MFA ALL THE THINGS (PSA)

locking

Friends, this is a Public Service Announcement. I don’t climb on this podium often, so listen up:

  • If you have a smart phone, you should be 2-factor (MFA) enabling every account that can do it.
  • If you do not have a smart phone, but can receive SMS, you should still be 2-factoring everything you can.
  • If you have neither a smart phone nor can receive SMS (text messages), please, please consider buying a cheap 2-factor dongle. Don’t know how to find one? We can find a way to get you the info you need. Just do it.

As I’ve mentioned before, I’m a bit of a browser whore. I will jump from Firefox to Chrome to Opera to Safari (where available) without a care in the world, because this fabulous City In The Clouds lets us do that kind of crazy stuff without losing any data. It let’s us use the tools and features of a browser we want, then move on when we need to.

Which is why I hadn’t noticed (from a lack of any use) that my Firefox Sync account (the account used to keep Firefox browsers in sync across different platforms) had been compromised back in March. The breadcrumbs they left in the shared browse history have been fascinating – including the skype accounts they created, the IP they were purportedly coming from, and the sites they then compromised in that browser session.

How was I nearly done in? How did I, a professional in this so-called field, get suckered into being used?

I was lazy at one point and reused a password.

What saved me from utter destruction?

Despite this lapse, I have enabled 2-factor authentication whenever it is an option. People are idiots, myself included. Smart people? Also idiots.  It is too easy, in the spur of the moment, to reuse a password because we’re in a rush, we’re signing up for something on the go, or we just plain don’t think about it. How do we protect our own fallacy?

Key Take Away: People are idiots, myself included. Smart people? Also idiots. 2-factor so you can be dumb and stay safe still.

Two-factor, aka MFA. [One time passwords that are generated per app every 60 seconds] You see, because of having 2-factor enabled, even the shockingly high number of passwords that cropped up as needing attention in a security audit this week, it turned out the ones that mattered – and these were ones I could see my hacker attempting in the logs – were still protected because he couldn’t bypass the one-time keys.

I got lucky. I’ve spent two days redoing my accounts across the board – closing down accounts I don’t need, disabling account that don’t do two-factor and should (Firefox Sync – I’m looking at you. How can a service that provides synchronization of such sensitive data not require two factor authentication to access it?). Don’t lose a part of your life like I did. Put your houses in order.

Friends, if all of this was technical gobbledygook to you, let me know. I don’t usually put myself out there, but this was a seriously close call for me, and I don’t want anyone else in my extended tribe getting hit by it. Moving forward, I will be employing random password generators a lot more heavily. And if a site doesn’t support 2-factor, but expects me to provide sensitive information, I don’t think that site is a necessity in my life. I can’t be there to tell you what’s right or wrong or how to do it all, but I’d be happy to help you get going in the right direction.

My tricks for more productive writing

Lately, I’ve started getting back into the mindset of wanting to push out higher word counts on a daily basis. There’s no secret to why – I’m working on a novel again (see front page sidebar for writing status on Chrysalis, which I update every few days. Chrysalis is intended to be the introductory novel for my character, Niki Hunter). The last few days especially, I’ve seen my word counts jump from a few hundred a day to a few k a day.

To be fair, the last few days I’ve also been off from work and without much in the way of commitments, unless you count going to the movies or taking the kids to Pokemon a hard pressing engagement. These are, however, the things that have worked for me.

  1. Tunes. Preferably something with a strong drum tempo and low word count. I prefer either Hans Zimmer (Man of Steel, Dark Knight, or the Sherlock Holmes soundtracks) or Bear McCreary (Battlestar Galactica reboot – I have them all). I find my fingers pounding in tune to the tempo, and I like that.
  2. Typing effect. Yeah, it’s arcane and stupid, but I’ve found that the sound of typing – especially when it corresponds to letters appearing on my screen – helps fuel my writing. The nice thing is that there are a lot of options here – you have FocusWriter, which can handle text and ODT files and has typewriter sounds built in. Or you can get something platform specific, like NoisyTyper on the Mac, that turns every keystroke into a typewriter sound.
  3. Actively counting words. I’ve loved Jamie Rubin’s scripts for word counting and spreadsheet updating without muss or fuss. Every time I change toolsets and workflows, I write helper scripts to keep the spreadsheets updated. The problem I’ve had lately, in addition to finally finding a tool that doesn’t meld well, is that the same thing that makes these scripts great – the lack of human intervention – also makes them less than ideal for mental tallies. Instead, I’ve gone back to an old spreadsheet format I used to use, which let’s me record daily writing updates on the novel and returns how many words I’ve written. This is not for everyone, or probably even for most, but for me the manual process of updating my word count serves the function of  reminding me how much I’ve done and how much more I might need to do. Programs like Scrivener or Storyist, if that’s your thing, can do this for you automagically. In my quest to be more platform agnostic, I’ve been working in LibreOffice lately, making for some more manual efforts.
  4. #1k1hr – this twitter hashtag, when used, has helped me produce more words than I ever thought possible. The notion is simple. Announce or search on twitter, and then with or without others, start writing for exactly 60 minutes. I don’t know if it’s the time constraint or what, but I’ve had great success with this. There is no winning or losing, but the focusing for an hour on just the one thing – writing – can be exactly what you need sometimes.

These are the tricks that seem to help me. Of course, nothing beats just sitting ass in chair and writing. I hate using the expression, but these are like productivity hacks that work for me. Give a few a try. Worse case, you can leave me a comment somewhere telling me how awful it turned out and then my secret plan to figure out who my readers are will have begun to hatch.

 

mad_young_frankenstein