How to apply password and compressed feature in windows XP?

In windows XP, you can store your data on hard disk using less space than normal size. There is no need to install any third party software to compress or decompress your data, you can use windows built-in data compression or decompression feature to manage disk space issue.

I think many users are worried about the security of their file and folder also, so another benefit of this feature, you can protect your compressed file and folders with password. 

Follow the given steps to implement the compression and password feature to mange data:




First double click on "My Computer" and locate the disk where you want to create compressed (zipped) folder. For example, if you want to create this compressed (zipped) folder on C drive, then open C drive.

Here open the "File" menu, go to "New" then click on "Compressed (zipped) Folder" option.

Rename this folder according to data information and press "Enter" button.

Now you can move (drag and drop or copy and paste) your files and folders to this compressed (zipped) folder then compression feature will implement automatically on that data.

When you want to open these compressed files, simple right click on compressed folder and click on Extract All. This extract wizard will automatically extract all these files to location you choose.

Now if you want to protect this compressed folder with password, simply open the compressed folder and go to "File" menu then here click on "Add a Password" option.

A small dialog box will appear with title "Add Password", type password in "Password" box and confirm password also then press Ok button.

Now when you will try to open 

your compressed files, system will prompt you a dialog box to enter password to open this file.

Set Our BIOS Password

Laptops in general have much better hardware security than PCs. Some of them even come with fingerprint reader build in.

Most laptops come with a very strong BIOS password capability that locks up the hardware and makes the laptop completely unusable. This is the password that has to be entered before the operating system loads, usually on a black screen a few seconds after the laptop is started.

Of course BIOS password can be set on a PC too, but there it is stored together with the other BIOS settings – date, time, hard disk size, etc. It is very easy to reset the BIOS settings (and the password) on a PC – usually there is a jumper near the BIOS battery on the motherboard that needs to be moved from connecting pins 1+2 to pins 2+3 for a few seconds and than moved back to pins 1+2. Next time the PC is started it will alert you “… BIOS settings invalid… Defaults loaded… Press F1 to continue…” or something similar, and…. the password is gone!

However most laptops store the BIOS password in a special chip, sometimes even hidden under the CPU, that is not affected when the rest of the BIOS settings are reset. This makes the removal of a BIOS password on a laptop almost impossible. The only option in most cases is to replace the chip which is quite expensive and risky procedure and, of course, not supported by the manufacturers.

Some manufacturers (like Dell) can generate a “master password” for a particular laptop (from their service tag) if sufficient proof of ownership is provided. Others (like IBM) would advise replacing the laptop’s motherboard (very expensive). On some old laptops (4 – 5 years or older) the BIOS password can still be reset relatively easy, usually by shorting two solder points on the motherboard or by plugging a special plug in the printer port, etc.

In almost all cases on newer laptops it is either a big hassle, expensive or even impossible to reset the BIOS password, making it a very good way of protecting your laptop from unauthorized use.

However what makes your computer exactly yours are your own files, documents, emails, pictures, etc. They are all stored on the hard drive. So, even if your laptop has a BIOS password that locks it up and makes it completely unusable to anyone that doesn’t know it, your hard drive can still be removed from the laptop and connected to another computer, and your files retrieved quite easily.

Hard Disk Password

Hard Disk Password

It is not a very well known fact, but all hard disks have a very strong hardware password capability build in. This password is usually stored both in a chip on the HD controller (the printed circuit board on the hard disk) and on the hard disk itself in a special hidden sector.

Setting this password will make the hard disk completely unusable to anyone that doesn’t know it. And not only on your computer, but on any computer.

A lot of newer laptops will set the HD password together with the BIOS password, completely locking all the hardware.

The hard disk manufacturers are unable to unlock a password protected hard disk, as there aren’t any “secret” master passwords build into the firmware. Even swapping the controller of the password-protected hard disk with exactly the same controller from an unprotected HD will not remove the protection on most disks, as the password (together with most of the firmware) is also stored on the hard disk itself.

The only way of retrieving any files from a password protected hard disk without knowing the password is to send it to a data recovery company for unlocking, but not all data recovery companies could or would unlock a password protected HD.

In this time of rising identity theft, protecting your personal data by locking your hard disk with a password is indeed a good idea. The downside is that when the HD eventually malfunctions it will be harder or even impossible to retrieve any files from it. So, the first rule of using a computer applies here in full strength – “Your data is only as good as your latest backup”!

10 Best Gmail Security Tips

The most widely used free email service is from Google which has occupied proficient and prominent position in the cloud. GMAIL – The free email service from Google with enough storage space to keep your communications intact through years and years. Since Gmail is widely used mail service, security concerns are primarily of respect and main focus. Hence here in this post, we’ll share  a few important and useful Gmail security tips so that our accounts shall never be compromised.

1. Always Use HTTPS – This is a great feature from security point of view in Gmail. HTTPS is secure protocol for transmission of vital information on web in encrypted form. Although, when we sign into our Gmail account, https is used but to make sure https is used throughout our session for our Gmail account, we need to enable this option from Gmail settings. To enable this option, go to settings of your Gmail account and check “Always use HTTPS” under general tab and save changes. HTTPS makes mail little slower than normal but security should be of our prime concern.

2. Remember to log out – Log out whenever you have completed checking mails even if you’re on your own computer. If you’re on public computer like in cyber cafe, make sure you had unchecked “Remember me” or “keep me signed in” option while logging into account. Clear cookies, passwords before leaving public PC.

3. Audit – You know your own ip address. Now find out the ip address from where your Gmail account was opened last time. In the footer, at the very bottom of your inbox, you will see information about last sessions – Last activity : ip address : Details . Just hit on details button and you can see when was your account accessed and from which ip address.

You can also use this feature there to log out all sessions if you find any session open or if you forgot to log out on your friend’s pc or public computers. One should make habit of checking/ auditing Gmail account session details regularly.

3. Don’t disclose – Don’t disclose your id and password to anybody. You might get fake email asking for your Gmail id and password, but remember,  Google never asks you to disclose your password. Stay safe. Also, some websites have features to invite your Gmail contacts to network with you on their website, for this they ask you to enter your Gmail id and password – Don’t give your Gmail details to untrusted or small or new , unestablished websites .

4. Change your password – Once in two months or so, you should change your password but remember the new one!! Don’t use easy to guess password i.e. don’t use your mobile number, date of birth, your girlfriend’s number as your password! Use password of at least 8 characters. Don’t use repetitive letters in passwords as aaaa1111. Don’t use your Gmail account password as passwords on other websites. I find many people use the same password for variety of websites so if one of your passwords is hacked, all are hacked.

5. Check links – Don’t fall prey to phishing attempt. Your so called friend might give you a link stating that it the link to new and feature packed advanced Gmail, you then try to log onto the link given by your friend and your friend gets your id and password. So always check links before hitting on any such links.

6. Keep your account up to date – Your Gmail password is your orkut password and the same password is used for other Google products and services, hence ensure security updates and measures in all your accounts so that neither way, your account could be compromised. Keep your account recovery option updated and remember your security question and answer so that you can recover your password in case if something wrong happens. Although, after reading this post and following accordingly, such unfortunate case is nowhere to stand. You can also add phone number to account for recovery purposes. To review your gmail recovery options, follow this link: GMail account recovery options

7. Use updated internet security suite (Antivirus, Firewall, Antispyware) on your pc - This point is also very important because your computer might have been compromised by a trojan, keylogger or virus which may distribute your account details to remote hacker. Update your browser, operating system, security softwares, mail applications so that you should not be vulnerable to latest exploits and hacks.

8. Attachments – Gmail scans every attachment you receive or send for virus or other such kind of threats but even then, it is not advised to download attachments from untrusted source. This will keep your computer safe and so your account.

9. Spam – Don’t waste your time reading spam messages. Spam messages are not only waste of time but also may prove to be a security concern as spams may contain links to malicious websites.

10. Backup – Well, backup would be useful in case of recovery of your account if your account had been compromised. Although this point is not a necessary step, yet you can backup all your gmail mails to make your life easy!

Google+ invite scam spreads on Facebook via rogue application

A rogue application is spreading via Facebook, claiming to offer easy invitations to Facebook's new rival in the social network market, Google+.

Many Facebook users have had messages like the following appear on their newsfeed:

Google+ - Get Invite
Unoffical Fan Page
Page: ‎XX,XXX people like this.

If you visit the page, you are invited to allow a third-party application to access your Facebook account.

You should also exercise great caution about what third party apps you allow to access your Facebook records, especially when they are demanding the ability to post to your wall and grab personal information such as your date of birth and current location.

Nevertheless, if you are hungry to get a Google+ Invite or to find an easier way to encourage your Facebook friends to join you on Google+ then you might (unwisely) carry on regardless.

The next thing which happens is you are encouraged to "Like" the page. Remember, you haven't seen anything yet which impresses you at this point - so why are you recommending the page to your online friends?

Just in case the "Like" wasn't enough - you are now encouraged to invite as many of your friends as possible to also sign-up for the scheme.

Of course, if you do send a direct invitation to your friends to sign-up for the Google+ Invite application then they may very well believe that you have checked it out for yourself, and trust your invitation. A sneaky piece of social engineering by the folks behind this third party application.

What we end up with is many thousands of people who have given a third party application, written by persons unknown, complete access to their Facebook page. That means they can later use your Facebook account to post spam messages, distribute other money-making scams, steal your personal information, and post in your name.

Is Twitter Flirting With Security Disaster?

The year 2012 has been called ‘The Year Of The Hacker’ by many, and we can see why. Numerous major corporations’ websites and networks have been hacked by wave after wave of hackers and hacking groups.It would, therefore, be safe to assume that websites around the world would be working night and day to ensure they cannot be hacked and have the best security possible.
 

The insanely popular micro-blogging site, Twitter, however, doesn’t seem to be taking their security as seriously as one would expect. On USA’s Independence Day, i.e 4th of July, the Twitter account of Fox News was hacked. The hacker had complete control of what to tweet. What was especially worrying is the account had a ‘Verified’ sign on it so people would take whatever they wrote seriously. And they went in for the kill. They spread rumors that the American President, Barack Obama had been asassinated.
What is especially worrying is that Twitter took over 5 hours to restore control of the account back to Fox News. “What Twitter needs to do now is to commit to a thorough review of their security practices,” said Daniel Diermeier, a professor at Northwestern University’s Kellogg School of Management. “For Twitter this is a very serious problem“.

According to security experts, if Twitter offered an authentication called Two Factor authentication, this would never have happened.  Other sites like Facebook and Google already offer this. Twitter could be pressured into doing this too, as a lot of influential leaders, business tycoons and companies use Twitter.
Twitter Spokeswoman Lynn Fox declined to say whether the company intended to add two-factor authentication. The company has said in a blog that it hopes to make https encryption the default for all users. “We take security very seriously and we’re always looking for ways to help users make their accounts more secure,” she said. Yet she added that Twitter’s users areresponsible for securing their own passwords. “We can’t anticipate compromises that occur offsite,” she said. “That’s one of the reasons we very clearly recommend to users that they be extremely careful with the security of their passwords.