $5 a month.

Caller ID

RingCentral allows you to customize your outbound calls to show any phone number you either forward to RingCentral, or have assigned to you through the RingCentral service.  You can also specify the Caller-ID name you want to show up on other people’s Caller-ID units.  This helps keep your outward appearances consistent and professional.  Additionally, RingCentral provides a mobile application for many PDAs that allows you to make calls from your mobile device using yourRingCentral service.  This allows me to make calls from my cell phone that show my office CallerID instead of my mobile phone’s CallerID.

Fax Service

RingCentral assigned a dedicated inbound fax number when I created my account.  I picked an area code & prefix local to my geography.  Inbound faxes are delivered via email for display and printing.  Outbound faxes can be sent by using software installed on your PC, or by uploading files (e.g. pdf, doc, etc.) to the RingCentral web site for transmission.

Answering Rules

One of the best features of RingCentral is the ability to customize how inbound calls are processed.  The options provided are very flexible.  You can choose to have an automated attendant answer calls and present a menu of options.  You can also choose to have calls ring a multiple telephones either in sequence our simultaneously.  My home office phone rings first for two rings, and then begins ringing my cell phone.  I can answer at either, and the caller doesn’t know the difference.  Additional rules can be created based on the caller.  If my family calls, both my work and personal cell phones will ring.