Web Savvy Marketers

Keep Your Passwords Safe From Attack

cyber-vipers steal passwords
Photo credit Jaymis

It’s a nest of cyber-vipers out there, ready to strike and steal your online information. And if you’re like most of us, you’re vulnerable because you’ve committed the cardinal cyber-sin.

You’ve reused the same password in multiple accounts. Or you have passwords that are easy to remember (and crack). Or you’ve written them down somewhere and lost them.

So how do you create and protect multiple, secure passwords? A password manager, that’s how.

What’s Password Management?

A password manager will capture your username and password when you visit a secure site. When you revisit this site, it will offer to fill in your saved credentials. Also known as password vaults or safes, they are a central storage place for all your passwords, encrypted and protected by a single password.

This way you have to remember only one complex password to access the vault.

Password ManagementWhen you decide to create this master key, check out this surprising needle-in-a-haystack password developer. How Secure is My Password? will tell you how difficult your password is to crack, and whether it’s on the list of most-common passwords.

The more you learn about website security breaches, the more anxious you will be to create safe, strong passwords. The list of hacked sites continually grows: Sony servers, including Sony Pictures, with over one million accounts hacked; nearly a half million Yahoo users were violated; social Q-&-A site Formspring, to the tune of over 400,000 passwords stolen; and Zappos, who reset 24 million user passwords due to security risk.

If the idea of inputting important passwords into a software system concerns you, then start with storing passwords to all those numerous online accounts like member blogs, shopping accounts, and social media sites.

Just think, you’ll never again have to wait for an email to reset a forgotten password.

Best Password Managers

Password managers vary in features and price, with some set up to store additional information, such as credit card numbers and bank card pins. Here are some of the most-reviewed and lauded.

1Password securely stores all your passwords, credit cards, and notes. It starts at $49.99 a year, and did well in a lot of recent reviews, but didn’t make the top ten of this list. For a more in-depth review, read here.

The highly recommended LastPass is free, with a $12/year upgrade that allows you to use it in mobile applications. While it did suffer a breach in 2011, users with strong master passwords were safe.

The top-rated RoboForm Everywhere is a steal at 9.95 for the first year, with a discount plan for college students and a free 30-day trial.

KeePass is another free option, made for Windows, with open source, OSI certified, where you can check out the encryption algorithms to make sure they’re implemented right – if you’re into that sort of thing. It also has many plugins to assist you in a variety of ways, including integrating with other browsers.

Because I like free, I wanted to also mention Clipperz, a password manager that doesn’t require a software download. You can also access your password data offline by downloading it to an encrypted local file. It’s compatible with any computer that runs a browser with JavaScript, including Safari on iPad.

End the Password Insanity

If you’re feeling paranoid, then begin with something free and experiment simply for ease of use on no-brainer accounts. Put an end to your password-induced mania.

It’s easier to recover from a password hack when your accounts are tidily kept in one encrypted vault. And you’ll never have to resort to picking super-easy-to-remember passwords, like the popular 123456, or the second runner up, “password,” followed by 12345678, as the Gawker hack revealed.

Have you tried a password manager? What is your experience with them?

What You Know About Your Domain Registration Could Save Your Website’s Life

What to Know to Save Your Website's LifeImagine turning on your computer one workday morning to find your email isn’t working. Not only that, but your website is gone. Your coffee goes cold as you frantically re-enter the information, checking another computer to see if yours is just acting up. No such luck.

You immediately phone your Web Savvy connection, because, fortunately, you have one. Super Savvy Carolyn jumps aboard to resolve your website woes. Like a Sherlock Holmes sleuth, she must piece together the puzzle, collecting the missing parts until she figures out what went wrong.

It’s often not a pretty sight.

As a website owner, it is important to  know your domain name system and web hosting information. When you don’t have this critical information, your website’s lifespan could be abruptly cut short.

As in no website, no business.

Step 1. Your domain name.

Think of a giant telephone book for the internet where your website name, http://example.com, has a coordinating number, or IP address. Luckily, you don’t have to be concerned with the IP address numbers. It’s the domain name that matters, allowing users to easily navigate the web.

Your company domain name has an entry in the internet address book, where you pay an annual fee, much like you have to pay to own and operate your company in your town. Two commonly known domain name registrars are GoDaddy and  Network Solutions, where people go to buy domain names for their website.

What you need to know is where you have your domain name registered.

Step 2.  Your website hosting service.

This is the company that gives your website World Wide Web airtime space and connection. The hosting service is like the monthly rent you pay to keep your company store up and running. Instead of keeping your office doors open, it keeps your website working.

You also need to know who is hosting your website.

In the case of businesses, the web hosting service can be your one-stop provider. They can manage both domain registration and web hosting, safeguarding your website from internet death. If, however, you came with website in hand, your web hosting provider won’t necessarily have Step 1 and Step 2 details.

In order to keep the system free of glitches, you need to be aware of several things regarding these two steps.

Know your log in. Who is the administrative contact? What is the email on the account? What often happens is the email notification from the domain name registrant to pay the annual fee is overlooked. The email is either outdated, placed in spam, or simply goes unnoticed.

Know your password. Establish a system to retain this information for easy retrieval. It is important that you know how to access your domain name source to update it and keep it correct.

Know the contact person. Having one of the principals of your company as a contact, preferably as the name of the registrant, will allow you to keep a connection to your domain name should you move your website to another hosting service.

Know who bills you a monthly fee for your web hosting. If you’ve moved your website to another website hosting service, then you no longer need to pay for hosting at two providers. If you’re confused by what services should be closed, ask your current website hosting provider to review the information and make recommendations.

This knowledge eliminates not only possible website loss, but the extra fees you must pay should your domain name actually expire. The worst case is it expires long enough that it gets resold. Quelle horreur!

This is not a future you want for your website. Take the steps to be informed.

Flickr photo credit: Muffet

Three web design mistakes that can hurt SEO

You just started your business.  Your marketing budget is limited and you know you need a website, so you opt to use one of the many low-cost tools available to build your own website or you have your  daughter, (son, nephew or sister-in-law, name the friend or relative) who “knows the computer” do it for you.   You work your way through this uncharted territory and you manage to get your website up and running and it even looks pretty good.

Job well done! But as time passes,  you begin to wonder why it doesn’t rank better on the search engines.  Many techniques factor into good search engine optimization (SEO) but novice website designers or do-it-yourself business owners often make three big mistakes that can hurt their SEO.

  1. Search engines can’t read an image.  Overuse of images. If you have website pages that are made up entirely of images or if you have blocks of text that are made of images you’re preventing search engines from reading the text on your pages. If search engines can’t read your page, they don’t know how to index your page. I usually see this mistake made by those with some graphic design experience.  They may know how to create a beautiful layout but they haven’t learned the HTML/CSS code to transition that layout to the web correctly so they opt to insert the image into the web page instead of taking the time to code the page correctly.
  2. Search engines can’t read an image – the sequel.  Underuse of image alt tags. Each image used in a web page should use a descriptive alt tag. If alt tags are not used, search engines are not able to discern what the image signifies, so they ignore it. For example, say you’re Joe and you sell bicycles.  You’ve  created a fantastic logo that clearly identifies you as Joe’s Bicycle Sales & Service. You put it on you web pages and it looks beautiful but you fail to use the alt tag.  Now when search engines crawl your site they’re not able to discern what the logo says.  However, if you have used the alt tag correctly, the search engines will read the alt tag that says “Joe’s Bicycle Sales & Service” and because you’ve provided that information, the search engine will have more information available to index your website.If you’re building your website using a do-it-yourself tool, you should see a field called alt or image description in the tool.   If you’re coding, you’re image code should look something like this:

    <img src=”logo.jpg” alt=”Joe’s Bicycle Sales and Service” />

  3. If you wrote a book you, would you title it “Book”?  Title tags and meta descriptions not used at all or used ineffectively. Just like a book or magazine article, every web page should have a unique title. In addition each web page should also have a unique meta description that accurately describes the content on that page — think of the meta description as the book synopsis often found on back or inside jacket of the book. In an html document both the <title> and <meta description> tags are within the <head> of the document which, as you might expect since it’s called the head, is toward the top of the document.  So when search engines crawl the page the title and meta description tags are among the first indexable information they come across and search engines expect the tags to describe the content on the page because that is what the tags were designed to do.

    But too often, inexperienced or lazy web designers use a title tag like “home” instead of “Joe’s Bicycle Sales | Yourtown, Your state”. Or on the page that shows products the title tag says something like “products” instead of “Bicycles – Raleigh, Schwinn, Trek, bikes for all ages”.  And the meta descriptions are either ignored entirely and left blank, or the same generic information is duplicated on each page.

    The title tag is the information the web browser shows at the very top of the browser screen–above the toolbar and url address field.  You generally want to limit your title descriptions to less than 60 characters. The meta description tag is not viewable on a web page (unless you view source) but search engines sometimes use the meta description you provide on your html page as the description in your search engine listing.  Limit your meta descriptions to about 160 characters.

So if you’re not satisfied with your search engine rank, check to make sure that you haven’t overused images in your design; that you have described all your images with alt tags and that you’ve written unique title and meta descriptions for each page on your website.

Clean up incoming website links after redesign

Every so often you need to take a look at your website and prune some of the old material from your website. I recently went through the process with cgwebhelp.com. During the recent redesign, I removed the whole FYI section and many sub pages from other sections. The material was dated and it was time to streamline the site.

While search engines love to see current relevant content, you should take care when completing a redesign so that you don’t lead visitors and search engines to an old page or worse a page not found. Not only is it confusing and annoying for people coming to your website but it can also hurt your search engine rank.

If you go to Google and search site:cgwebhelp.com, you’ll see all the incoming links that Google has coming to the site. Many of the links listed are pointing to old pages. You’ll want to fix that so all listings are pointing to your new website.  To do that, you’ll want to do two things.

  1. Make sure that the old pages are actually removed from your server
  2. Set up a 301 Permanent redirect for any removed pages to an applicable section of your new website.

If you’re working with a web designer you’ll want to ensure that they’ve completed those two things when completing the updates to your site.  To check, you can  do a search on your site by searching “site:yourdomain.com”  and start clicking through the links — if they all direct to your new site, you’re in good shape.  If not, there’s still some work to be done.

If you’re a do-it-yourself kind of person and you have access to your  hosting account and Cpanel you can set up the 301 redirects yourself.   Log in to your Cpanel and look fro the Domains>Redirect link.  Once there choose “Permanent 301 from the dropdown, type in the url of the old page or directory that needs to be pointed to a new url and the new URL in the spaces indicated click update and you’re done.

301 redirects

If you want to redirect a whole directory as I did in the example shown above click the “Wild Card Redirect” box.  That’s it.  Now go back to Google and click through your links to verify that they’re all going to your updated pages.

Our Location

222 Pitkin Street, Suite 125
East Hartford, CT 06108
Phone: 860-432-8756

Talk to Us

Follow us, subscribe to us, email us, or call us at 860-432-8756. We’ll use our Super Savvy Tool Belt to stay in touch however you prefer.

Sign Up for Email Updates