For decades, Macro viruses are a serious problem. Does it mean that Windows, Office and VBA – all Microsoft products – are insecure?
Absolutely not. Microsoft gave you the ability to stop Macro viruses
– instantly – ever since Office existed (25 years+).
This is a technical article – for Security and IT professionals.
Reading time (7 min)
Continue reading Stop Macro viruses instantly
All of us know that the recommended password length is increasing all the time. Currently a complex password is recommended to be 14 characters or more. Instead of a long and complex password, you can also login using Windows Pin Security. The Windows 10 Pin can be as short as 4 digits. Pin is considered to be BETTER than a password. However, the pin looks fairly weak. Is it not?
On the face of it, yes. PIN appears to be grossly inadequate as a protection mechanism. But it is not. Obviously, Microsoft must have thought about it! How is the Windows Pin Security strong enough? Here are the reasons:
Why Windows Pin Security is better than passwords?
- PIN works only on that device. Therefore, even if someone knows your PIN, they need physical access to your PC.
- PIN is not visible on the network (Wi-Fi or network cable). Password can be stolen just by monitoring your Wi-Fi. PIN is typed locally on the PC. No chance of it being visible on the network.
- Many laptops have a special hardware chip for encrypting stuff. Using this chip to manage the PIN makes it impossible for hackers to find the pin. (This chip is called TPM. Never mind what it means.
- If someone steals the laptop, they have to guess the pin. As you would expect, there is a lockout setting with TPM chips. If the laptop does not have TPM, you can still use BitLocker and apply a group policy setting to limit failed logins.
- It is easy to get your passwords using various methods. Let us not go into details of what these methods are. What you need to remember is never to click on a random link in email or browser and never reveal the password to anyone. (period).
If PIN is stolen from you, using the same methods which work with passwords, you are still safe because of the 4 reasons listed above.
If you forget your own pin, you must login using another method and reset the pin. Also note that if you enable biometric login (face recognition or fingerprint), creating a PIN is mandatory. Why so? Because, for whatever reason if biometric does not work, you need an equally secure alternative to login (login / password is less secure). That is why you also need to set up a PIN. These new methods of secure login are called Windows Hello.
In short, if you have a choice, always use PIN (and biometric) instead of username and password with Windows 10.
Since Office 2013, you will often see a yellow bar at the top asking you to Enable Editing. Unless you press this button, you cannot type anything or format any content. This may sound irritating, but it is a very useful feature. It safeguards your interests.
The reason is simple. Even today, many viruses travel through Office documents – as macros. These files arrive either through email, downloaded from Internet or copied from USB drives. In these cases, there is a great danger of the file infecting your PC. To prevent this from happening, these files are now opened in a special way. Here you can read the file but not edit it.
If you trust the source, you will have to click the Enable Editing button. Unless you want to edit it, don’t Enable Editing. Just read and take the required action.
You can learn how to decide WHO can do WHAT with the documents (or other content) which you have shared. If you are using OneDrive for Business, by default, all documents can only be viewed and edited by YOU – and nobody else.
This video contains SPS 2010 screenshots. However, the concepts are still the same as of Feb 2015.
This is a quick and easy precaution which we often miss.
Check this now.
It takes only few minutes.
Continue reading Is your anti-virus scanning external USB drives?