Category: How To

Posted on

Best Practices for Password Security

In today’s internet-connect age, strong passwords are your first line of defense against unauthorized access to your personal and professional accounts. Following best practices for password security is crucial to protect your sensitive information from cyber threats. Here are some essential guidelines to help you create and manage secure passwords.

1. Use Long and Complex Passwords

  • Aim for passwords that are at least 12 characters long.
  • Include a mix of uppercase and lowercase letters, numbers, and special characters.
  • Avoid using common words, phrases, or easily guessable information like birthdates.
  • Check this list of the top 100,000 passwords taken from list of 10,000,000 passwords compiled from default, breached, pentesting lists, listed in order of usage count. To use this list, you can search within your browser (control-f or command-f) to search whether your password comes up, without transmitting your information over the Internet.

2. Use Unique Passwords for Each Account

  • Never reuse passwords across multiple accounts.
  • If one account is compromised, others remain secure.

3. Use a Password Manager

  • Password managers generate and store complex, unique passwords for all your accounts.
  • You only need to remember one master password to access your password vault.
  • Here are several that offer free options/versions:

4. Be Wary of Phishing Attempts

  • Never enter your password on a site you accessed through an email link.
  • Always verify the authenticity of websites before entering login credentials.

5. Implement Multi-Factor Authentication (MFA)

  • Enable MFA whenever possible for an extra layer of security.
  • This typically involves something you know (password) and something you have (e.g., a mobile device for receiving codes, USB security key).
  • Many sites are requiring this in addition to passwords.

By following these best practices, you can significantly enhance your password security and protect your digital identity from potential threats. Remember, the strength of your passwords is often the key to safeguarding your personal information in the digital world.

Posted on

Upgrading Drupal and blocked by MySQL library version

Recently I was upgrading a Drupal installation to version 9.5.11 and when in maintenance mode, received the error:

10.5.20-MariaDB-cll-lve-log
The libmysqlclient driver version 3.1.21 is less than the minimum required version. Upgrade to libmysqlclient version 5.5.3 or up, or alternatively switch mysql drivers to MySQLnd version 5.0.9 or up.

Since this installation was on a shared hosting account, I have limited control over the software version.  I could switch to the MySQLnd driver. The MySQL native driver for PHP (mysqlnd) is a drop-in replacement for the MySQL Client Library (libmysql) for the PHP script language.

To make the change in cPanel, find the “Select PHP Version” in the Software section and click to select.  In the “PHP Extension” tab make the following changes.

PHP Extensions image

After doing this you should be able to continue your Drupal upgrade with no error.

Posted on

Change ownership of a domain in Google Domains

I used the following steps to transfer a domain name from one Google account to another Google account.  It seems that this procedure has changed recently and existing solutions found on the Internet are out of date.  Surprisingly, Google did not provide the solution either.  I  found the current solution by trial and error.   This is very different from the normal transfer procedures used to transfer a domain name documented by Google and others Domain Name System (DNS) registrars.

  1. Go to Google Domains and login to the Google account that currently owns the domain name (example.org).
  2. Select the domain name that you want to transfer.
  3. Add the receiving Google account as a shared user for full access.
  4. Login to the receiving Google account and verify access to the target domain name.
  5. Edit the contacts to reflect changes for the domain name.
  6. Make sure a funding source is set, if using auto-renew option.
  7. Delete the previous Google account from the Users list.
  8. Optionally, login to the Google account that previously owned the domain name to verify it does not have access to the domain name.

Hopefully Google will index this post so their customers do not have to get frustrated trying to find the solution as I did.