{"id":85904,"date":"2019-01-30T06:30:39","date_gmt":"2019-01-30T14:30:39","guid":{"rendered":"https:\/\/brookstradingcourse.com\/?p=85904"},"modified":"2020-05-29T10:09:19","modified_gmt":"2020-05-29T17:09:19","slug":"website-security-information","status":"publish","type":"post","link":"https:\/\/www.brookstradingcourse.com\/pt-br\/announcements\/website-security-information\/","title":{"rendered":"Website security information"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">The issue with website security<\/h2>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"198\" src=\"https:\/\/www.brookstradingcourse.com\/wp-content\/uploads\/2019\/01\/PC-password-hacker.jpg\" alt=\"\" class=\"wp-image-86300\" title=\"\"><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\"> As the Internet gets more embedded in our lives, it is important to realize that there are bad people wanting to steal anything they can. Others simply enjoy causing problems for website owners and their visitors. These hackers have stolen information from hundreds of millions of people worldwide. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"> Thieves use powerful computers and programs called bots (short for \u201cInternet robot\u201d). The easiest entry point for the bots is the log in page. They systematically create and test millions of possible usernames and passwords, hoping to gain access to your information. As they become more sophisticated, website owners and visitors must increase their security. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"> To keep the Brooks Trading Course site secure, we are tightening the password requirements. Other common alternatives (like sending an authorization code to your phone) are unnecessarily burdensome for you. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Logging in<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Main menu log in<\/h3>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.brookstradingcourse.com\/wp-content\/uploads\/2019\/01\/brooks-trading-course-login.png\" alt=\"\" class=\"wp-image-86266\" width=\"250\" height=\"162\" title=\"\" srcset=\"https:\/\/www.brookstradingcourse.com\/wp-content\/uploads\/2019\/01\/brooks-trading-course-login.png 320w, https:\/\/www.brookstradingcourse.com\/wp-content\/uploads\/2019\/01\/brooks-trading-course-login-300x194.png 300w\" sizes=\"auto, (max-width: 250px) 100vw, 250px\" \/><figcaption>Website Main Menu Log In\/Log out<\/figcaption><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">As you can see above, members <strong>log in through the main menu<\/strong>. After logging in, the phrase Log In toggles to Log Out, as in the picture. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">There is no need to log out if you intend to return using the same device (PC\/phone\/tablet). The system will remember you for 14 days, after which time it will ask you to log in again. Or, if you do not visit site for 3 days (72 hours), you are logged out. When you next visit, the system will prompt you to log back in. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Important<\/strong>: If you do not log out and then try to access site via another device, you may get blocked. The system limits the number of concurrent logged in sessions. This is to prevent the use of stolen or shared passwords.  <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The system will allow you to be logged in to 2 devices at any one time. This allows a trader to access site from, for example, a desktop and a mobile device at the same time. If you log in from a third device, the system will expire an earlier session. We will phase this feature in by end March 2019. <\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Backdoor log in<\/h3>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft\"><img loading=\"lazy\" decoding=\"async\" width=\"250\" height=\"235\" src=\"https:\/\/www.brookstradingcourse.com\/wp-content\/uploads\/2019\/01\/wordpress-login-screen.png\" alt=\"\" class=\"wp-image-86268\" title=\"\"><figcaption>WordPress Backdoor Login<br><\/figcaption><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Many of you may be familiar with the standard WordPress log in form (Backdoor Login). This is also where hackers and automated bots attempt to break into a WordPress site. Al is therefore eliminating this backdoor page. You will only be able to log in through main menu. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you try to log in via the backdoor, you will get a \u201c404 page not found\u201d error message. Simply log in from the top menu on any page of the website. <br><\/p>\n\n\n\n<div class=\"clear\"> <\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Passwords<\/h2>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"192\" src=\"https:\/\/www.brookstradingcourse.com\/wp-content\/uploads\/2019\/01\/pc-keyboard-password.jpg\" alt=\"PC keyboard password\" class=\"wp-image-86305\" title=\"\"><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">The need for passwords is one of the most annoying aspects of online life. Unfortunately, hackers know that, and they take advantage of our natural preference for easy to remember passwords. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">See the list of the 100 most common passwords at bottom. Some of you are probably using something similar. It is important to realize that the hacking bots have lists with millions of common passwords. Please do not make it easy for them to steal your information. <\/p>\n\n\n\n<h3 class=\"wp-block-heading\">My strong 8 character password is okay, right?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Wrong. A hacker\u2019s computer can quickly test every possible combination of 8 characters. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Don\u2019t ever assume that special characters are enough. For example, !@#$%^&amp;* is #20 in the list below. Anything that is easy to remember is easy for the robots to find. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Here is an excellent up-to-date article from IBM on why 8 character passwords are no longer safe: <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a rel=\"noreferrer noopener\" aria-label=\"The Inconvenient Truth About Your Eight-Character Password (opens in a new tab)\" href=\"https:\/\/www.securityintelligence.com\/the-inconvenient-truth-about-your-eight-character-password\/\" target=\"_blank\">The Inconvenient Truth About Your Eight-Character Password<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Password length is more important than complexity. Even if you use password generating software to create a complex password, that is not enough. The hackers use supercomputers that can quickly discover a short password. <\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Conclusion?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"> Unlike a bank\u2019s site, this site does not hold critical personal financial information. It is therefore not being attacked by the most powerful hacking bots. But, Al now requires&nbsp;<strong>a minimum of 12 characters. Ideally you would use MORE than 12 characters<\/strong>. Al and I have passwords with many more than 12 characters. Please use randomized characters and not easy to remember letters or numbers. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Also, many people use the same passwords on all their websites. This is dangerous. Once a hacker discovers your password for one site, he can then try logging into every major financial institution with that information, hoping to find one where you have accounts that he can steal. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Password managers<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">You should&nbsp;<strong>use a password manager<\/strong>&nbsp;to create a unique strong, long password for every site that you access on the Internet. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Here are three reputable choices. All include a strong password generation tool that automatically creates and saves passwords for you. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Typically, you create one master password that lets you open your password manager software. Once on, it automatically enters your user name and password for any site that you saved. This is the easiest, safest way to have different passwords for each site. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.lastpass.com\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Lastpass password generator and website (opens in a new tab)\">Lastpass password generator and website<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/1password.com\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"1Password password manager (opens in a new tab)\">1Password password manager<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.roboform.com\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Roboform password manager (opens in a new tab)\">Roboform password manager<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In addition, here is a review of password managers: <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a rel=\"noreferrer noopener\" aria-label=\"Review of 10 best password managers - CNET (opens in a new tab)\" href=\"https:\/\/www.cnet.com\/news\/the-best-password-managers-directory\/\" target=\"_blank\">The best password managers &#8211; CNET.com<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you do not want to use a password manager, here\u2019s a good reference for how to create a strong password. It includes tips for those who want to make up their own <em>memorable<\/em> passwords. But, generating and storing passwords in a free password manager is a better choice. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a rel=\"noreferrer noopener\" aria-label=\"How to create a strong password and remember it (opens in a new tab)\" href=\"https:\/\/www.howtogeek.com\/195430\/how-to-create-a-strong-password-and-remember-it\/\" target=\"_blank\">How to create a strong password and remember it<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Please remember that a long, complex password is not good enough. If you store it on your computer or phone, you also need to be sure that these are secure as well. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Hacked email addresses and passwords<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">There are websites where you can check to see if your email addresses and passwords have ever been hacked. If you do find your email address has been hacked, simply change your password to a strong one. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">I had this experience last year after a local online bookshop went offline and was hacked. I received a ransomware scam email telling me all sorts of terrible, but fictitious, things they were going to share online if I didn\u2019t send them money. For proof, they supplied the password I had used on the bookseller\u2019s website. But I was not worried because I only used that password for this site alone, and I used an alias email address. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Have I been &#8220;pwned&#8221; (email or password hacked)?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">To see if your <strong>email address<\/strong> has been compromised in a data breach, just click on this link and enter your address:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a rel=\"noreferrer noopener\" aria-label=\"&#039;;--have i been pwned? (opens in a new tab)\" href=\"https:\/\/haveibeenpwned.com\/\" target=\"_blank\">&#8216;;&#8211;have i been pwned?<\/a> <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">To see if any of your <strong>passwords<\/strong> are among the 550 million passwords stolen in data breaches, click on this link and enter your password:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a rel=\"noreferrer noopener\" aria-label=\"Pwned passwords (opens in a new tab)\" href=\"https:\/\/haveibeenpwned.com\/passwords\" target=\"_blank\">Pwned passwords<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Top 100 bad passwords for 2018<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">For your review, and hopefully entertainment, here are the top 100 bad passwords from a reliable research source. Review to see how many of you are using any of these, or similar passwords. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">100 biteme<br>99 1992<br>98 london<br>97 soccer<br>99 1992<br>98 london<br>97 soccer<br>96 william<br>95 querty<br>94 liverpool<br>93 pussy<br>92 admin123<br>91 whatever<br>90 dallas<br>89 hockey<br>88 test<br>87 zaq1zaq1<br>86 1q2w3e<br>85 aaaaaa<br>84 killer<br>83 bandit<br>82 ashley<br>81 cookie<br>80 merlin<br>79 trustno1<br>78 1991<br>77 ranger<br>76 chelsea<br>75 banana<br>74 jennifer<br>73 1990<br>72 amanda<br>71 1989<br>70 hunter<br>69 nicole<br>68 hello<br>67 maverick<br>66 blahblah<br>65 mercedes<br>64 corvette<br>63 computer<br>62 cheese<br>61 ferrari<br>60 starwars<br>59 1qaz2wsx<br>58 andrea<br>57 lakers<br>56 andrew<br>55 12341234<br>54 matthew<br>53 robert<br>52 1234<br>51 sophie<br>50 pepper<br>49 joshua<br>48 tigger<br>47 55555<br>46 jordan<br>45 solo<br>44 abcdef<br>43 letmein<br>42 ginger<br>41 jessica<br>40 222222<br>39 harley<br>38 george<br>37 summer<br>36 thomas<br>35 hannah<br>34 daniel<br>33 buster<br>32 baseball<br>31 passw0rd<br>30 shadow<br>29 freedom<br>28 bailey<br>27 121212<br>26 zxcvbnm<br>25 qwerty123<br>24 password1<br>23 donald<br>22 aa123456<br>21 charlie<br>20 !@$%^&amp;*<br>19 654321<br>18 monkey<br>17 123123<br>16 football<br>15 abc123<br>14 666666<br>13 welcome<br>12 admin<br>11 princess<br>10 iloveyou<br>9 qwerty<br>8 sunshine<br>7 1234567<br>6 111111<br>5 12345<br>4 12345678<br>3 123456789<br>2 password<br>1 123456<\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n","protected":false},"excerpt":{"rendered":"<p>The issue with website security As the Internet gets more embedded in our lives, it is important to realize that there are bad people wanting to steal anything they can. Others simply enjoy causing problems for website owners and their visitors. These hackers have stolen information from hundreds of millions of people worldwide. Thieves use [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":86300,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"shadow","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[158],"tags":[],"class_list":["post-85904","post","type-post","status-publish","format-standard","has-post-thumbnail","category-announcements","entry","override"],"featured_image_src":"https:\/\/www.brookstradingcourse.com\/wp-content\/uploads\/2019\/01\/PC-password-hacker.jpg","author_info":{"display_name":"BTC Admin","author_link":"https:\/\/www.brookstradingcourse.com\/pt-br\/author\/richardhk\/"},"_links":{"self":[{"href":"https:\/\/www.brookstradingcourse.com\/pt-br\/wp-json\/wp\/v2\/posts\/85904","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.brookstradingcourse.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.brookstradingcourse.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.brookstradingcourse.com\/pt-br\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.brookstradingcourse.com\/pt-br\/wp-json\/wp\/v2\/comments?post=85904"}],"version-history":[{"count":0,"href":"https:\/\/www.brookstradingcourse.com\/pt-br\/wp-json\/wp\/v2\/posts\/85904\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.brookstradingcourse.com\/pt-br\/wp-json\/wp\/v2\/media\/86300"}],"wp:attachment":[{"href":"https:\/\/www.brookstradingcourse.com\/pt-br\/wp-json\/wp\/v2\/media?parent=85904"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.brookstradingcourse.com\/pt-br\/wp-json\/wp\/v2\/categories?post=85904"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.brookstradingcourse.com\/pt-br\/wp-json\/wp\/v2\/tags?post=85904"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}