Frequently Asked Questions
- About our accounts
- Email Account How-Tos
- How do I renew a FREE subscription?
- How do I automatically forward my emails to another account?
- How do I see how much of my email quota I am using, and where?
- How do I change my email address or username?
- How do I upgrade my account?
- How do I renew my existing subscription?
- How do I set up/manage my aliases?
- How do I use multiple identities?
- How do I set up email filters?
- Email account user guides
- Email Client Guides
- Getting started
- Glossary
- Most Common Questions
- How do I set up an Out of Office automated response?
- What is the total maximum file size an email attachment can be?
- Outlook App Setup Guide
- Phone Support
- How can I archive my emails for safekeeping or transfer?
- Apple Mail App Setup Guide
- Apple Mail Client Guide
- Outlook Setup Guide
- I can't send/receive emails from my mail client/phone.
- How do I Block or mark an email address as safe?
- Tips and information
- Troubleshooting
Password Strength Tips & Tricks
Your password for your account is, in most cases, the only thing standing between a hacker and your personal information. As such, having a strong and secure password is essential - but how do you make a password as strong as possible?
Common problems with passwords
For many of us there is a difficult balance to strike between choosing a secure password and one that you can easily remember. We are often told that a secure password contains a mixture of lower and uppercase, numbers and symbols, but a password such as ' tH7&!me" ' is easy to forget. The alternative of using simple words like "elephant" is much easier to keep track of but also incredibly simple for a malicious attacker to guess.
The crucial aspect of strengthening a password is it's length. A long password, just like a long string of numbers, is harder to guess, regardless of the complexity.
Comparison of different password strengths
Below you will find a few example passwords, each with their own strengths and weaknesses for comparison.
Please note that these are listed as examples only, and are not intended to be copied for personal use.
Password1: Passwords that are simply "password" (or variations of) are surprisingly (and worryingly) common. This variation is easy to remember, and contains one of the "common" rules of strong passwords - a mix of upper and lower case and a numerical character.
However, the easy to remember format of these characters is also incredibly predictable for hackers. They will almost always try capitalising the first character of a password, as well as adding the numbers 1, 12 or 123 to the end. This is because many accounts require a user to add numbers and a mix of upper and lower case characters, at which point the user adapts their existing password in the simplest way possible to fit the criteria required. This kind of password is highly insecure.
happypixiemoondance: At first glance this example might appear absurd, but it is in fact probably one of the strongest of the examples listed here - purely due to its length. As mentioned previously, the longer your password is, the more combinations of letters and characters a hacker has to guess in order to gain access to your account. However, it is also crucial to ensure that the words are chosen at random, or at the very least are not words commonly associated with each other - "carparkingticketstreet" for example are all words with a common link, making them easier to guess when used in conjunction.
Whilst this example breaks one of the golden rules of passwords, which is to avoid the use of dictionary words, by combining several words at random you can regain password security whilst maintaining memorability.
This kind of password may not be appropriate for all sites as many enforce at least one upper and lower case character, one number and one symbol. You can add such elements if necessary by, for example, capitalising the last letter of each word or separating the words with a certain number.
2bon2btit? - Derived from the phrase "To be or not to be, that is the question" using a simple translation, taking the first letters of each word and translating certain sounds into numbers and symbols. It has the best of all worlds - memorable but also possessing high entropy from including a mix of characters. This works best with a sentence, quote or lyric of at least 10 words.
There is another tactic of taking any random character on the keyboard and repeating it 20+ times and combining it with any other random character from a different class:
%%%%%%%%%%%%%%%%%%%%p is a relatively strong password and actually very memorable.
The Three Golden Rules of Good Passwords
- Never use a dictionary or other common word by itself or even with slight variations.
- Always choose a password of sufficient length - many websites recommend at least 8 characters, but ideally you should aim for 12 or more for a higher level of entropy.
- Make sure your password is memorable - a password is of no use to you if you cannot remember it or if you have to write it on a piece of paper.
If you want to check how secure your password is, you can use an online tool (such as: http://password-checker.online-domain-tools.com/ ) to find out roughly how long it would take a hacker to guess your password.
Identifying scam and phishing emails
From time to time, email services may be targeted by spammers and scammers. As a precaution, we will like to address a few things, as well as providing some tips for identifying spam/scam emails. We have also pasted a few examples at the bottom of this article.
Points to consider:
- We will NEVER threaten to close your account. An account will only be closed at the request of its owner
- We will NEVER withhold any emails from you
- If your account is already created, we will NEVER ask you to login by clicking a link
- NEVER click on any link in an email if you are not sure of its source
- If you have clicked on any links in a scam email, or followed instructions in any such email, the security of your account may have been compromised, so you should reset your email password immediately
Types of Spam/scam emails
- Spam emails either try to scare, threaten or confuse you into clicking a link within the email or to try to blackmail you on baseless claims
- They come up with the most creative ways in order to do this; you'll be surprised!
- This can include posing as a big company such as Microsoft, Amazon or Apple, or even smaller companies. These type of scams are called phishing emails
- They can also pose as your email account provider (such as us), claiming you need to "Action your account" in some way
- Their end goal is either to trick you into entering your username/password or other personal details somewhere, as well as trying to trick you into paying money to them
Useful tips in spotting a scam email
- Should I open the email? - Opening an email is not dangerous in itself, they won't be able to harm your computer without first getting you to follow their ploy first. However, opening emails can let the sender know that it is an actively used account, which they could use to either sell to other spammers or use themselves. So we do suggest not opening emails you are unsure about. However, please do not worry if you accidently have.
- Check the email address it was sent from - If it's coming from a very strange address or is completely different from what it is claiming to be, there is a high chance the email is spam. However, there are ways addresses can be spoofed, or masked as something else. You can read more about spoofing on the following page here: https://www.wikihow.com/Identify-Email-Spoofing
- What do they want from you? - If they are asking you to enter your personal details by following a link, requesting your details by logging in, or blackmailing you because they have something to hold against you, chances are they are baseless claims you can safely ignore. Real companies will never ask you for account or personal details without reason, as they control your account anyway and have no need to ask you. Please note however, if you are in direct contact with a company, they may ask for some security details in order to verify you are the owner of the account. This is so they know they are talking to the owner of the account and not someone trying to gain unauthorised access. This is standard practice with recovering an account, so if you are unsure, please go directly to the companies website and contact them from there. Companies will rarely contact you first.
- Where do the links go? - Links are what the scammer wants you to click. They will either direct you to a page they are in complete control of so they can try to get personal details from you, or it will download a virus to your computer. Links can be deceiving! A common feature of links is to replace the actual text of the link, so this link: https://www.wikihow.com/Identify-Email-Spoofing and This Text are in fact the same link. Scammers use this to mask where the link will really take you. You can check a links address without clicking them by hovering over them with your mouse. This will show the real link on the bottom left of most browsers. This is a good way to check where the link really goes. If it is something completely different to what it is claiming, chances are it may be a scam.
You can read more about spam emails here: https://www.wikihow.com/Recognize-Spam
What to do with a spam email
- Delete and blocklist! - If you are happy that the email in question is indeed spam, feel free to delete it and add the address to your blocklist
- Run regular virus scans - This is just a sensible precaution for using computers in general
- Never open or download attachments unless you know what they are - If you don't know the sender or otherwise feel like an email may be spam, do not open any attachments. This is the quickest way to be infected by a virus. If you must open the attachments, right click on them first, then select scan for viruses or scan before opening
- Worried about your account? - If the email is directed towards an account you own and you would like to check up on it, don't follow any links in the email. Simply find the companies website by using your trusted search engine, such as Google, to find the real companies website and login to your account from there. Any claims the emails had, if legitimate, should be reflected here once you have logged on
- Still concerned? - Remember 99% of scam emails hold no power over you, unless you follow their instructions. If you are still concerned or you are worried about someone blackmailing you, you can always forward us the message and we will be happy to take a look ourselves. If you do not want to open the email, simply select the email and then forward it on. This won't open up the message
Please email us at help@aluminati.net if you have any questions or concerns.
Examples
_______________________________
#1
Dear Mail User,
Our record shows that your Mailbox is Out-dated which has caused some incoming mails to be placed on pending.
Kindly click UPDATE your Mailbox in order to receive new mails.
You can also accept to our new terms of service and private policy by clicking Here
We apologies for any inconvenience this might cause.
Best Regard,
_______________________________
#2
|
|
|
|
|
|
|
_______________________________
#3
|
Dear (you), |
| CANCEL DE-ACTIVATION |
|
However, if you do not cancel this request,your account will be shutdown shortly, |
|
powered by: Google+
|
_______________________________
#4
Dear Customer ,
You can not send or receive new files until you re-validate your account.
To renew, please click below.
https://www.cantab.net/login
Thank you.
Mail administrator!
_______________________________
#5
