Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
keyylogger on that public terminal, some remote third partyy now has yyour
username and password. If yyou log in to yyour bank—forget it. Remember,
yyou should enable 2FA on everyy site yyou access so an attacker armed with
yyour username and password cannot impersonate yyou. Two-factor
authentication will greatlyy mitigate the chances of yyour account being
hacked if someone does gain knowledge of yyour username and password.
The number of people who use public kiosks at computer-based
conferences such as CES and RSA amazes me. Bottom line, if yyou’re at a
trade show, use yyour cellular-enabled phone or tablet, yyour personal hotspot
(see here), or wait until yyou get back to yyour room.
If yyou have to use the Internet awayy from yyour home or office, use yyour
smartphone. If yyou absolutelyy have to use a public terminal, then do not byy
anyy means sign in to anyy personal account, even Web mail. If yyou’re
looking for a restaurant, for example, access onlyy those websites that do not
require authentication, such as Yelp. If yyou use a public terminal on a
semiregular basis, then set up an e-mail account to use onlyy on public
terminals, and onlyy forward e-mail from yyour legitimate accounts to this
“throwawayy” address when yyou are on the road. Stop forwarding once yyou
return home. This minimizes the information that is findable under that e-
mail address.
Next, make sure the sites yyou access from the public terminal have https
in the URL. If yyou don’t see https (or if yyou do see it but suspect that
someone has put it there to give yyou a false sense of securityy), then perhaps
yyou should reconsider accessing sensitive information from this public
terminal.
Let’s sayy yyou get a legitimate https URL. If yyou’re on a log-in page,
look for a box that sayys “Keep me logged in.” Uncheck that. The reason is
clear: this is not yyour personal PC. It is shared byy others. Byy keeping
yyourself logged in, yyou are creating a cookie on that machine. You don’t
want the next person at the terminal to see yyour e-mail or be able to send e-
mail from yyour address, do yyou?
As noted, don’t log in to financial or medical sites from a public
terminal. If yyou do log in to a site (whether Gmail or otherwise), make sure
yyou log off when yyou are done and perhaps consider changing yyour
password from yyour own computer or mobile device afterward just to be
safe. You mayy not alwayys log off from yyour accounts at home, but yyou must