A User Guide

A few thoughts on how to travel in Asia and Australia without getting bitten, robbed, scammed or ill.  A lot of these tips were collected between November 2013 and April 2016.

 

Contents

Personal Safety

Natural Disasters

Possessions

IT Security

Data & Device Encryption

Device Password

Connecting to the Internet

Passwords

Password Strength

Password Managers

VPNs

Data Backup

MS Windows Travel Software

 

Personal Safety

1. Walking at night –

• Be aware of your surroundings and who is around you.

• Don’t carry too much money in your purse or wallet, keep passports and credit cards in a money belt. If possible split money and credit cards between money belt and room safe.

• Keep to well lit areas and if possible areas with lots of other people (see Pickpockets below).

• Use a torch and be aware that pavements in certain parts of Asia can be very uneven or non-existent.

• Watch out for manholes and drain gratings as they can sometimes give way or be missing completely (this applies to walking around in the daytime as well).

• Avoid using mobile phones outside and in poorly lit areas.

2. Bars and clubs

• Ask other travellers for recommendations

• Go with friends

• Don’t leave your drink unattended

3. Self defence?

• Unless you have some sort of military training or a black belt in a martial art then fighting muggers is probably not a good idea.

• Carrying pepper spray may be of use but unless it is already in your hand and your finger is ready to press the button then everything is probably going to happen too quickly for it to be of any use. Note: You can buy pepper spray in certain Asian countries but it is illegal to carry it in the UK.

4. Wildlife

• Watch from a distance.

• Assume all snakes are venomous and that they will try to bite you.

• Assume all small mosquito shaped insects are malaria carrying mosquitoes and that they will try to bite you.

• Assume all dogs, cats, bats and monkeys are carrying rabies and that they will try to bite you.

5. Health

   • Don’t forget to take your malaria tablets in areas where they are needed and remember to take them before entering a malarial area and to continue after leaving (read the instructions for the particular type of tablets).

   • Dengue fever is common in certain parts of Asia. There are currently no preventative medicines you can take, all you can do is avoid getting bitten by mosquitos – cover up and use some sort of insect cream or spray.

   • Insect creams & sprays. The citronella and DEET based repellents both appear to work, although in my opinion DEET is better. I quite often see other tourists applying repellent sprays as if they are perfume – the “spray the air in front of you and walk through it” method, or a two-second spray 12 inches away from some (but not all) of your exposed skin. Both of these methods are a waste of time and money as repellents are thought to work by blocking the mosquito’s ability to find bare skin – as soon as it finds an area of skin with no protection it will bite you. The best way to apply repellents is either to use a cream and rub it onto every bit of exposed skin, or apply the spray to the palm of your hand and then rub your hand over every bit of exposed skin.

   • Unless told otherwise buy bottled water for drinking and brushing your teeth. Most tap water in Singapore & Australia is ok to drink but ask first.

   • Alcohol can be quite cheap in parts of Asia but you should avoid spirits if they appear to be cheaper than normal, are in suspect bottles or just look home made – they may contain dangerous levels of methyl alcohol. If you think you have drunk methyl alcohol get to a hospital as quickly as you can (see MedlinePlus).

   • Scams.  See Traveller.com and Smartraveller

   • Email Alerts.  Sign up for the email alerts from the Australian Smartraveller and the UK Foreign Travel Alerts

 

Natural Disasters

Flood

The monsoon season in Asia can be especially challenging.

• Expect a lot of transportation delays and cancellations.

• Avoid walking through flood water. It is not unusual for drain and manhole covers to be removed by flood waters and falling down an open drain is never a good idea.

Fire

• Make sure you know how to escape from your room in case of a fire. The more reputable hotels will have an escape plan on the inside of your room door. Check that this route is possible and, if you think it is necessary, see if you can find a second option.

• If driving in areas prone to bush fires check the TV or radio before you set off.

Cyclone

• If travelling during the cyclone season check that your accommodation is certified as cyclone proof and has a cyclone plan.

• Find a copy of the cyclone plan and read it.

Earthquake

• Large parts of Asia are prone to earthquakes. If caught in an earthquake – steady yourself. Hold onto a solid object or get to the floor so that you do not fall. Try to hide under a piece of furniture.

• Earthquakes very rarely last for more than a minute or two. When the shaking has stopped slowly and carefully leave the building and head for an open space away from buildings, overhead power lines etc ie anything that could fall on you. Once outside be aware of glass, roof tiles and cladding falling from buildings and tower blocks.

• Remember, aftershocks are possible at any time, and are more likely after a big earthquake. Aftershocks can range from very small impercetible earthquakes to earth movements almost as large as the original earthquake.

• Buildings damaged by an earthqake can collapse at anytime. Do not enter damaged buildings and get out of the area as soon as you can.

• If you are near the sea make sure you know which way to run in case an earthquake triggers a tsunami. Find and read the tsunami warning notices and look out for the tsunami evacuation route signs. In some places there will be a warning siren indicating a possible tsunami – drop everything and run to high ground, although the sirens will probably only sound several minutes after an offshore earthquake so look out for more immediate signs;

  • An earthquake – if you are at the beach them assume it will be followed by a tsunami and get inland to higher ground.

  • The tide suddenly goes out – this looks very strange so don’t stand and stare at it just run. Not every tsunami is preceded by the tide suddenly going out but every sudden withdrawal of the sea will be followed by a tsunami.

  • If in a city or town be aware that water flowing between buildings will get much higher than it will be on the beach.

  • Do not get into the water, the current could be quite strong but the greatest danger is being crushed by floating debris. You may also be swept several miles out to sea when the waters receed.

Volcanic Eruption

• The most likely consequence for the traveller of a volcanic eruption will be earthquakes and falling ash. Ash clouds will also more than likely cause airports to be closed and flights to be cancelled.

• If caught inside a building during an ash fall then close all windows and doors and stay inside. Be aware that a very heavy ash fall can cause roofs and buildings to collapse.

• If caught outside during an ash fall – cover your nose and mouth with a cloth or face mask and get inside as soon as you can.

• Volcanic ash is highly abrasive can damage your lungs, so use medical quality face masks and get out of the area as soon as you can.

 

Possessions

1. Insurance and proof of ownership.

   • You should always have travel insurance but in my experience they tend not to cover you for the items that are mostly likely to get stolen like cash, laptops and mobile phones, I wonder why?

   • Keep purchase receipts for valuables in a safe place back home and either photocopies of the same with you or scanned copies as files somewhere on the cloud (see below for a discussion of Data Backup).

   • Photograph absolutely everything and keep the pictures on a hard disk that you carry with you. Keep a second copy on the cloud.

   • Remember to photograph serial numbers as well as writing them down.

2. Credit & Debit Cards

   • Carry at least 2 different credit cards. One of each Amex, Visa and Mastercard is even better as some places only take one type (generally not Amex) whereas online phone top-ups work best with Amex and Indian online railway bookings only take Amex.

   • Investigate debit cards before you leave your home country. There are quite often companies that don’t charge for foreign currency withdrawals from ATMs.

   • Split your credit cards between at least two or even three safe places. If there are two of you then make sure that the same card types aren’t all stored in similar places. Wallet or purse plus money belt, or wallet or purse plus money belt plus room safe.

   • Using ATMs

• Check the front of the machine for loose bits or anything that looks out of place – the machine could have been fitted with card skimming devices. Be vigilant as the devices are getting quite sophisticated.

• Cover the keyboard with your other hand when entering your PIN. Card skimmers work by reading the information off the magnetic strip on the cards AND by using a camera to read your PIN – if they don’t have both bits of information then you are still safe.

• A lot of ATMs in Asia are located in a small air conditioned booth and quite often have a security guard (sometimes armed!) – use the guarded booths if you can.

• Also try to use an ATM that is connected to a bank and if possible use it when the bank is open. This should make getting your card back if the machine ‘eats’ it easier and quicker.

• And one last thing. Probably totally obvious but – put your money away before you leave the slightly enhanced security of the ATM booth and check that you have picked up you card. One nice thing about ATM machines in India and some other parts of Asia – you put your card in for a few seconds while the machine reads it but nothing further happens until you take it out again

3. Accommodation

   • Choose accommodation with a large room safe and use it.

• Check that the safe is screwed down. I have stayed in places where it is just left in the bottom of the cupboard – this offers some protection but isn’t ideal.

• Also bear in mind that the hotel will always be able to open the safe – they must be able to open it as guests sometimes check out and leave it empty and locked. So things can go missing from room safes, you are then left in the almost impossible position of proving that you put it in the safe in the first place.

• Some insurance policies will only cover certain possessions if they are stolen from a hotel safe, but good luck proving it.

2. If your accommodation doesn’t have a safe then consider travelling with your own. The company PacSafe do two sizes of travel safe (http://www.pacsafe.com/travel-accessories-wallets/portable-safes.html) – not as secure as a large metal room safe but may stop all but the most determined robbers.

   

   PacSafe – Travel Safe

• If you do use a travel safe then remember to fix it to something very secure. I fixed one to a metal shelving unit inside a locked cupboard inside a locked room – the thief simply broke all the door locks and bent the shelving unit until it broke. It looked like the PacSafe did its job but he simply took it with him.

• One option is to fix the travel safe around the base of the toilet bowl. Beware of using water pipes and drains as they can be broken or unscrewed.

• If your toilet doesn’t have a base to fix your travel safe to then use the bed frame or couch or a large arm chair – anything big and heavy and difficult to undo or break or cut through.

3. Check door and window locks before you accept a room. Ask for a different room if locks are broken, missing or look inadequate.

4. If possible spread the risk. If you can hide valuables in different places in your hotel room. Lock wardrobes and cupboards even if they contain nothing of value – you will at least delay a burglar.

5. Quite often you will find rooms in India and Indonesia are locked using a padlock. So carrying and using your own medium sized padlock will give you additional room security when you are out.

6. Remember to lock doors and windows at night. Difficult if you are in a hot country and need to leave windows open for air circulation, so check outside for climbing routes and consider what a determined burglar may be tempted to do. A lot of accommodation in India and Thailand has very substantial window bars so leaving windows open isn’t a problem. Window bars can also be useful for attaching a travel safe.

7. A door wedge can be used as a simple and relatively lightweight additional door lock – just wedge it under the locked door as tightly as you can.

8. If you are totally paranoid or suspect that door locks may be inadequate then consider buying and using a door alarm. I made a much more useful door alarm from a cheap rape alarm and a length of fishing line (the wire sort used for pike fishing). They are now fixed inside the travel safes with the wire attached to a fixed point outside the safe – too much pulling will set off the alarm and hopefully foil any robbery attempt.

9. Always lock valuables away when leaving your room, especially if you suspect it will be cleaned. I have never had anything stolen by a cleaner but it is a good idea to remove any temptations.

4. Bum bags

   

   PacSafe – Bum Bag

• Bum bags are a convenient way to carry wallet, purse and passport, and are slightly more pickpocket proof than, well pockets.

• If you want even more security have a look at the PacSafe site – they do a very robust slash proof bag. The only problem with it is that after a time the wires in the belt part tend to rust and fray, they then tend to fray your clothes and stick into you, but nothing that a few lengths of duct tape cannot fix. PS I have worn mine almost every day for two years now!

 

 

 

5. Money belts

   

   Money Belts

• An essential bit of kit. The type that you wear around your waste are probably the best. The neck pouches can sometimes work their way to the outside of your clothing and may then be snatched. Keep your passport, most of your credit and debit cards and any spare cash in it. Just remember to wear it.

• If you need to get something out of it when you are out and about then go to the bathroom to do it, otherwise you will draw attention to the fact that you are wearing one.

 

 

6. Jewellery, phones & cameras.

• Jewellery – leave it at home, either that or buy something cheap and local.

• Phones – if possible attach a short strap either to it or the case. Not only will this help reduce the chances of dropping it but may thwart a snatch and grab attempt. Generally be aware of your surroundings and who is around you when making calls or taking pictures.

• Cameras – same as phones. Keep the camera strap around your neck or wrapped around your hand. If not in use then carry it in its case with the strap over your head and diagonally across your chest (see Snatch and Grab below).

• Try to avoid using phones outdoors at night as they tend to draw attention to themselves especially in poorly lit areas. And for the same reasons don’t use your phone as a torch – buy a small led torch instead.

7. Pickpockets

• Generally be aware of your surroundings and who is around you. Remember to check who is behind you every so often and beware of people pointing out marks on your clothing.

• Don’t carry anything of value in your pockets use a handbag, rucksack or bum bag.

• If using a rucksack consider wearing it on your front, although remember it will restrict your view of the ground in front of you!

• If somewhere where you are forced to walk in single file, in markets and alleyways for example, then be aware of people in front of you who appear to be walking more slowly than they should be – if this happens then check who is behind you – they may be an accomplice trying to pick your pocket.

• Consider using a wallet or purse with a chain, and attach it to your belt, inside your bum bag or inside your handbag.

8. Motorbike snatch & grab

• Generally two passengers on a motorbike. They drive very close to the pavement and the pillion passenger grabs your camera, or shoulder bag from your shoulder and before you know it they have driven off.

• Always wear hand bags, shoulder bags and cameras with the strap over your head and diagonally across your chest. Also have the bag or camera hanging on the side away from the road and don’t walk too close to the road.

• Another defence is to use a bum bag instead of a shoulder/hand bag and perhaps even slide it around so that it is facing away from the road.

• Walk facing the traffic flow so you can see anyone approaching too close

9. The taxi luggage scam

• You hail a taxi, it stops, the driver opens the boot but doesn’t get out, you put your bags in the boot, he drives off leaving you at the side of the road with no luggage.

• If there are two of you then one of you climbs into the back seat before the other one puts the luggage into the boot.

• Or if you are on your own make the driver get out and help you put the luggage into the boot.

• Or if you are on your own with a relatively small bag, close the boot and climb into the back taking your luggage with you.

• A variation on this scam is where the driver doesn’t open the boot – ‘no room’ he says and insists you put your bag in the foot well of the front passenger seat. You are taken to your destination and only when you open your bag do you discover that the driver has managed to steal something from your luggage. Tends only to be a problem with rucksack type bags and generally occurs at night and/or where you have a restricted view of him and the passenger seat. Solution is to keep a close eye on your bags and if necessary insists that they go in the boot or on the back seat with you, or put them on the back seat and you sit in the front.

10. Airports & Customs

• Don’t put anything of value in your checked-in luggage.

• Lock your luggage.

• Security checks vary greatly between countries and even airports in the same country. So be prepared for more than one check which may range from cursory to thorough. Stay calm, be cooperative and allow up to an hour.

• Unless travelling into the USA avoid using TSA padlocks on your luggage. The master keys for them are now available to buy on the internet (Note: Unfortunately the combination lock that comes with the PacSafe Travel Safe is TSA approved and can be opened with a TSA master key).

• In general water bottles will be taken off you at security. Also be aware of the second search at the gate where certain airlines travelling to certain countries will confiscate the water bottles you have just purchased in the secure area (AirAsia flying to Australia from Bali do this).

• Check your carry-on luggage for liquids, knives, cigarette lighters etc before you pack your main bag. Otherwise they may be confiscated at the security check. Remember you may be able to get your checked-in bag back if you go back to the check-in desk and may be able to place high value items in it – but don’t bank on it. You may also be able to have items that would otherwise be confiscated checked in separately, but this depends on the airline and may cost you.

• Most security checks require laptops to be removed from their bags/cases before x-raying. Don’t do this unless instructed. Also rules vary greatly between countries – some require umbrellas and belts to be x-rayed separately, some require laptops to be removed but phones to be left in your carry on bags.

10. Flying

• Put your phones, laptops and tablets into flight mode before you get on the plane. Keep them turned off during take off and landing. It is highly unlikely that a phone that is turned on and not in flight mode will do any harm to an aircraft – the reason they ask you to turn them off is to prevent the clicking interference noises they make when they attempt to connect to a wifi or cell tower from distracting the pilots. They may miss part of an important instruction if it is interrupted by a mobile phone click.

• Consider locking your bag when it is the overhead locker, especially during a night flight. There are occasional reports of valuables being stolen from overhead lockers and all the airline will do is report it to the police – they will not search passengers as they disembark.

 

Travel Security Equipment

• Medium sized padlock. Useful for locking some room doors, used in conjunction with a chain or security wire for securing bags and travel safes.

• Set of small combination padlocks, used to lock suitcases and rucksacks More of a deterrent as most suitcase and rucksack locks are easily broken. It is also relatively easy to open some luggage with zippers and to do so in such a way as to make it impossible to tell it has been done (see https://www.youtube.com/watch?v=G5mvvZl6pLI)

• One or more travel safes (see http://www.pacsafe.com/travel-accessories-wallets/portable-safes.html)

• A length of welded link security chain. Enables travel safes to be secured to larger objects (large diameter toilet base for example), or to make the connection easier (attach one end of the chain to the back of a refrigerator and then attach the safe to the other end and sit the safe next to the fridge) or just use the chain to attach the safe to a second fixed point.

• Bum bag.

• Wallet or purse with a chain.

• Money belt

• Door alarm.

• Rape alarm. With a length of fishing wire to allow it to be used as a door or bag alarm.

• Door stop wedge.

• Small LED torch.

 

IT Security

 

Anti Virus

You must install and run anti virus software on all of your devices.  There are several good applications that are also free.

Bitdefender is one of the most highly rated at the moment.  The free version has a very simple interface. 

Avast is also quite good although has a more complex interface and tries to provide more functions than Bitdefender.

I also have the free version of SUPERAntiSpyware installed.  Unlike Bitdefender it doesn’t run all of the time but I run it manually just to check that nothing has been missed by the main anti virus application.

 

Data & Device Encryption

If you have an Android tablet or phone then it is quite easy to protect it by encrypting the data and software stored on it. If stolen or lost, encryption makes any data stored on the removable SD card unreadable. It also makes the tablet or phone very difficult to sell if it is stolen, as the thief would have to perform a complete factory reset – not an easy task on an encrypted phone.

If you have a windows laptop then you should at least add a login password and consider encrypting personal files stored on the hard disc. Encrypting the entire system and data is a little more complex than on an Android device so I never got around to doing it. The option I did take was to encrypt all confidential and personal files stored on my Windows devices. For this I used EncFS MP (http://encfsmp.sourceforge.net/), an open source encryption application for Windows. EncFS MP encrypts files singly and places them in a directory of your choice, unlike some other applications that require you to create one large fixed-size encrypted file where it places your personal files. The problem with this method is that you have to decide at the start how many files you need to protect and how big they are, as the size of the encrypted file generally cannot be increased.

 

Device Password

You should always protect your devices with a password. Using PINs and ‘swipe patterns’ for Android devices is not recommended as they are much less secure.

A login password on a Windows device is nothing more than a delaying tactic if it is lost or stolen, as there are at least three ways to bypass Windows login passwords. The simplest of these is to remove the hard disc and read it using another computer. You must therefore encrypt any confidential data files stored on your laptop, as the login password is no defence at all.

When choosing a password for you device always bear in mind that you will be entering it a lot – so try to strike a balance between security (see Passwords below) and the need for ease of entry. And if using an on-screen keyboard remember that you may have to switch to the alternate keyboard if you need to enter certain symbols.

 

Connecting to the internet

Internet Cafe vs Public Wi-Fi vs Mobile Phone

In general, using a mobile phone to connect to the internet is more secure than using public Wi-Fi, and public Wi-Fi is more secure than an internet cafe. All other than the Internet Cafe option benefit greatly from using a Virtual Private Network, abbreviated to VPN (see Why use a VPN? Below).

 

Using an Internet Cafe

If you can avoid it then don’t as they are generally very badly infected with malware and viruses and may even spy on your online activity. But if you find you have to then read the following tips;

• Investigate and download the free cybercafe security bundle from cafeKlysm (http://www.tokezone.net/cafeklysm/index.htm) and put it on a USB thumb drive before you travel. If the cafe allows you to use your own software/thumb drive then use this bundle of security applications. If it doesn’t allow you to run your own software i.e. the PCs are configured to prevent external software being loaded/run, then you may have to trust that all will be well. The chances are that the machines are ‘clean’ and therefore safe.

• Investigate the software running on the PC you are using. Check for a known Antivirus application and if possible check that its definitions are up to date. There are many antivirus applications but some of the main (& reputable) ones include Bitdefender, Avast, Norton, Kaspersky, AVG

• Avoid using credit cards in internet cafes if at all possible and don’t check your bank accounts.

• Create a ‘junk’ email account with someone like Google or Yahoo. This should be used when you visit an internet cafe (as well as when you need to give an email address but suspect it will be used to bombarded with junk mail). PS A free and very secure email account can be obtained from Tutanota (https://tutanota.com/).

• If printing always ask for the cafe for their email address and ask them to print from the email you send them. Do not take a USB thumb drive and ask them to print from that as you stand a good chance of infecting it with a virus. If possible email documents for printing to your ‘junk’ email account before you visit the cafe.

• Remember to log out of every application and/or web page when you have finished with it and never tick the ‘remember me’ boxes on login pages.

• Remember to clear the browser history and cache before you leave the cafe.

 

Using Public Wi-Fi

Almost every restaurant, cafe, burger joint, Thai massage parlour, hotel and guest house has either free or paid Wi-Fi You can even find it on some airplanes. In general public Wi-Fi is not very secure and you should follow some basic security measures when you use it;

• If asked something like “Do you want to find PCs, devices and content on this network and automatically connect to devices like printers & TVs? We recommend that you do this on your home and work networks” answer ‘No’.

• Use a VPN whenever you access banking sites or any site that has important/personal information about you, especially medical sites and perhaps even social media sites.

 

Using a Mobile Phone

If you have a phone that can act as a Wi-Fi hotspot ,or can be tethered to your PC/laptop, or has a large enough screen to use to access the internet, then one of the more secure ways to surf is to use a local SIM with a data connection. These can be relatively expensive but tend to be more reliable and more secure than other methods. They are also generally slower.

Even so you should;

• Use a VPN whenever you access banking sites or any site that has important/personal information about you, especially medical sites and perhaps even social media sites.

 

Mobile Data Providers and Balance Check (USSD) Codes

Country	Provider	Check Data	Check Calls
India	Airtel	*123# call	*123# call
India	Tata Docomo	*111*1# call	*111# call
India	Vodafone	*111*6*2# call	*111*2*2# call
Indonesia	Telkomsel (simPATI)	*889# call	*888# call
Lao	Unitel
Malaysia	U Mobile	*118*3*1*3# call
Myanmar	Ooredoo	*133# call
Nepal	Ncell	*901# call
Singapore	Singtel	*100# call
Thailand	AIS	*121# call	*121# call
Thailand	Dtac	*121*9# call

 

Using a Wired Connection

Using an internet wire plugged directly into your PC/laptop is probably the most secure way to connect to the internet, although as with other types of shared connection you are at still at risk. If you find yourself staying in a hotel with a wired connection then I suggest you use it. If you need to share the connection between two or more of your own devices then you should consider travelling with your own Wi-Fi modem. I use a small multi function modem from DataLink (DIR506L). It also boost existing Wi-Fi signals and at the same time adds another level of security. With the addition of a USB dongle and mobile data SIM it will also turn your mobile data SIM into a secure hotspot.

Quite a few hotels, guest houses and apartments in Japan offer a wired connection rather than wifi.

 

Passwords

There are two rules for computer passwords;

1. Make them as strong as you can

2. Don’t use the same password for different logins

3. Not a rule but a helpful suggestion – use a password manager.

 

Password Strength

There are no standard ways of measuring how good a password is but quite often you will be instructed to use a strong password. So what does that mean?

Well one way of explaining strong passwords is to show a few weak ones;

oxford, Oxford, 0xf0rd – are all relatively weak or poor passwords.

Why? Because you can find them in a dictionary (in this case on the front cover of one of the better dictionaries). If someone is determined to break your password and has the knowledge, opportunity and resources, then something that is in a dictionary will take fractions of a second to break.

thequickbrownfoxjumpedoverthelazydog – is a middling password.

It is very long and doesn’t appear in a standard dictionary although it may be found in some of the quotes and phrases dictionaries.

It may take someone a while to crack but do you really want to type all of that in every time you want to logon to Facebook?

g#%5fG1wS*(lKuP_DaP90 – is a strong password. But is probably only to be used in conjunction with a password manager as I very much doubt you will remember such a jumble of characters.

table_dog_Albert_samosa_quiz – is another strong password.

It is quite long, and contains a mix of upper and lower case letters as well as special characters. It does contain dictionary words but to crack all of them and in the correct order is going to take a very very long time. It also has the benefit of being memorable (although it may take you a while). It does have one drawback – symbols can be a bit of a pain to enter using the on-screen keyboard on a computer tablet.

 

How to create a strong password

There are many online and downloadable applications that can generate passwords for you, but one of the easiest methods involves a dice and a downloaded word list.

See http://world.std.com/~reinhold/diceware.html for technical details and a copy of the list.

In essence you throw the dice, creating a random number and then use this number to lookup a word. If you do this 5 times and string the words together (with or without symbols) then you can generate a reasonably strong password. If you use 6 or 7 words then the password is going to be very strong. If you use about 7 or 8 words then the password is probably uncrackable using current technology.

The diceware method recommends that you use a physical dice and one of the standard dictionary lists (NB the original list uses quite a lot of American words but there are alternatives) and strongly suggests that you do not make up your own words – they state that we are not very good as creating random sequences. Well they are probably right but it very much depends on how secure you need your password to be.

As an alternative try the book method. As randomly as you can, flip through a book and open it. Lay it flat on a table, close your eyes and place your finger somewhere on one of the two open pages. Pick the 4 or 5 character word that is under or closest to your finger. Repeat by opening at another random page.

Write down the 5, 6, 7 or 8 words you have selected and, if you want, rearrange so that they are easier to remember.

An example using an electronic copy of World Without End by Ken Follett and randomly selecting 7 words from random pages and random screen locations gave;

reach, baby, and, maybe, Thomas, brother, panic

and with symbols;

reach_baby_and_maybe_Thomas_brother_panic

an even stronger password could include numbers;

2020_reach_baby_and_maybe_Thomas_brother_panic

or you could mess around with it a bit more;

2020_reach_baby_&_maybe_Th0mas_br0ther_pan1c

As it happens this didn’t need any rearranging to make it more memorable or perhaps I wasn’t totally random in my selection. It very much depends on what you are using your password for (see ‘Horses for Courses’ below).

The problem with any long password especially one created using the diceware method is how to remember it. The simple answer is to write it down – yes, counter to all advice ever given regarding passwords – write it down on a slip of card and carry it in your purse or wallet. Use it to help you remember and as soon as you find you are no longer using the card take it out and burn it.

A useful although not definitive website for gauging password strength can be found at http://www.passwordmeter.com/

 

Horses for Courses

Password strength should be based on the site or account’s importance i.e. a site that doesn’t involve money and has none of your personal details only needs a weak password. Whereas a banking site needs the strongest password you can muster. Facebook and email accounts should be somewhere in between.

 

Two Factor Authentication

Some sites allow a second security measure, generally involving code numbers sent to your phone. These are all well and good if your phone works in the country you are in at the time and your provider doesn’t charge you a fortune to receive these texts.

 

Reusing Passwords

Don’t do it.

Don’t use one password for more than one site unless you are using the same password for a group of low value accounts and wouldn’t mind one or more of them being hacked at the same time.

Don’t use old passwords for new sites/accounts. This is less of a risk but you never know, someone may have hacked a site and obtained a list of your old expired passwords.

This is easy to do if you only have one or two passwords but what if like me you have over 50? The answer is to use a password manager …

 

Password Managers

There are lots of password manager applications on the web and if you have more than a handful of passwords then you should consider using one.

What are they?

Password managers store all of your passwords in one place and are protected by a single (and hopefully super strong) master password. They range from cloud based applications that manage absolutely everything relating to passwords (and can even synchronise passwords between your laptop, PC and phone) to simple encrypted databases that just store your passwords in one place.

An example of the all-singing-all-dancing manager is LastPass (https://lastpass.com/), which has both paid for and free versions. One point to consider when using a system that stores your passwords on someone else’s server is how secure is that server. LastPass was hacked in 2015 although they say that no passwords were accessed.

An excellent and highly recommended example of the much simpler encrypted database application is called KeePass (http://keepass.info/). This creates a database that you store on your hard disc and/or carry around with you on a pen drive. It may be best to both store a copy of the password database on your hard drive, your pen drive and on the cloud.

Needless to say, any password manager is only as good as the master password you use to secure it. So it is probably a good idea to make this as complex and as long as you can cope with. After all, it may be the only password you ever have to remember.

And just to put all of the above into perspective.

If you are determined and have quite a lot of money then any 8 character Windows password can be cracked in 5.5 hours – allegedly (see http://fossbytes.com/this-computer-cluster-cracks-every-windows-password-in-5-5-hours-or-less/) and if you are up against the NSA, where money is no object, then your password is toast.

So don’t get too hung up about password strength as someone out there will be able to crack your password – it all depends on how much trouble you want to put them through and how much you want them to spend, compared with how much inconvenience you are prepared to put yourself through. As with most things in life – passwords are a compromise.

 

Why Use a VPN?

First of all what is a Virtual Private Network or VPN?

A VPN can be thought of as a secure tunnel through the internet to a point very close to the computer you are trying to communicate with.

Suppose, for example, you are in a hotel in Thailand and you would like to check your bank account in the UK. You connect to the hotel’s wifi using the password given to you when you checked in. The problem is that all other guests are using this same password, and if they know how they can access a lot of the details you are entering on your computer. Although an eavesdropper is more likely to be located in a nearby building and to have obtained access to the hotel network by devious means.

The way to evade eavesdroppers is to use a VPN. It does this by running an application on your computer which encrypts all internet traffic that leaves your computer. The application sends this encrypted information to a server owned or run by the VPN company in a country of your choosing. So, in this case, your banking login details and account numbers are transmitted in a very secure fashion from your computer in Thailand to a server in the UK. When the information reaches the UK server it is decrypted and sent to your bank over a standard UK internet connection, as securely as if you where accessing your on line bank from home.

One of the better VPNs is VyprVPN (https://www.goldenfrog.com/vyprvpn) – relatively expensive but uses it’s own network and servers as well as providing easy to use software with some very good encryption options.  There are many more VPN providers available, some of them free (see https://www.bestvpn.com/).

Encrypting and securing personal data is my main reason for using a VPN, but they have other uses;

1. By connecting ‘directly’ to a server in a specific country you will appear to the website you are visiting as if you are located in that country. This could be useful if you want to use say the BBC iPlayer although at the moment the BBC is blocking the major VPN providers.

2. By encrypting your communication you will be able to circumvent any blocks placed on peer to peer file sharing by your internet provider. For example, in Japan certain hotels don’t allow peer to peer file sharing. This makes it impossible to use certain device synchronisation software unless you hide your activity using a VPN.

 

Data Backup

Laptops and computer tablets are delicate devices and are likely to break, especially when being lugged onto trains, planes and automobiles They are also highly desirable objects and as such liable to be stolen. So what happens to your data if your laptop, tablet or phone breaks or is stolen? Well nothing much as you have backed up everything as well as encrypting anything confidential, haven’t you?

Belt & Braces Backup

This is how I do it, and as you will see it is multi layered and hopefully bullet proof;

1. Install an on line backup system. These systems backup your data to another computer managed by someone else (sometimes called the Cloud). This service will require an annual subscription. You will need an internet connection to use it, but at least if everything is stolen or breaks then you will be able to recover. I use CrashPlan (http://www.code42.com/crashplan/) which is very easy to use and so far hasn’t let me down.

2. Install something like Directory Compare (http://tp.lc.ehu.es/jma/win95.html) on your laptop. This will help you to make your local backups.

3. Buy a set of cheap but very small USB thumb drives that can be posted home. Toshiba do a 32Gigabyte TransMemory drive – it isn’t very fast but is relatively cheap and is quite small (http://www.toshiba-memory.com/cms/en/products/usb-sticks/mini-usb/transmemory-mini-black.html).

4. Buy one or two external hard drives. Transcend do a shock-proof drive which is physically larger than most, but they say it is better protected against rough treatment. (http://in.transcend-info.com/Products/No-324)

5. Then decide what is important to you and needs protecting.

I have all photographs, travel documents, visa files, flight paperwork and finance spreadsheets backed up by the CrashPlan software.

Photographs are stored in directories on the laptop and backed up to the USB thumb drives every so often using Directory Compare. When a drive is filled I post it home.

Also the photograph directories and the travel directory (includes travel documents, finance spreadsheets etc) are backed up to one of the portable hard drives on a regular basis using Directory Compare.

At least once a month, or before we fly, anything new or changed on the main portable hard drive is copied to the second hard drive using Directory Compare. These drives are wrapped in bubble wrap, placed in a plastic box and hand-carried when I relocate. As there are two of us we carry one of the hard drives each.

 

MS Windows Travel Software

 

Bitdefender

Anti virus software for Windows and Android.  Free & paid versions available.  Very Highly Recommended.

http://www.bitdefender.com/

 

BitTorrent Sync

Uses your wifi connection to synchronise one or more directories across several devices.  Useful for making sure that your phones and tablets all have the same copies of travel documents as your PC.  Can be a pain to configure sometimes, but not a bad package.  Runs on both Windows and Android devices.  Highly Recommended

https://www.getsync.com/

 

BitTorrent

Useful for downloading that episode of Downton Abbey that you didn’t manage to finish watching on the TV because of a power cut.  Runs on both Windows and Android devices.  Very Highly Recommended.

http://www.bittorrent.com/

 

CafeKlysm

A suite of free security applications that can be run from a USB stick.  A must when accessing the internet in an Internet Cafe or over a public wifi in a hotel or restaurant.  Very Highly Recommended.

http://www.tokezone.net/cafeklysm/

 

Calibre

A free eBook database and reader.  Handles every electronic book format that exists, nice database manager, nice book reader or you can have the application use you own book reader(s).  There isn’t anything that beats this application – Very Very Highly Recommended.

http://calibre-ebook.com/

 

CrashPlan

An on line backup system.  You pay an annual subscription for this service but it is well worth it.  Never had a problem with the software and every time I have had to recover a file it worked without a problem.  Very Highly Recommended.

http://www.code42.com/crashplan/

 

Currency Converter

A nice little currency converter.  Uses stored or on line conversion rates.  Highly Recommended.

file:///C:/Program%20Files/Currency%20Converter%202/

 

Directory Compare

A free application I use to make local backups.  It compares two directory trees – for example a PC and an attached hard disk, the application highlights differences and allows new and changed files to be copied to the external hard disk.  Very Highly Recommended. 

http://tp.lc.ehu.es/jma/win95.html

 

EncFSMP

Free, open source file encryption application.  Better than most as it creates an encrypted file for each file in a directory rather than placing all files in one giant encrypted file.  Very Highly Recommended.

http://sourceforge.net/projects/encfsmp/

 

KeePass

Possible the best password manager.  Not as sophisticated as some does one job and does it very well.  Runs on both Windows and Android devices.  Very Highly Recommended.

http://keepass.info/

 

Open Office

Free near equivalents of Microsoft Word and Excel but nowhere near as good. Only used them because someone stole my PC with the licensed versions of Word and Excel.  Recommended but only if you have no other option.

http://www.openoffice.org/

 

TrueCrypt

Free encryption software. But only if you have old TrueCrypt files that you may need to access.  Use EncFSMP instead.

EncFSMP is in my opinion much better because 1. it is open source,  2. it doesn’t require the creation of a single (possibly larger than necessary) encrypted file, 3. it is still supported (TrueCrypt is no longer supported) and 4.  EncFSMP uses encryption techniques that you can check yourself.  The authors of TrueCrypt stopped supporting the application because rumour has it, they discovered that the NSA had a back door into their software!

http://truecrypt.sourceforge.net/

 

Skype

A very cheap way of making international telephone calls.  Check for there free call offers – it is quite often possible to sign up for a month of free international calls and then cancel just before they charge you for the second month.  Of course you will need a good wifi connection to use Skype, and the call quality will depend on the speed and reliability of your wifi connection.  Highly Recommended.

http://www.skype.com/en/

 

VLC Media Player

Probably one of the best media players available.  Runs on both Windows and Android devices.  Have yet to find a video or audio format that it cannot play.  Very highly recommended.

http://vlc-media-player.en.softonic.com/

 

VyprVPN

One of many virtual private network providers.  The company behind VyprVPn – Golden Frog run there own international network and servers so in theory there speed and security should be better than other providers who just lease network and servers.  Technical support isn’t bad although could do with improving.  Runs on both Windows and Android devices.  Highly Recommended.

https://www.goldenfrog.com/vyprvpn