| 2:16 pm on Feb 22, 2013 (gmt 0)|
thanks for sharing this, engine. I really feel there should be a greater PSA effort by all of these social and email sites to better educate unsuspecting users.
Personally, I think it could be one simple slide: NEVER click on a link in an email or on a social network that makes you login. Rather, always go directly to the site and look for the alleged message, friend invite, etc."
By following this rule I have done a pretty good job protecting my passwords. What are some of the rules of thumb other savvy webmasters and members in here use?
| 4:13 pm on Feb 25, 2013 (gmt 0)|
"What are some of the rules of thumb other savvy webmasters and members in here use?"
If I'm less than 100% sure of the validity of any email, I always hover over embedded links to see what they point to before actually clicking on them. Unless they're doing something sneaky with close misspellings (or 1 vs. l), it's usually quite obvious.
| 6:28 pm on Feb 25, 2013 (gmt 0)|
Perhaps it's just me that is even more cautious. I avoid the clicks for stats, if possible, to avoid the tracking.
Passwords are important, but you can also help by having a unique e-mail for the service you're using.
The services have to pick up their game, imho, but users need to be educated about their own security.
| 5:46 am on Feb 28, 2013 (gmt 0)|
I implemented DMARC on several domains last year. It's interesting to see reports on mail that can't be tracked as coming from my servers. There's not much, but it does exist.
I hope more big companies implement this. It's simple to setup, and you can run it in reporting mode until you're ready to move to the stricter settings.