Tuesday, April 01, 2014

Get the best of both worlds with our new Local Only feature

If you're like us, you love the convenience of using Cloud Services to access your SplashID records anytime without worrying about sync or backups, but there may be some especially sensitive records (perhaps bank accounts or family social security numbers) that despite all the security measuresyou'd still prefer to keep stored only locally on your desktop.

With the release of SplashID Safe version 7.2, Cloud Services users can now designate any record in SplashID Safe as Local Only. This means the record stays local on the device selected and does not sync to the cloud server. If the selected record is already on the web app or on any other devices running SplashID Safe, it will get deleted from those apps. At any point, you can undo the Local Only setting, and the record will sync back to the cloud server and appear on all your devices.
How do I use this feature?
  • iOS: Tap a record. In the bottom toolbar, tap on "Make local." This change saves automatically. You can change it back by tapping "Sync to Cloud."
  • Android: Tap a record, then tap the edit button. Scroll down and set "Local Only Record" to ON. Save.
  • Windows Phone: Tap on a record, and tap to edit. Scroll down, and check the box for "Local Only." Save.
  • Windows: Double click on a record to view the edit screen, and check the box for "Local Only." Save.
  • Mac: Double click on a record to view the edit screen, and check the box for "Local Only." Save.
Who can use this feature?
Which platform(s) is it available on?
  • iOS, Android, Windows Phone, Windows, Mac

Friday, January 17, 2014

Worst passwords of 2013 - our annual list updated


"Password" unseated by "123456" on SplashData's annual "Worst Passwords" list

The 2013 list of worst passwords, influenced by postings from the Adobe breach, demonstrates the importance of not basing passwords on the application or website being accessed

LOS GATOS, CA – SplashData has announced its annual list of the 25 most common passwords found on the Internet. For the first time since SplashData began compiling its annual list, "password" has lost its title as the most common and therefore Worst Password, and two-time runner-up "123456" took the dubious honor. "Password" fell to #2.

According to SplashData, this year's list was influenced by the large number of passwords from Adobe users posted online by security consulting firm Stricture Consulting Group following Adobe's well publicized security breach.

"Seeing passwords like 'adobe123' and 'photoshop' on this list offers a good reminder not to base your password on the name of the website or application you are accessing," says Morgan Slain, CEO of SplashData.

SplashData's list of frequently used passwords shows that many people continue to put themselves at risk by using weak, easily guessable passwords. Some other passwords in the Top Ten include "qwerty," "abc123," "111111," and "iloveyou."

"Another interesting aspect of this year's list is that more short numerical passwords showed up even though websites are starting to enforce stronger password policies," Slain said. For example, new to this year's list are simple and easily guessable passwords like "1234" at #16, "12345" at #20, and "000000" at #25.

SplashData, provider of the SplashID Safe line of password management applications, releases its annual list in an effort to encourage the adoption of stronger passwords. "As always, we hope that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different passwords for different websites."

Presenting SplashData's "Worst Passwords of 2013":

Rank
Password
Change from 2012
1
123456
Up 1
2
password
Down 1
3
12345678
Unchanged
4
qwerty
Up 1
5
abc123
Down 1
6
123456789
New
7
111111
Up 2
8
1234567
Up 5
9
iloveyou
Up 2
10
adobe123
New
11
123123
Up 5
12
sunshine
Up 2
13
1234567890
New
14
letmein
Down 7
15
photoshop
New
16
1234
New
17
monkey
Down 11
18
shadow
Unchanged
19
sunshine
Down 5
20
12345
New
21
password1
Up 4
22
princess
New
23
azerty
New
24
trustno1
Down 12
25
000000
New

SplashData's top 25 list was compiled from files containing millions of stolen passwords posted online during the previous year. The company advises consumers or businesses using any of the passwords on the list to change them immediately.

SplashData suggests making passwords more secure with these tips:

Use passwords of eight characters or more with mixed types of characters. But even passwords with common substitutions like "dr4mat1c" can be vulnerable to attackers' increasingly sophisticated technology, and random combinations like "j%7K&yPx$" can be difficult to remember. One way to create more secure passwords that are easy to recall is to use passphrases -- short words with spaces or other characters separating them. It's best to use random words rather than common phrases. For example, "cakes years birthday" or "smiles_light_skip?"

Avoid using the same username/password combination for multiple websites.  Especially risky is using the same password for entertainment sites that you do for online email, social networking, or financial service sites. Use different passwords for each new website or service you sign up for.

Having trouble remembering all those different strong passwords? Try using a password manager application that organizes and protects passwords and can automatically log you into websites. There are numerous applications available, but choose one with a strong track record of reliability and security like SplashID Safe, which has a 10 year history and over 1 million users. SplashID Safe has versions available for Windows and Mac as well as smartphones and tablet devices.

Friday, April 12, 2013

Tip of the Week - Track Down Zombie Accounts


This blogger mentions SplashID Safe as a tool to use in the fight to protect your online identity. Old so-called "Zombie Accounts" are one risk to keep in mind. You need to be vigilant in order to track all the user accounts you create online and make sure they don't come back to haunt you.

Tuesday, February 19, 2013

Tip of the Week - Homeowner Calendar


Along with doing your taxes, there are other things you should probably be doing around the house this time of year to keep your home in top condition. You may not even be aware of some maintenance tasks you should be doing. And if you want to have a nice garden this year, early spring is calling your name. To help you stay on top of all these seasonal tasks, we created Homeowner Calendar. It's name speaks for itself, and it's only 99 cents on the iOS App Store.

Tuesday, February 05, 2013

Tip of the Week: Valentines Ideas in a SplashShopper List


In honor of Valentine's Day, Chester came up with a SplashShopper list of budget-conscious ideas for gifts to get your loved one. You can download and import this VSH file and many others from our SplashShopper Lists page:

http://www.splashdata.com/splashshopper/lists/

Tuesday, January 15, 2013

Tip of the Week - Now is a good time to change your passwords


For important passwords like bank logins and email accounts, it's a good idea to change them periodically. Ideally you would change them every 3 months, but that can be inconvenient, so January is a good time to browse through your SplashID Safe database and pick out a few high security records to edit. 

We've talked about it before, but here a some pointers on making good passwords:

- use a combination of letters and numbers and at least one uppercase character 
- use different passwords for different sites
- stay away from the easily guessed passwords like Jen123
- since you're using SplashID already, try to use the password generator to get truly random passwords

Wednesday, January 09, 2013

Tip of the Week – Create SplashID Safe records that do not sync to your device


You might have some SplashID records that you want on your desktop only and you do not want to have on your device.

To do this, you can create an extra user in SplashID > User menu > Edit Users.

The User name has to be in email format but does not have to be a valid email address. You could use test@test.com.

Then you can put any record under this user that you do not want synced over to your device(s).