Must Read!! Build Stronger Passwords NOW.

Posted on October 23, 2017 by bermanevansretail

Our posts on password security span the entire period of our (Retailing A to Z) existence. In each case, our goal is for you to build stronger passwords NOW. Today’s post is a MUST READ.

 

Old Rules to Build Stronger Passwords

For years, experts (including us) have stressed these “rules” for strong passwords. Many of them still make sense. Yet, further password security is needed!

Aside: Too few of YOU even use these tips.

Evans on Marketing: Tips for Behaving Safely Online (2012) — “What makes a good password. (a) Don’t use your name or combinations of it. (b) Use at least 6 to 8 characters. (c) Include at least one letter, number, and symbol. (d) Don’t use one password for all accounts. If one is hacked, then … .”

Microsoft: Create a Strong Password (2017) –“Strong passwords help prevent unauthorized people from accessing files, programs, and more. It should be hard to guess or crack. A good password is at least 8 characters. The password doesn’t contain your user name, real name, or firm name. It is quite different from previous passwords. You use uppercase and lowercase letters, numbers, and symbols. It doesn’t contain a complete word.”

Google Account Help: Creating a Strong Password (2017) — “To keep safe, act on these tips. Use a unique password for each important account. Use a mix of letters, numbers, and symbols. Don’t use personal information or common words. Make sure your backup password options are up-to-date and secure.”

Guidry Consulting: How To Create Strong Passwords (2017) — “Strong passwords must be not in use on any other system. They must be changed regularly. The passwords must be 12 characters or more. They must mix upper- and lowercase letters, numbers, and symbols. The passwords must not be common words or proper nouns. And they must not be names of your spouse, kids, pets, or other personal identifiers.”

Click the image to read more from Guidry Consulting.

Build Stronger Passwords NOW. Must Read!! Tech Tips on password protection.

 

Why Old Password Rules Aren’t Enough Today

Look at why old password rules are not enough.

Auth0: Don’t Pass on New NIST Password Guidelines (2017) — “The NIST drafted new rules to protect digital identities, published in June 2017. Substantial changes have been made since the National Institute of Standards and Technology’s 2013 report. Many concern passwords. The NIST advises dropping password complexity rules. It suggests new encryption standards. And it wants multi-factor authentication for sensitive information.”

Build Stronger Passwords NOW. Must Read!! NIST Digital Identity Guidelines. Click the image to access NIST SP 800-63-3

According to Auth0, “Conventional wisdom says password complexity is good. But in reality, complex passwords can do harm. Making users’ lives easier ensures stronger passwords. A big problem for users is remembering passwords. So, they make them simple. And they re-use them. In 2016, Experian found Millennials averaged 40 services registered to one E-mail account, and only five distinct passwords. In response, some firms have required a number, or symbol, or capital letter to make passwords harder to decrypt. BUT, an earlier study found users simply capitalized the first letter and added a “1” or “!” to the end. This made the password no harder to crack. Any [decent] password cracker knows these patterns. When required to use numbers, 70% of users on rockyou.com (which contained user info for social networks) added numbers before or after their password.”

Fortune reports that the creator of many old rules has changed his mind (2017) — The man responsible for the requirement that passwords include letters, numbers, and special characters is walking back that advice. ‘Much of what I did [for the NIST in 2003], I now regret,’ Bill Burr told the Wall Street Journal. He added that the recommendation led to complicated passwords. A re-write of ‘Special Publication 800-63’ now suggests that users create passwords with long, easy-to-remember phrases. And they should not be forced to change passwords as often. “

 

MUST READ: NEW Rules to Build Stronger Passwords Now

This section has a synopsis of new password advice. It includes an infographic by Evans on Marketing. It ties together tips from various sources.

XeusHack: Choosing a Strong Password in 2017 (2017) — “Password strength is a measure of password effectiveness to resist guessing and brute-force attacks. In its usual form, it estimates how many trials an attacker would need, on average, to guess correctly. The strength of a password depends on length, complexity, and unpredictability. You must learn how passwords work, how possible attacks to break them work, and how to choose a strong password that won’t break.”

Lifewire: 5 Steps to a Good Password (2017) — “There is no such thing as a perfect password. A committed hacker can crack any password, with the right tools. But if the protection is strong enough, the hacker may become discouraged and give up before the protection fails. We suggest a password with 3 qualities. (1) It is neither a proper noun nor a word in the dictionary. (2) It is complex enough that it resists repetition attacks. (3) It is intuitive enough that you can still remember it.”

 
Click the infographic to see a larger version of our password tips.

Must Read!! Build Stronger Passwords NOW. This infographic gives up-to-date password tips for Web site developers and us as Internet users.
 

MUST READ: Using a Password Manager

What is a password manager? Why should we use one as our best line of defense?

Webroot gives a good overview on this topic:

“How can we create and remember so many unique passwords? The best solution today is a password manager. It offers both convenience and security. Password managers come as lightweight plugins for Web browsers such as Google Chrome or Mozilla Firefox. First passwords are saved in an encrypted database. Second, your credentials are automatically filled in.”

“The major benefit of a password manager is that you need to remember a single master password. This allows you to use unique, strong passwords chosen for each of your online accounts. Just remember one strong password. The manager will take care of the rest.”

Take a look at this video from Vox.

In alphabetical order, these are four popular password managers. NOTE: Both LastPass and KeePass have free versions!

 

Posted in Part 2: Ownership, Strategy Mix, Online, Nontraditional, Part 3: Targeting Customers and Gathering Information, Part 7: Communicating with the Customer, Privacy and Identity Theft Issues | Tagged , , , , , , | Leave a comment

End of Amazon 1-Click Exclusivity, Start of Hilton Relationship

Posted on October 19, 2017 by bermanevansretail

Each day seems newsworthy for Amazon. It appears on a regular in media stories and on social media sites. These are  just a handful of our 2017 posts on Amazon.   Amazon’s Desired Attributes for Job Applicants.   Amazon: King of the Retail World.   Amazon Dives into Custom Clothing.   Amazon Collecting Sales Tax in More States.

Today, we cover the end of Amazon 1-Click exclusivity and the start of Hilton Relationship.

 

End of Amazon 1-Click Exclusivity

 
 Here’s a good synopsis from Greg Sterling, writing for Marketing Land:

“Issued originally in 1997, the 1-Click patent was the subject of controversy and litigation at the time. Here’s Amazon’s basic description of how 1-Click works: When you place your first order and enter a payment method and shipping address, 1-Click ordering is automatically enabled. When you click Buy now with 1-Click on any product page, your order will be automatically charged to the payment method and shipped to the address associated with your 1-Click settings.

“Amazon’s 1-Click ‘business method’ patent expired last month. This means that anyone will soon be able to duplicate its functionality on any E-commerce site and across the Internet. Now, Google, Facebook, Apple (which licensed 1-Click) or anyone else will be able to implement the same type of simplified purchasing. One of the keys to Amazon loyalty, before Prime, was the simplicity of checking out. By some estimates, shopping cart abandonment was worth more than $4 trillion in lost sales last year. That’s trillion, with a t.”

Click the image to read more.

End of Amazon 1-Click Exclusivity. Amazon’s 1-Click 'business method' patent expired last month. What that means is that anyone will soon be able to duplicate its functionality on any e-commerce site and across the internet.
 

Start of Hilton Relationship

Amazon regularly pursues new opportunities. So do many customer loyalty programs. One of those — Hilton Honors — recently entered into an agreement with Amazon to give customers greater redemption honors.

Will this venture be successful?

As described by George Anderson for RetailWire:

“If you’re one of the 66 million members of the Hilton Honors rewards program, you are now eligible to redeem your points for purchases on Amazon.com. Hilton becomes the first hotel brand to link its loyalty program point redemption to the E-tail site. The new perk is free to all eligible Hilton Honors members who link their accounts to Amazon. Members of the Hilton program can automatically use their points to apply to purchases or opt to do it manually.”

“Said Mark Weinstein, Hilton’s senior vice president and global head – customer engagement, ‘“We are always looking for ways to deliver unique experiences to customers,” loyalty and partnerships, in a statement. “By teaming up with Amazon, we are able to offer our Hilton Honors members yet another choice in how they redeem their Hilton Honors Points.’”

“Hilton Honors members who use their points for purchases on Amazon should know that 500 points are equal to one dollar when they shop, according to the FAQ. While Hilton points may be combined with Amazon gift cards to make purchases, they may not be added to other rewards program offers on a single order.”

Click the image to visit the Hilton Honors Amazon page.

Start of Hilton Relationship. Hilton Honors' Amazon shopping opportunities.
 

Posted in Online Retailing, Part 2: Ownership, Strategy Mix, Online, Nontraditional, Part 3: Targeting Customers and Gathering Information, Part 7: Communicating with the Customer, Social Media and Retailing | Tagged , , , , | Leave a comment

Holiday Season 2017: Top Shopper Priorities

Posted on October 18, 2017 by bermanevansretail

Due to improvements in the economy, early forecasts point to a good 2017 holiday shopping season. Nonetheless, retailers still must be prepared for these two factors. One, what are shopper priorities? Two, how much will online shopping grow? The first question is addressed here. The second one will be the subject of a future post.

Consider these observations by Stephanie Pandolph, reporting for Business Intelligence. Also, look at the chart below.

“In a survey of 8,000 consumers by Trustpilot, 62% of respondents listed price as the most important consideration for their holiday shopping this year, with other top factors including customer service, shipping, and product availability. This indicates retailers will need to have plenty of promotions on tap to fully reap the benefits of this high-volume time, as price-conscious consumers are likely to be wading through a large pool of seasonal deals.”

A second survey by CPC Strategy sheds some light on how consumers are factoring in price when deciding where to shop this season: Nearly half of consumers said total price at checkout, including shipping fees, will be the most important factor when choosing retailer this holiday season. Customers also plan to price check while shopping in-store, with 32% saying they will research on Amazon and 23% turning to Google.

 

Posted in Part 3: Targeting Customers and Gathering Information, Part 6: Merchandise Management and Pricing, Part 7: Communicating with the Customer | Tagged , , , , , | Leave a comment