After receiving 3 to 4 emails with the same question, I thought of writing it on the blog. So here is the procedure for password protecting the directory through cpanel.

Log into your hosting account cpanel. Navigate to “Security” section. Click on the “Password Protect Directories” link.

Next a popup will appear, select the web root and click GO.

Select the directory that you want to password protect. This may be some what a puzzle! for first time user.

You can select and delete any of the older users by selecting the username and clicking on the Delete User button.

Why Password Protect ?
Password protect those folders which you want to secure.
For Example:- If you have a payment gateway, where you process your customers credit cards, then do not take chance or do not compromise with the security aspects. Its not your security, its your customers security, which is of prime importance!

Password protecting such sensitive directories is crucial. Customers would never feel comfortable to be your guest, if you are not serious about their security!

• Stay Tuned, we are coming up with a awesome announcement, that you will love!


• "60+ Ways To Increase Your Twitter Followers" -- Please (review)Stumble and Tweet


• ”Tips, Tricks and Strategies to Make Money Online” Free ebook


• Click here to download Yaro Starak's FREE video tutorial.

The post Assign Password to a Directory via cpanel first appeared on Technotip.org.

When people come across such situation they straight away think that their account has been hacked. But its not the case always.

There are many services built around Twitter and most of them use Twitter API for log in or authentication purpose. While using such services, be careful while you share your Twitter ID and Password. Read the policy properly. Recently I saw a service which required my Twitter ID and Password, to let me use their service. With curiosity I read their policy page. There they had clearly mentioned that, they will periodically use our Twitter account to Tweet about their service, for promotional purpose!

After reading this policy, I started searching for the policy page of “Instantly Increase your Twitter Followers” kind of services. And found that many of them had the same policy. After reading this policy, I started noticing those automated, promotional tweets from some peoples or tweeples account. Most of them never know that their Twitter account is being used by others.

If the service you are using is intentionally evil, then they will not let you remove yourself from that service. In such case, use your Twitter account settings > Connections tab page to disallow any of these services from using your account. And change your password, for more security.

The above image is just an example and it doesn’t showcase any fraud or scam companies that are trying to misuse your Twitter a/c.
Of course, not all services that use Twitter API for authentication are bad. Most of these services respect users privacy, but some services are misusing this facility. So do not hesitate to kick them off, from accessing your account.

Even worst cases, have you shared your Twitter username and password with any service, which do not use Twitter API for authentication? If yes, then first change your password without fail and never give your username and password again.

Twitter allows only trusted parties to use their API, but still no system is 100% perfect, so no exception to Twitter.

• Stay Tuned, we are coming up with a awesome announcement, that you will love!


• "60+ Ways To Increase Your Twitter Followers" -- Please (review)Stumble and Tweet


• ”Tips, Tricks and Strategies to Make Money Online” Free ebook


• Click here to download Yaro Starak's FREE video tutorial.

The post Is your a/c used to SPAM Twitter? first appeared on Technotip.org.

Google has a wide range of service, and many people are so much addicted to these wide services. So its very important that we remember our Google Account password. If we are on a world tour and need to stay away from internet for long time. Then, when we are back to work and try to access our GMail and wonder, what’s the password! And we might have forgot the password of the alternative email ID too!

So Google has introduced yet another useful feature, using which you can recover your Google Account Password. To do that, you need to connect your mobile number to your Google account first.

Source: Gmail Blog.

Log into your Google account, click on the Change password recovery options . And enter your country, mobile number, a security Q&A and save it. You are done. No mobile number verification! As Google may be thinking that, you won’t enter your friends mobile number by mistake But if you ask me, a verification (mobile number verification by sending a verification code etc) is a good, secure way. Because if someone enters a wrong number by mistake(Many time we do typo or it just happens, that’s why it is called by-mistake!), and we will be in the illusion that our account is safe and now there is no worry of forgetting the password, only to realize later, that we had entered a wrong number.

To send yourself a recovery code via SMS:
1. Enter your username on the password-assistance page. After completing the word verification, you’ll receive confirmation that a verification code is sent to your phone. Keep this page open so you can get to the page where you enter your code.
2. Check your phone for a text message from Google.
3. Enter your recovery code and click Submit recovery code.
4. Type your new password.

Caution:
Note that there’s a limit to the number of recovery code requests you can submit in one day. If you think that you’ve exceeded this limit, wait 24 hours and try again. We are not sure about the exact limit though. Knowing that there is a limit, itself helps!, be careful.

Anyway, nice feature, if made use of properly. Next time you forget your password, enter your username on the password-assistance page, and Google will text you a recovery code. No need to check another email account!

• Stay Tuned, we are coming up with a awesome announcement, that you will love!


• "60+ Ways To Increase Your Twitter Followers" -- Please (review)Stumble and Tweet


• ”Tips, Tricks and Strategies to Make Money Online” Free ebook


• Click here to download Yaro Starak's FREE video tutorial.

The post Recover Your Google Account Password Using Text Message first appeared on Technotip.org.

What I did was, just entered some wrong username and password(to loginto that fake PayPal like website), guess what? Any random, wrong username and password will longinto such websites. The next thing was, it prompted us to enter our Credit Card number. There also I entered some nonsense numbers. And finally it poped up a hearty message saying “Thank you”.

We do not recommend anybody to try what we did with the phishing email link. We did all those things at our own risk.

And as this was our first experience with such phishing email, we just informed about the email and the fake website to PayPal team. And got this reply email from PayPal:

Dear Satish,

Thanks for taking an active role by reporting suspicious-looking
emails.
The email you forwarded to us is a phishing email, and our security
team is working to disable it.

————————-
What is a phishing email?
————————-
Phishing emails attempt to steal your identity and will often ask you to
reveal your password or other personal or financial information. PayPal
will never ask for your password over the phone or in an email and will
always address you by your first and last name.

Take our Fight Phishing Challenge at https://www.paypal.com/fightphishing to learn 5 things you should know about phishing. You’ll also see what we’re doing to help fight fraud
every day.

————————-
You’ve made a difference.
————————-
Every email counts. By forwarding a suspicious-looking email to
spoof@paypal.com, you’ve helped keep yourself and others safe from
identity theft.

Thanks,

The PayPal Team

——————————————————————————–

That email really made me think PayPal as more secure. As the secure feeling was still in my mind, another email was spotted in my email. Now I forwarded it to spoof@paypal.com. Now, this time I got still better reply from PayPal, which was more informative:-

Dear Satish,

Thank you for contacting PayPal.

At PayPal, we care about the security of your account. Therefore, we
would like to offer you a number of Security Tips.

The tips will help you protect yourself against various types of
Internet fraud, such as ‘spoofing’ and ‘phishing’: the act of collecting
personal and financial information through fake emails, websites and
phone calls.

Using this sensitive information, the perpetrators will try to commit
identity theft, credit card fraud and various other illegal activities.

So please read the tips below, for your own sake, and in the interest
of all PayPal users.

Emails – Make sure they are sent from PayPal

1. Always check the greeting. We will never address you with Dear
PayPal User or Dear PayPal Member. Instead, we will address you by your
first and last name, or the business name associated with your PayPal
account – except in some automatic responses.

2. Look for strange links. When you’re asked to click on a link in
an e-mail that looks like it’s from PayPal, be extremely cautious.

3. Does the e-mail ask you to enter sensitive information? If it
does, it’s not from us. PayPal will never ask to you enter:
o Bank account numbers
o Credit and debit card numbers
o Drivers license number
o Email addresses
o Your full name

4. Check for attachments. PayPal will never send an attachment or
software update to install on your computer.

5. Take your time, don’t be rushed. Spoof emails can contain a
threat: You must take action, and do it now. If you feel undue
pressure, don’t respond. Simply log in to your account, and check your Resolution Center.

Website pages – make sure that they are hosted by PayPal

1. Check the URL when you log in. When you use the PayPal service,
make sure that the URL at the top of the browser is
https://www.paypal.com/. This means the website is secure. If you see a different URL, close your browser – even if it contains the word
PayPal.

2. Look for the lock. The lock symbol that appears in the bottom
right hand corner of your browser means it is a secure site.

Passwords – keep it on PayPal

1. Last but not least, create a unique password for your
PayPal-account. Don’t use this password on any other site and don’t
share it with anyone else.

2. Change your password every month.

If you think you have received a fraudulent email, forward the entire
email, including the header information to spoof@paypal.com and then
delete the email from your mailbox.

Click the “Security Center” link on any PayPal webpage for additional
tips and tools for staying safe online.

If you have any further questions, please feel free to contact us
again.

Sincerely,
Jeffrey
PayPal, an eBay Company
————————————————————————————————–

I was very much happy that PayPal is concerned about its customers.
Now PayPal has taken yet another step to teach its customers, to make them authority of online fraud detection and prevention techniques.

Now you can see an ad on the HomePage of PayPal and which will take you to https://www.paypal-promo.com/safety/ when clicked.

This site is made of flash and its visually appealing and gives full information about online fraud detection and prevention techniques.
It involves “Training Center”, where it tells about online theft and protection measures etc. And next is, it has an “Safety Exam” section where you will be presented with some questions and answers(in the form of options) to test your levels of understanding about online fraud detection and prevention techniques. Next is the “Safely Calculator”, calculates “How safe your PayPal account Is?”, by determining your answers to some of the questions.
And there is also a section called “Safety Products”, which lists some of the safety products developed at PayPal Lab — Take a look at it, they may be for you.

One thing which we never knew and came to know from this website are:
PAYPAL SECURITY KEY
All agents need gadgets. Customers in the US, Germany and Australia can use the PayPal Security Key, a small electronic device that generates a unique security code every 30 seconds.
You use this security code when you log in to your PayPal account, giving you an extra layer of protection against identity theft and account takeover. Hope this feature will be available soon in all countries where PayPal transactions are allowed. And for those who are deprived of this feature presently can make use of one of their Plug-In which offers an array of security features by generating a single-use MasterCard credit card numbers to help keep your financial information’s secure.

In India RelianceMoney demat account holders have been using such Security Key to generate new password for their account every 30 seconds. PayPal taking such measures creates an healthy, secure feeling in its customers.

Update:-
Please do not even click on the suspicious links found in your phishing emails. Because now a days the scripting(script programming) has become so powerful that, if you click on such links, a worm can be placed inside your computer(which may track your activities later). Clicking on such links is just like permitting the script to access your information.

• Stay Tuned, we are coming up with a awesome announcement, that you will love!


• "60+ Ways To Increase Your Twitter Followers" -- Please (review)Stumble and Tweet


• ”Tips, Tricks and Strategies to Make Money Online” Free ebook


• Click here to download Yaro Starak's FREE video tutorial.

The post PayPal Teaching Security Measures to Its Customers first appeared on Technotip.org.