Busting the Passkey Myths

Passkeys are replacing mere passwords at a rapid pace, and that may be scary for some people. Passkeys are inherently more secure than passwords. For the most part, they are extremely difficult (we won’t say impossible) to crack, and that’s why you should get more comfortable with using them.

Tech leaders such as Microsoft, Google, and Apple are among those leading the passkey charge because there are nearly 7 million combinations of usernames and passwords on the dark web. When your passwords end up on the dark web, cybercriminals can use them to get into your accounts and steal your private data. That’s why passkey-based authentication is becoming a fast-growing trend. Their main benefits are that they can’t be stolen like passwords, and there’s nothing for you to remember.

Still, myths persist, and Dashlane, the password manager app that we prefer, has its own magnificent seven myths it wants to bust.

  1. If you lose your phone, you can’t access your passkeys. If you have a password manager, your passkeys should sync across all devices – unless you “cheaped out” on a freebie. If you only use a mobile device for your passkey, make sure you store it in your phone’s password app. That will enable you to move them to your new device.
  2. Only Google and Apple currently sync passkeys. Third-party passkey providers like Dashlane use their own cloud infrastructure for syncing, similar to Google and Apple. Microsoft has announced that synced passkeys will be coming to Windows 11 and associated with Microsoft accounts. Google recently indicated that synced passkeys in Google Password Manager will soon be available on both macOS and Windows.
  3. Passkeys send your biometric information over the internet. All verification methods operate solely on your device. No biometric information is sent to the website, only confirmation that verification was successful.
  4. You can change your password but not a passkey. Passkeys can be changed simply by deleting them from the website they’re set up with and re-enrolling a new one. This is because every new passkey is unique, even when multiple passkeys are set up for the same website.
  5. PIN codes are not as secure as passwords. Once a device PIN code is set up, it can only be used on a particular device. That’s a security feature not available with a password.
  6. Using a password manager for your passwords is better than using passkeys. While password managers help, they can’t completely prevent phishing. Passkeys, by contrast, are phishing-resistant by design. Additionally, almost all leading password managers now support passkeys for both secure password storage and the added protection of passkeys.
  7. Passkeys are a way for vendors to lock users into their platforms. The FIDO Alliance has published new standards that will allow password managers to safely and easily export passwords and passkeys.

The myths point to a certain intimidation factor about using passkeys. Our advice is don’t be intimidated. We can help you set up an authentication app, such as Microsoft Authenticator, and other methods, such as biometrics and PIN codes. Call us – 973-433-6676 – or email us to talk about what’s best for you and your organization.

Microsoft’s Outage Issues

Microsoft outages seem to be a regularly occurring event, and that’s a real problem for all of us as we grow even more dependent on technology. The bad news is that the problem won’t get any better. Here’s a look at the industry’s metrics.

From my old help desk days, we followed the “rule of five-nines.” This meant our goal was to be “up” 99.999 percent of the time. Is it attainable? It sounds like a great marketing goal, but the reality is that no global company with the size and scope of Microsoft – or Google or Amazon or anyone else – can be perfect. It doesn’t matter which company you use; their service depends on the reliability of satellites and cables for connections and the power grid to keep them online. As we use online services more extensively, we can strain the capacities of those resources.

According to ThousandEyes Internet and Cloud Intelligence from Cisco, more than 90 percent of the world’s data centers experience outages. Local ISPs (internet service providers) experience the most outages, trailed by CSPs (cloud service providers). Outages increases are attributed to more demand on their infrastructures.

You’re not going to get any better service by switching the companies you use; they all face the same challenges. And they share some challenges with you, and those will be hard to plan for based on the world’s political and economic environment. This is not a political statement; it’s just a clear-eyed look at potential problems. For example, will there be a rush to order new equipment before possible tariffs go into place? Supply and demand issues ahead of any tariff issues will undoubtedly affect prices and inventories.

What can you do? We’ve discussed many of the steps you can take, so let’s put them in perspective.

  • Be backup savvy. Make sure all the data you and your employees use is backed up frequently in multiple places. In addition to backing up data, have battery backup capability so you can save data and close applications. This is more critical for desktop computers; laptops and phones have batteries.
  • Keep all your software up to date. It’s all related. Up-to-date operating systems and apps perform better, and that performance may be the difference in finishing and saving critical data or losing something that will take a long time to recreate or that might be lost forever.
  • Think about replacing computers and other hardware that’s approaching five years of service time. It’s nearly five years since the COVID-19 pandemic, when a lot of companies and individuals bought new hardware to be able to work effectively from remote locations. Five years is about the effective service life of most equipment, and your equipment may be on the same timeline as many other users. Our vendors and distributors have told us to expect shortages just for this reason.

We can help you set up a plan to replace your aging hardware and make sure all the systems you keep have the best prospects of making it through the next year or so. Call us – 973-433-6676 – or email us to discuss your needs.

Too Many Gadgets

It’s confession time. We have too many gadgets in our house, and the byte-load finally bit us by causing disruptions in service and performance. Who was the big culprit?

We fingered Google in our house, but the accusation came after a long process of elimination. We’ve had a performance issue for the past few years, noticing that even though our network showed four bars, we didn’t have four-bar performance. Over that time, we took things apart, looking at captures; that’s our technical term for what’s actually online.

We started by investigating our router and then started changing switches. Eventually, we started removing devices – all Google devices. The problem went away. We had read on the internet that a lot of people had similar problems. They all involved Google Home, Google Nest, Google Hub and Google Chromecast. Here’s what was happening. When the devices awoke from a sleep mode, they sent large packets of data through the network, which disturbed performance if it didn’t crash the network.

The weird part was that it affected our cable TV boxes. I noticed it especially while having the TV on in my office.  There would be times when the TV would simply go out. Once we removed the Google devices from the network, the problems disappeared.

The Google devices are now tucked away on a shelf, and we’re making more use of Alexa. However, we should hasten to add that our Google problem could have been exacerbated by having a large number of devices on our network. We’re a highly connected family, but we’re not much different from the norm. Many households have computers, phones and tablets for all family members, and many of those devices could have been added since the start of the pandemic as we’ve increased our online activity. We also may have added more smart TVs.

As a result, it’s easy to overload your network’s capability and impact the performance of every connected device. If you’re having a problem, removing Google devices like we did might solve your problem. But you might also need to upgrade your router and other network components to meet your needs and wants.

We can help you get the performance you need. Call us – 973-433-6676 – or email us to talk about your network, the devices on your network and your performance expectations. Sometimes, less is more, but sometimes, too, you need to add more to get more. A smart look can make your smart devices seem like geniuses.

The Bluetooth Blues Will Make You See Red

Many people are unaware of all the places that Bluetooth connects your devices to. They’re more than just your phone to your headset. Apple brought this to light in their release of iOS 13, and one of their biggest rivals, Google, and Facebook may be the biggest culprits. Here’s what you need to know.

Of course, one of the reasons Apple has brought this up is that its new iOS 13 enables you to allow which applications can have Bluetooth access to your location. When you deny access, you’ll lose some functionality, but you have the option.

Why are Google, Facebook and others stalking you? It’s obvious: they can promote a product or service for someone to sell you. They’ve been doing it for a while. All they had to do was set up a network of Bluetooth devices that could detect your presence and deliver a popup notification on behalf of a retailer, product manufacturer, restaurant, etc. At the same time, apps such as those for ride sharing and banking also use Bluetooth, and you might not be able to get a ride or complete a transaction without it. But at least now you’ll know who’s tracking you, and you’ll know why because the app has to state its purpose for it.

The infuriating part is that before iOS 13, you never knew when you entered one of their tracking zones, and there was nothing you could do about it. The new OS changes that. It will tell you when an app wants to use Bluetooth to use your location data. You’ll then have the option to allow it or deny it. You’ll also have the option to deny an application access to your location automatically – until you decide to grant access. The process to deny access until you change your mind is straightforward: Go to Settings > Privacy > Bluetooth and toggle apps on or off.

Installing the latest software – iOS 13 for iPhone 6 and later and newer versions of iPad – is one example of why it’s critical to have all of your software up to date. Many people don’t realize that devices in homes and offices have operating-system software, which is known as firmware. This includes smart TVs and the massive copiers that you get from an equipment dealer. Google has many ways to track locations and user data, and you don’t know about them.

If you’re mad as hell about your privacy and don’t want to take invasions from unknown parties anymore, we can help. Call us – 973-433-6676 – or email us to walk you through a software update process or schedule an appointment to do it.

Convenience vs. Competition: What do You Think?

The Department of Justice is beginning an investigation of “big data” companies and their hold on your online activity. This is not intended to be a political rant, but we’d like to know your thoughts on convenience vs. competition.

Here’s the executive summary of the DOJ’s investigation:

  • DOJ is reviewing whether and how market-leading online platforms – Amazon, Apple, Facebook, Google and the rest of the usual suspects – have achieved market power and are engaging in practices that have reduced competition, stifled innovation, or otherwise harmed consumers.
  • The review will consider the widespread concerns about competition that consumers, businesses, and entrepreneurs have expressed about search, social media, and some retail services online.
  • The goal of the review is to assess the competitive conditions in the online marketplace in an objective and fair-minded manner and to ensure Americans have access to free markets in which companies compete on their merits to provide services that users want. 
  • If violations of law are identified, the DOJ will proceed appropriately to seek redress.

The investigation – or review – caught our attention because Amazon’s recent Prime Day blew projected numbers out of the water. Why not? When you want to buy a product, what do you usually do? You use Google to find the best price or fastest delivery, and you generally go to an Amazon website – where Amazon has your address and credit card info on file. Yes, it’s basically one click or just a few, and your shiny new object is on its way – sometimes with same-day delivery.

I admit, that’s how we sometimes shop for products and make our purchase decisions. I don’t know if the size of Google and Amazon limits my choices – or if they limit them significantly. I might never know if a local merchant has a better product, price or customer service because smaller businesses don’t have the numbers to show up in a Google search where I can easily see it. I don’t know if another search engine (not Bing, which is Microsoft) would give me better results because Google is ingrained in my mind. It’s even become a verb.

We recognize that technology and laws are complex fields, and we’ll all have different opinions about what makes a good law. But we’d like your thoughts on competition and convenience. If you would answer a few questions either by return email or by leaving comments for everyone to see, we can share what’s important to us:

  • Do you automatically use Google for product searches?
  • Would you use another search engine if it were readily available and gave the results you needed?
  • Do you go to websites only at the top of a Google search?
  • Do you click on the ads at the top of the search results?
  • Do you go to a product provider’s website directly before or after seeing Amazon results?
  • Do you really care that Google and Amazon are so big that they might be stifling competition and limiting your choices?

Thanks in advance for sharing your thoughts.

Inside the World of Updates

Facetime updates got a lot of face time recently with all the reports about how a 14-year-old discovered a bug that left a mic open even if a recipient didn’t answer a group Facetime call. It was shocking but not surprising, based on how updates are developed and implemented.

Apple, Microsoft, Google and other technology companies are huge corporations and, as such, are highly compartmentalized. When I visit trade shows and conferences and can find an engineer or software developer to discuss very specific issues related to hardware, firmware or software, the conversations very technical and very tightly focused. They are brilliant people, but they operate in silos.

So, when a problem like the Facetime issue surfaces, it’s likely to involve a piece of code that only one person or a small team worked on – based on instructions that may have come down through several layers of command. That person or team didn’t talk the public or get any feedback based on a personal interaction. Further, the amount of code needed to implement a feature such as a group Facetime session is massive. It’s written in sections and assembled in sections, and even though they are tested, errors can occur each time lines of code from various teams are put together. The people involved do a great job, and the percentage of errors to lines of code written is practically microscopic.

The bottom line is that bugs will show up in the real world, and they need to be found and fixed before any catastrophic consequences show up. But code is not the only factor in updating software for use on a computer or device. We see a lot of old computers and devices with old operating systems that simply cannot handle updates.

We were reminded of the technology gap that opens up when working with older systems. It involved a family business, and technical challenges arose as some family members wanted capabilities that were requested by others. The challenges came as we had to work with computers and devices with a wide range of ages and with differences between Windows 7 and Windows 10. We had to be mindful that Windows 7 is 12 years old and that we are six versions into Windows 10.

Our common thread in the solution had to be sealing up security breaks. We can’t emphasize enough that security patches are the biggest improvements in upgrades and updates, although we all get excited about new features and capabilities. And the problem is that an older system can only handle a limited number of security and feature updates.

At some point, it doesn’t pay for a software or hardware provider to support older systems. Their developers have to jump from one issue to another like playing Whac-A-Mole, and then there is a smaller universe of real-world users to provide feedback on the new code and then use it.

One of our missions is to make the most efficient use of your money. We’ll always do our best to avoid having you buy new equipment or software by trying to find a good workaround. But sometimes, buying new technology can give you a better return on your investment, and one of the reasons to do so is to take advantages of upgrades and updates that are used by a larger universe of people and businesses. That can be especially beneficial based on the how the update world lives.

We can help you install, configure and test updates, and we can advise you on whether to upgrade or keep your current technology. Call us – 973-433-6676 – or email us for a consultation.