" login Archives - LuxSci

Posts Tagged ‘login’

Login security & passwords – yesterday, today and tomorrow

Wednesday, December 20th, 2017

The act of “logging in” – that is, gaining access to some private area in a shared space – has been with us since the early 60s with the introduction of time-sharing computers, albeit confined in those days to very limited professional circles. However, with the use of the public internet as a communication and social medium and the growth of the web as a platform for commerce in the past twenty years, remembering login names and passwords for access to all our online resources is as commonplace as remembering the birthdays of our loved ones. While we might remember at most ten birthdays (with the rest written down in calendars and diaries), the average person has accumulated, based on an anonymized survey of its enterprise accounts by the popular password manager vendor LastPass, about 191 online accounts!

Lest this seem like an absurdly large number, consider all the professional accounts as well as numerous personal ones accumulated over one’s online lifetime, many of which are quickly set up for some online purchase or commenting at an informational web site and then forgotten or rarely visited. These days it seems that even the slightest online activity requires creating an account and signing in. Thus, it is not surprising that most people reuse the same login credentials (user name and password) across multiple sites. Security experts have long warned against this obvious vulnerability, but who can blame the average user for choosing an easy path to manage this increasing burden of remembering multiple passwords. (Some recent statistics suggests that only 22% of online users in the US use different credentials for each online account.)

Read the rest of this post »

Application Specific Passwords / Login Aliases at LuxSci

Thursday, December 14th, 2017

LuxSci now supports the creation of “application-specific passwords” for individual user accounts.

What are these?  The are essentially “login aliases.”

Increase your security through application-specific passwords
Users can create distinct username/password combinations for use with different applications, devices, or for shared account access.  These login aliases can have limited privileges; for example, granting access only to email or only to web site file storage.  Use of application specific passwords can greatly enhance user security.  In this article, we will discuss application-specific passwords, what their benefits are, and how to use them effectively.

Read the rest of this post »

Ultimate Control: Manage Access to Your Services with Custom Firewalls

Saturday, October 13th, 2012

Can I block this one IP that is scanning our accounts?  Can I restrict my account so that people can only access it from our office network, or require that they authenticate to WebMail first (using two-factor authentication)?

LuxSci is constantly asked for fine-grained access controls by customers who are in shared environments (sharing the same servers with many other accounts).  However, blocking access from IP addresses globally at the request of one customer may potentially affect other customers using the same system.

That is, until now. LuxSci customers can now configure their own custom firewalls to allow and deny access as they see fit without affecting other customers sharing the same server(s).

Read the rest of this post »

How to send unlimited email to someone for free and without authentication or SSL

Friday, September 14th, 2012

We field questions daily from customers who need to configure some special software or piece of equipment to send them email, but can’t because their SMTP logins require authentication (e.g. a username and password), or their software/hardware cannot be configured to connect to specific SMTP ports, or maybe because their logins require SSL/TLS for transmission security but their device doesn’t support that (and isn’t sending anything sensitive anyway).

Of course, software can be updated; there are always newer or more expensive devices that have more robust email sending capabilities.  However, additional time and/or cost is rarely the ideal solution. If the program/device will not be sending sensitive data and the email stream does not require end-to-end protection (e.g. for HIPAA compliance), then there is a very easy work around to get the device to send your mail.

Read the rest of this post »

Plan Ahead – Preparing for Employee Termination

Tuesday, August 18th, 2009

Repeatedly, it is a situation that we see over and over.  Monday morning hits and we get a frantic call from a manager or VP in one of our customer’s organization. They need access to their account, but the person who was set up as their account manager has left the company or been terminated.  Oops.

At LuxSci, like many other conscientious places, we take very seriously the determination of “who is authorized to do what” in an account.  If the account owner is gone and provisions are not made ahead of time for taking over his/her duties, it can be a time consuming and tedious process to validate and establish someone else in the organization as the rightful owner of the account (and not just someone trying to “trick the system” and get access to things that s/he should not have access to).

If you are planning on letting an employee go, you should make sure well ahead of time to check the following things:

Read the rest of this post »

LUXSCI