IT Security FAQ 1: What should you think about when approving an app on Facebook? – 10 minute mail

There are all kinds of apps on Facebook – quizzes, games and corporate sweepstakes. But it might be a good idea to keep track of what apps you are approving, and what kind of information you are allowing them to see about both yourself and your friends.

Comment from our expert:
“When approving a Facebook app, make sure to check what you are really giving them access to. If you are installing a game, it might not make sense for it to know who your mother is, for example. Is the information they are asking for reasonable? And if yes, do you really feel that it’s worth approving the app? The same thing also applies when downloading new apps to your phone,” says Johan Edholm at Disposable mail.

”If you stop using an app, it might also be a good idea to revoke its access to your account. On Facebook, you are really ”paying” for apps by giving them access to your information; so why keep on paying when you are not using the services anymore? Keep track of the apps that are tracking you by visiting Settings > Apps and see which ones are ”logged in with Facebook” right now.”

Facebook App

Want more IT security information? Don’t miss out on the other parts of our IT Sec FAQ series!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

IT Security FAQ 2: What should you think about when installing a new plugin on WordPress? – 10 minute mail

To add different functions to the popular CMS WordPress – like social media icons or contact forms – it’s usual for people to install and activate different plugins. However, it is important to keep in mind that most security breaches that happen on WordPress are due to vulnerabilities in these plugins.

Comment from our expert:
”My number one advice when installing a WordPress plugin is to ask yourself; do I really need this? Anyone can create a plugin for WordPress, and every new line of code is a possibility for something to go wrong. If you install a plugin with bad code, it could end up with someone hacking your website.”

”To check if a plugin is safe, start of by googling it to see if it has any known vulnerabilities, or if it has been known for having many flaws in the past. Who is the developer of the plugin and does that person seem to know what they are doing?”

”Every now and then, go through the plugins you have already installed and look up if they have any new vulnerabilities. Maybe they haven’t been updated for awhile, which means that they might be easier to hack. Most of the time, if it is a popular plugin with thousands or hundreds of thousands of users, it should be fairly updated and thus might also be safer to use. But when it comes to plugins, the old saying less is more really does apply,” says Johan Edholm at Disposable mail.

wordpress plugins

 

Want more IT security information? Don’t miss out on the other parts of our IT Sec FAQ series!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

IT Security FAQ 3: What password-managers are good? Why should you use one? – 10 minute mail

People tend to use the same password on many sites because it’s hard to remember multiple passwords in your head for every service you are using online. The problem is, that if someone hacks one of the services you are using and gain access to your password, the hacker would also be able to hack all of your other accounts if you use the same password everywhere. How to prevent this while also keeping track of your passwords? Use a password manager!

Comment from our expert:
”Using a password manager is definitely a good idea. There are really two types of services out there – either web based passwords installers or local programs that you download directly to your computer. Personally, I feel that the local version is the better way to go, because then you are not leaving your passwords anywhere in the cloud for someone to hack,” says Johan Edholm at Disposable mail.

”There are also versions where the browser automatically remembers your passwords and fill them in for you when you are accessing a page. But these could also be easy to hack, so I don’t recommend using this function, no matter how convenient it might feel.”

”I recommend either KeePass or Password Safe (only available for Windows but often said to be the most secure password manager in the world). When you download the password manager on your computer, it creates a kind of vault that keeps track of all of your passwords. You use one master password to access your password manager and then manually copy and paste the password for the service you are about to use. Don’t forget to make a copy of the password manager on a usb or external hard drive, just in case you lose your computer,” says Johan Edholm at Disposable mail.

Want more IT security information? Don’t miss out on the other parts of our IT Sec FAQ series!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

IT Security FAQ 4: Is two-factor authentication really necessary online? How do you activate it? – 10 minute mail

Activating 2-step verification or Two-factor authentication on a service means that you have to identify yourself twice in order to access your account – often both with a password and by receiving a code to your phone by text message that you need to enter on the site to log in.

Comment from our expert:
”Using two-factor authentication means that you are harder to hack – someone has to gain access to both your password and your phone in order to login to your account. I absolutely recommend using it for your email, since almost all other accounts you have are linked to your email, and if someone gains access to it they can just reset your passwords on all other services in order to access them”, says Johan Edholm at Disposable mail.

”You can also see two-factor authentication as a good indicator as to if someone is trying to hack you. If you receive a text to login to your email, Facebook account or other service without trying to login yourself, that means someone has figured out your password, and thus it might be a good idea to change it.”

”Personally, I would use two-factor authentication on every service that allows it. It might feel like a hassle at times, but it’s worth that extra effort not to have your accounts hacked.”

You can usually activate two-factor authentication through the settings on your services. For example on Facebook, go to settings > security and activate ”Login Approvals”.

Want more IT security information? Don’t miss out on the other parts of our IT Sec FAQ series!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

IT Security FAQ 5: What is White Hat vs Black Hat hacking? And what is a bug bounty hunter/program? – 10 minute mail

Comparing White Hat to Black Hat hacking is kind of like comparing the good guys to the bad guys. White Hat hackers look for vulnerabilities and report them, whereas Black Hat hackers have a more mischievous agenda. They are the guys you usually see in the movies hacking a bank and stealing money. White Hat hackers are the people working to make the world a safer place – like your favorite team of hackers at Disposable mail!

Comment from our expert:
“White Hat hackers are security consultants and good hearted people that find vulnerabilities on sites and services and report them to the company to prevent them from being hacked in the future. Many companies offer ”Bug Bounty Programs” where they ask White Hackers to try and hack their sites in order to find loopholes, and in return they get a cash award for it.”

“The bigger the security breach they find, the more money the company is willing to pay. Hackers looking for those kinds of bugs and vulnerabilities on sites to get those kinds of awards are referred to as Bug Bounty Hunters,” explains Johan Edholm at Disposable mail.

Want more IT security information? Don’t miss out on the other parts of our IT Sec FAQ series!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

IT Security FAQ 6: What CMS is the most vulnerable? – 10 minute mail

A CMS is a Content Management System used to create, manage and organize content on a web sites or web services. One of the most common ones is WordPress. Different CMS have different levels of vulnerability.

Comment from our expert:
”It’s difficult to say what CMS is the most vulnerable one and which one is more safe. If you use an unknown CMS, there is a bigger chance that there might be some vulnerability in it that nobody knows about. WordPress, being one of the most used CMS in the world, has more vulnerabilities reported, but that’s also because it has more eyes on it. At the same time, because WordPress is so well-used across the globe, there is also a bigger chance that someone would want to hack it, and there are many attempted cyber attacks on the platform. It’s difficult to say what is better or worse on this one. But as mentioned earlier, stick with the platform and don’t bother with all the plugins, and you’ll be safer,” says Johan Edholm at Disposable mail.

Want more IT security information? Don’t miss out on the other parts of our IT Sec FAQ series!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

IT Sec FAQ | Disposable mail Blog – 10 minute mail

We love talking about security and we believe that security knowledge should be easily accessible and fun. This is why we came up with our IT Sec FAQ series! In 10 short Q&A format posts, we explain basic web security concepts combined with tips and comments from our very own security experts.

Disposable mail’s IT Security FAQ – Click on the question you want to learn more about!

IT Security FAQ 1: What should you think about when approving an app on Facebook?

Facebook is brimming with apps – quizzes, games, corporate sweepstakes and much more. What kind of information do you share when you approve apps on Facebook and what are the security implications of allowing them to access your account?

IT Security FAQ 2: What should you think about when installing a new plugin on WordPress?

Plugins can add a wide range of fun and useful functions to the popular CMS WordPress, but it is important to keep in mind that most WordPress security breaches happen because of vulnerable plugins. How can you maintain a balance between security and functionality and decide which plugins to install?

IT Security FAQ 3: What password-managers are good? Why should you use one?

It’s extremely risky to use the same password for different user accounts, but remembering multiple passwords is tough! To keep track of all your passwords and stay safe online, you can use a password manager.  In this post, we explain how such tools work and give tips on which password managers to choose.

IT Security FAQ 4: Is two-factor authentication really necessary online? How do you activate it?

Ever wondered about the advantages of two-factor authentication and whether you should use it? Read this IT Security FAQ snippet to learn more about two-factor authentication and its uses.

IT Security FAQ 5: What is White Hat vs Black Hat hacking? And what is a bug bounty hunter/program?

You might have heard of white hats, black hats and bug bounties before, but what do these terms really mean? Read on if you want to add these new words to your vocabulary!

IT Security FAQ 6: What CMS is the most vulnerable?

Trying to settle on a CMS and not sure what to choose? We explain what you should keep in mind when picking a CMS.

IT Security FAQ 7: What is OWASP Top 10?

OWASP is often mentioned in web security discussions and in this FAQ post, our expert Johan Edholm explains what OWASP Top 10 is all about and why it’s a great resource for developers.

IT Security FAQ 8: SSL? Https:// – how do you connect it? What info should be encrypted?

If you’re curious about SSL and how it works, this post is for you! Learn more about SSL and how you can benefit from activating it on your site.

IT Security FAQ 9: What is the difference between a firewall, antivirus and other security services like Disposable mail?

What is the difference between a firewall, antivirus and other security services like Disposable mail? Find out here!

IT Security FAQ 10: What is a malware, phishing, spyware, data mining and DDoS?

Curious to know what malware, phishing, spyware, data mining and DDoS is? Check out the final IT Security FAQ here!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

IT Security FAQ 7: What is OWASP Top 10? – 10 minute mail

The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software. Their mission is to make software security visible, so that individuals and organizations can make informed decisions about cyber security risks. They also present at list called OWASP top 10 with the ten most common security issues online.

Comment from our expert:
”OWASP top 10 doesn’t focus on specific vulnerabilities but rather concepts in general that are usual security breaches in software. For example, the login and authentication module is often weak on many websites. The list gives some ideas on what to think about in terms of cyber security. I think it’s good for developers to read through it at least once and reflect upon it,” says Johan Edholm at Disposable mail.

To find out more, visit the OWASP top 10 project and check out our series on OWASP top 10 security issues. Want to test your site for OWASP vulnerabilities? Sign up for a free trial and run a Disposable mail scan!

Want more IT security information? Don’t miss out on the other parts of our IT Sec FAQ series!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

IT Security FAQ 8: SSL? Https:// – how do you connect it? What info should be encrypted? – 10 minute mail

Secure Sockets Layer (SSL) is a cryptographic protocol designed to provide communications security over a computer network. SSL makes the communication safe between two points, and ensures that ”no one” is sitting in-between, eavesdropping on the conversation. You’ll usually see if a site is encrypted if the url starts with https:// instead of http://.

Comment from our expert:
”An SSL encrypts communication on the web to make it harder for hackers to tap into a conversation. To be honest, all sites online should use SSL today. The only reason that all aren’t is because it is sometimes difficult to implement.”

”You can activate a SSL on your own website by talking your site host, or with your system admin, because it needs to be activated on the server. The organization Let’s Encrypt are now looking at revolutionizing the whole SSL field, making it easier to setup, configure and renew SSL certificates. They are also offering free SSL certificates for all,” says Johan Edholm at Disposable mail.

Visit Let’s Encrypt to learn more.

Want more IT security information? Don’t miss out on the other parts of our IT Sec FAQ series!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

IT Security FAQ 9: What is the difference between a firewall, antivirus and services like Disposable mail? – 10 minute mail

Cyber security overall has a pretty wide spectrum, and solves vulnerability issues in different ways. Antivirus is the traditional method, where a program looks through all files on your computer or software looking for bad patterns. If there is something in the file that the antivirus doesn’t recognize, or if it is trying to send information or reach information that doesn’t make sense, it will notify the user.

A firewall is more like a door keeper. It keeps track of the traffic going in and out of the computer or network. You can have it installed in your router at home, for example. If something is trying to access your network / computer, like a virus or a trojan horse, it will block the malware.

Comment from the expert:
”Services like the one we provide at Disposable mail takes an opposite approach to antivirus and firewalls. Instead of blocking bad things, we try to hack your site. It’s like someone trying to break into your house just to let you know that ’hey, there’s a way to get in here that you should look at getting fixed!’ It’s the method of white hackers, and also the method that most IT-security consultants use. You try and hack a website to identify its vulnerabilities. At Disposable mail we’ve automated this process and built a type of ’burglar robot’”, says Johan Edholm at Disposable mail.

Want more IT security information? Don’t miss out on the other parts of our IT Sec FAQ series!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.