Module 1 : Email History, Account Security and Passwords

Duration: approx 6 minutes

1.1 Introduction

Whilst this guide may often focus on email accounts, all of the information presented within this entire course can be applied across the board (and web), to any account or website that supports any of the security features or topics, mentioned in the following pages.

If you really think about it, the basis of account creation (in most cases) links back to your email account, in some way. It is like your social security number in a way, but perhaps not as extreme. It is something you often identify with and use to verify yourself, or communicate around the world.

So again, whilst a lot of the focus in this course is on the email account aspect of account security, this knowledge is completely universal and is not in any way exclusive to just email service providers, or accounts.

It is insinuated that the root of everything should be the security of your e-mail, so the main goal is to keep that account as secure and safeguarded as possible – and, of course, amongst that, also being strict about the security of any and all other accounts you create, on the web.

Without further ado, let’s get right into it…

1.2 Brief Email History

Email itself is much older than even ARPANET, or the Internet.

It was never actually invented, it simply evolved from very simple beginnings.

Early email was just a small advance on what we know these days as a file directory – it just puts a message in another user’s directory, in a spot where they can see it when they log in. It is as simple as that. Just like leaving a note on someone’s desk.

Probably the first email system of this type was MAILBOX, used at the Massachusetts Institute of Technology, from Another early program to send messages on the same computer was called SNDMSG.

Some of the mainframe computers of this era might have had up to one hundred users and often, they used what are called “dumb terminals”, to access the mainframe from their work desks. Dumb terminals just connected to the mainframe and had no storage or memory of their own – they did all their work on the remote mainframe computer.

Therefore, before internet working began, email could only be used to send messages to various users of the same computer. Once computers began to talk to each other over networks, however, the problem became a little more complex – we needed to be able to put a message in an envelope and address it. To do this, we needed a means to indicate to whom letters should go, in a way that the electronic posties understood. Just like the postal system, we needed a way to indicate an address.

1.3 Inventing email

This is why Ray Tomlinson is credited with inventing email in

Like many of the Internet inventors, Tomlinson worked for Bolt Beranek and Newman, as an ARPANET contractor. He picked the @ symbol from the computer keyboard, to denote sending messages from one computer to another.

So then, for anyone using internet standards, it was simply a matter of nominating name-of-the-user@name-of-the-computer. Internet pioneer Jon Postel was one of the first users of the new system and is credited with describing it as a “nice hack”. It certainly was – and it has lasted to this day.

Despite what the World Wide Web offers, email remains the most important application of the Internet and the most widely used facility it has.

It is really no surprise that now more than 3 billion people internationally use email, for some purpose or another.

G-mail alone quoted over 300 million users, just a few years ago.

Even crazier is that millions of email users send hundreds of billions of messages, every single day.

1.4 Account Security Introduction

With all of this email activity and people using email, have you ever considered the security of your email account?

Imagine this:

You use your smartphone to receive emails regularly. You are out to dinner and all of a sudden, you receive a notification that there’s been a suspicious login on your email account.

Your stomach is in knots, by the time you finish reading the message. You gulp down your meal and rush to a computer. It is already too late. Your account has been jeopardised.

Now you have to spend hours (and days), trying to reclaim and secure your personal information, like your bank and credit card accounts, PayPal or other payment processing accounts, social media accounts, business accounts (and messages) and so much more.

Most people think that it couldn’t happen to them, but it’s actually far more common than you would believe…

Think about everywhere that your email account may be used to sign up for accounts, or even plastered publicly due to poor privacy settings in various networks (not your fault though).

Consider what might happen, if someone were to gain access to a pool of usernames and passwords that signed up for something like, say, a forum. They might then run through the email accounts connected to the usernames and try the specified password, for each.

This could spell catastrophe for you, not to mention all of the other people, as well.

The thing is, you can easily take a few seemingly simple precautions, to secure your account immensely. If you put into practice just a few techniques and set up a few things on the back end, you can lower the chances of a successful attack from a hacker, an infinite amount. Furthermore, if you take the time to secure your account (and associated accounts – as you will see), then, in the event that your account is compromised, you will easily have the tools and skills to swiftly reclaim your account – and your privacy as well.

1.5 Passwords

The password itself doesn’t need an explanation, as you already know what it is.

The real question is: do you have a secure enough password?

Generally speaking, if your password contains any ordinary word, especially by itself, it probably isn’t as secure as it could be.

That’s not to say that your password isn’t secure right now, it may very well be.

But if it is simply a word like “animal”, or even “password” (you’d be surprised!), then you really are at huge risk.

Even adding a number to your password, like “animal22”, or “password123”, isn’t safe anymore. Password crackers (software that cycles through passwords at a fast pace) can run through different combinations with ease, in just a short period of time. If somebody truly wanted to get into your account, they could even quickly run through weird variations like “ani2mal2”, or “1pass2word3”, with a little bit of ambition (towards breaking into your account).

Enough talk about weak passwords, let’s cover how you can improve your current password, or even generate a new password.

In most cases, passwords are case sensitive. You can use this to your advantage, in a lot of ways.

Better yet, nowadays a lot of services will allow you to insert symbols into your password.

The Following Is Just An Example This means that you can turn a password like “fastcar” into “!(faSt22CAR)!” and it will work flawlessly. Yes, that’s an annoying password to type in – and maybe even to remember – but think of how much effort it may take to crack a password like that.

As it is, that kind of methodology could be enough to secure your password, BUT, if you want to really step it up a notch and keep things essentially UNCRACKABLE, you need to generate a completely random password.

If you want to go the old fashion way, you can just come up with something random.

Such as the following examples:84q7d*2e55YD
709i!F7B7D2D
vb91Xd6*7R64

Those are really complex and may be difficult to remember, but just keep in mind this is your security you’re talking about – and that goes a long way.

You don’t have to go that complex either – a few capital and lower case letters, a few numbers and a symbol or two, are all it takes to make it secure

If you want to have it all done for you, there are plenty of services out there that will help generate a password for you (along these lines):

https://lastpass.com/generatepassword.php Quick and easy, click a button and you get an incredibly random and safe to use password.
http://passwordsgenerator.net/ Complex and very customisable. Use this if you want to step up every bit of your password and even passphrase security, with minimal effort.
https://www.random.org/passwords/ Enter some information and click a button and you have your randomised password generated.

Lastly, sometimes the account registration page found within the sign up process (for a service) will have a bar that will tell you the security of your password, graded on a poor, medium, or secure scale.

There are even services that require you to have X amount of capital letters, numbers and symbols in your password, to even proceed with the registration.

So that just enforces the fact that having a very secure password, not just for your email account, but any account, is the way forward now and in the future.

IMPORTANT – Never use a universal password for all of your accounts, meaning using the same password for every account or multiple “meant to be secure” accounts, regardless of whether they are email or other accounts, especially for forums and other registrations.

We will discuss this topic more in depth, later on.

Worksheet

Estimated Time: 30 minutes

Hopefully you took in as much of the information in the first module as possible. To find out how well you have really done in this regard, complete the following worksheet.

Download Worksheet

[Tweet “I just completed Module 1 of the Online Security Course”]