Category: Security

Why IoT Devices should not have the Default Passwords?

Posted on by Rajat Varlani

What are the IoT Devices?

IoT stands for Internet of things which describes the devices with sensors, processing ability, software and other technologies that connect over internet and share data with other devices. This includes hardware such as smart TVs, smart mobiles, smart refrigerators, Smartwatches, smart fire alarms, smart door locks, smart bicycles, fitness trackers, smart security system and anything that could be controlled remotely over Wi-Fi, bluetooth. Most of the devices that we use daily fall into this category and may require a password to authenticate us on setting these up when we use these first time. These devices come with default password to allow its access to the owner. This might pose security threats and give access of these devices to an unwanted person.

Related: Chat GPT Login – How to Sign up and Access?

What’s the Risk of keeping the Default Passwords?

IoT Devices

Today hacking methods are much advanced than these used to be years ago. Brute-force attacks can be automated that try most common username, password sets until the working one is found. There are millions of these devices being used and if these have the default password that was setup initially, these are at the risk of being hacked.

Default passwords are usually easier to guess like, 1234, 007, 0000, admin, user, pass, password. According to one of recent cyber security researches, some of the most common pairs of username and password were

username : knockknockwhosthere
password : knockknockwhosthere

and

username : user
password : 1234

As these passwords and usernames do not have numbers, special characters, uppercase letters, these can be easily guessed via brute-force methods. These passwords have least entropy. Password entropy rises as you include the previously mentioned elements in the password.

A hacker could guess these passwords without even using advanced tools for the same.

Which IoT devices have passwords?

It is anticipated that there will be approximately 30 billion IoT devices worldwide by the year 2030. According to the best practice in cyber security, most of these connected devices should have password protection, especially if these collect and exchange personal information. As you keep the software updated on your smartphone for better protection ad performance, so you should change the default passwords on IoT devices too. If you don’t, cybercriminals could infiltrate your home’s network and the connected devices.

Another research shows the manufacturers of IoT devices often only recommend the buyers that they change the default passwords to unique credentials but do not require it. No matter what smart device you use, whether a smartphone connected to a Wi-Fi or a smart TV, always change its default password to a unique credential and do it before connecting it to a Wi-Fi network.

Change the Default IoT Password

Default passwords are convenient as these are easy to remember but note that these are also easy to hack. Fortunately, these passwords are easy to change and take only a minute or two.

How to Use File Lock in Google Drive to Secure Documents?

Posted on by Rajat Varlani

Google Workspace and Google Drive users have a new feature File Lock that allows them to prevent others from messing with their documents. There are times when you do not want the others to make comment or edits to the documents that you shared with them. This feature could be useful to the companies that regularly share documents among their employees.

Why do I Need File Lock?

Sometimes you share a document with your teammates or colleagues that contains sensitive information only to be viewed by them. In this case, they won’t be able to copy, download or print the document without your permission. You can also prevent others from editing that document.

Related: Gmail Storage Full? How to Free up Space in Gmail

How to Use File Lock in Google Drive?

Till now you could prevent others from downloading, printing and copying the shared document in the Google Drive by clicking Share button in the top-right, then clicking the Gear icon and unchecking the Viewers and Commenters can see the option to Download, Print and Copy checkbox as shown in the screenshots posted below

Google Drive Share
Google Drive - File Lock Settings
File Lock - Prevent Download Print Copy

But now there is an easier method to achieve the same. You can lock files in simple steps as mentioned below

  1. Login to your Google Drive account in your desktop browser. File Lock is not available in the Google mobile app.
  2. Right-Click the file that you want to lock.
  3. Select Lock in the File Information menu as shown in the screenshot posted below
File Lock - Google Drive

Previously, you could lock a document while sharing from Google Drive or using the Google Drive API. The new File Lock feature makes it easy to lock files by right-clicking and selecting Lock in the File Information menu.

Let me know what you think about this new feature in the comment section below.

Turn On Two-Factor Authentication on Twitter Easy Way

Posted on by Rajat Varlani

You can turn on Two-Factor Authentication on Twitter for an extra layer of security. After this you will receive a code to your device to authorize the login to your Twitter account. This helps keeping your account safe against unauthorized access. Here are the steps for the same.

Related: Turn On Two-Factor Authentication on Twitch

Turn On Two-Factor Authentication on Twitter

  1. Click More in the menu at the left side in your Twitter dashboardTwo-Factor Authentication on Twitter
  2. Click Settings and Support > Settings and privacyTwo-Factor Authentication on Twitter - Settings
  3. Click Security and account access > Security Two-Factor Authentication on Twitter - Security and account access
  4. Click Two-factor authenticationTwo-Factor Authentication on Twitter - Two-factor authentication
  5. Here you have 3 optionsTwo-Factor Authentication on Twitter - Security Key

Related: How to Integrate One-Click Twitter Login to your WordPress Website

Turn On Two-Factor Authentication on Twitter via Text message

  1. Select Text message
  2. Read the overview instructions. Click Next
  3. Enter your password. Click Verify
  4. Confirm the email associated to your Twitter account if not done already. Enter your email address, then click Next. You will receive a confirmation code via email. Back in your Twitter account, enter the code in the prompt. Click Verify.
    Note: If you don’t already have a phone number associated with your account, you need to enter it. Additionally you can choose to deselect the option to allow your existing contacts to find you on Twitter. 
  5. Enter the confirmation code you received via text message. Type in the code, you will see a confirmation screen with a backup code. Save a screenshot of the code in case you need it for future use. This will help you access your account if you lose your mobile phone or change your phone number.
  6. Click Got it when you are finished with this screen.

Now, when you log in to your account on Twitter, a six-digit code will be sent to your phone to use during login. This ensures only you can login to your Twitter account.

Turn On Two-Factor Authentication on Twitter via Authentication app

  1. Select Authentication app
  2. Read the overview instructions. Click Start
  3. If prompted, enter your password. Click Verify
  4. Confirm the email associated to your Twitter account if not done already. Enter your email address, then click Next. You will receive a confirmation code via email. Back in your Twitter account, enter the code in the prompt. Click Verify
  5. Link your authentication app to your Twitter account by scanning a QR code. (If you don’t already have an app installed on your device, you will need to download one. You can use any time-based one time password (TOTP) authentication app like Google Authenticator, Authy, Duo Mobile, 1Password etc.)
  6. Scan the QR code. Click Next
  7. Enter the code generated by your authentication app. Click Verify
  8. You will see a confirmation screen. Click Got it to finish setup

Now, you can view and use codes to login to your Twitter account via your authentication app.

Turn On Two-Factor Authentication on Twitter via Security Key

  1. Select Security Key
  2. Enter your password when prompted
  3. Confirm the email associated to your Twitter account if not done already. Enter your email address, then click Next. You will receive a confirmation code via email. Back in your Twitter account, enter the code in the prompt. Click Verify
  4. Read the overview. Click Start
  5. Insert the key(s) into the USB port of your computer or sync it over your computer’s Bluetooth or NFC. Once inserted, touch the button on your key
  6. Follow the on-screen instructions and finish the setup
  7. Your security key(s) will appear in the Manage security keys section under Two-factor authentication. From there, you can rename or delete your security key(s) and add additional security keys to your account at any time.

Two-Factor Authentication for iCloud. Here is How to Set Up

Posted on by Rajat Varlani

Hello and Welcome to another blog post. In this post I am going to explain how you can enable Two-Factor Authentication for iCloud (Apple ID) account.

Two-Factor Authentication adds another layer of security as it requires you to confirm the verification code sent to your device whenever you sign in to your account after you enter the password. It makes sure only the person who knows the password and has access to your device (mostly you) can sign in to your account.

You would like to check first if Two-Factor Authentication is available in your country. Learn more

Set up Two-Factor Authentication for iCloud (Apple ID)

Set up Two-Factor Authentication for iPhone, iPad or iPod Touch

  1. Navigate to Settings > [your name] > Password & Security
  2. Tap Turn On Two-Factor Authentication
    Two-Factor Authentication for iCloud
  3. Tap Continue
  4. Enter the phone number where you want the verification code to be sent when you sign in. Choose if you want to receive it via a text message or an automated phone call
  5. Tap Next
  6. Enter the verification code to verify your phone number and set up Two-Factor Authentication

Set up Two-Factor Authentication for Mac

  1. Choose Apple menu > System Preferences. Click Apple ID
  2. Click Password & Security under your name
  3. Click Turn On next to Two-Factor Authentication
    Two-Factor Authentication for Apple ID

Related: Own a Twitch Account? How to Set Up Two-Factor Authentication for Twitch

For macOS Mojave or earlier

  1. Choose Apple Menu > System Preferences
  2. Click iCloud. Select Account Details
  3. Click Security
  4. Click Turn On Two-Factor Authentication

Note: Latest Apple IDs come with Two-Factor Authentication active by default. In this case you will fine the Two-Factor Authentication feature already turned ON.

Upgrade to Two-Factor Authentication on the Web

  1. Navigate to appleid.apple.com. Sign in to your Apple account
  2. Answer the security questions and click Continue
  3. You will be prompted to upgrade your account security. Click Continue
  4. Click Upgrade Account Security
  5. Specify the phone number where you want to receive the verification code when you sign in. Choose if you want to receive the code via text message or automated phone call
  6. Click Continue
  7. Enter the verification code to verify your phone number and activate Two-Factor Authentication

System Requirements for Two-Factor Authentication

Following system requirements are recommended on all the devices you use with your Apple ID

  • iPhone, iPad or iPod touch with iOS 9 and later
  • Mac with OS X El Capitan and iTunes 12.3 and later
  • Apple Watch with watchOS 2 and later
  • Apple TV HD with tvOS
  • Windows PC with iCloud for Windows 5 and iTunes 12.3.3 and later

How to Embed Instagram Feed to Any Website?

Posted on by Rajat Varlani

There is an easy way to embed Instagram feed to your website.

But why would you do that?

Displaying Instagram feed on your website allows you to boost your account’s exposure without a lot of work and it’s a fresh way to engage with your prospects. Apart from that, doing so can increase your customer conversion rate in the long run.

So here are the steps.

Embed Instagram Feed to any Website

Step 1: Decide which Instagram Post You Want to Display

Login to your Instagram account. Click the post that you want to embed.

Click the three dots in the top-right corner.

Embed Instagram Feed - Select the Post

Click Embed.

Embed Instagram Feed - Select Embed

Copy embed code.

Embed Instagram Feed - Copy Embed Code

Step 2: Edit the web page where you want to embed

Edit the web page and paste the HTML code you copied. If you are using WordPress, click the Plus icon.

Embed Instagram Feed - Click Plus Icon

Select Custom HTML and paste the code you just copied.

Embed Instagram Feed - Custom HTML

Save the changes to the web page.

Congratulations. You just embedded an Instagram post to your website

How to Copy Shortcodes and Code Snippets Properly in WordPress

Posted on by Rajat Varlani

Copying Shortcodes and Code Snippets from a web page and using in your own web page is not as easy as it looks especially when you are using visual mode of the page editor.

For example, if you copy the shortcode from the page and paste it in the content of your web page in the visual editor, you might get unexpected results because of the unwanted HTML being copied along with the text of the shortcode. At the link mentioned above the shortcode

is wrapped inside the <code> HTML tags. See the screenshot below.

You might end up copying the <code> tag with the shortcode and this could mess with the layout of the HTML block generated by the shortcode. To avoid this, you can use shortcut key Ctrl + Shift + V to just paste the text leaving any other HTML copied along. This option can also be accessed by right clicking the editor where you want to place the shortcode and selecting Paste as plain text in the context menu.

Another way to place shortcode properly is to use the Shortcode block in the Gutenberg editor.

Now Track Social Shares for Every Social Network

Posted on by Rajat Varlani

From version 7.13.20, you can track shares for every social share network you have integrated at your website by using the add-on Social Shares Tracker. Facebook had recently stopped serving shares via their graph API which Super Socializer used to show Facebook shares and this change has vanished the Facebook shares being displayed with the Facebook share icon at the websites that are using this plugin. Solution to track Facebook shares again is to use the add-on Social Shares Tracker as mentioned above.