TechSpot

[Info] What is a safe procedure for changing all passwords after a Trojan threat

By lorilev
Feb 20, 2012
  1. I think I've had a security breach to my computer- via remote users and worms. I am cleaning them off now and closing up the firewall.

    I've searched this site for a step by step procedure so that I don't further compromise my security or waste time changing passwords only to have to re-do it all again. Where do I begin?
    My email?
    Since all of my banks etc send notifications of changes to my inbox--seems like a good place to start.
    OR should I set up a new email just for password changes and banking?
    What if I use Outlook? Should I stop? I
    've allowed a service to remotely access my computer for some maintenance and cloud back up and now I'm not sure that was a good idea. IF anyone has it all written out in a nice list of things to do to best protect security-that would be lovely.
    I've heard of those password managers. Are they worthwhile? Thanks for any help!
     
  2. Broni

    Broni Malware Annihilator Posts: 47,691   +268

    There is pretty decent article here: http://www.pc410.com/westminster-md-computer-repairs/after-a-malware-cleanup/

    The most important thing?
    Make sure your computer is 150% clean before any attempts to change sensitive passwords.
    If the procedure will take longer time use another CLEAN computer to change all sensitive online passwords.
    Do NOT access those secure sites with "bad" computer until it's totally clean.

    Password managers are not really a good idea because if the master password gets broken the bad guy has all other passwords available right away.
     
  3. lorilev

    lorilev TS Rookie Topic Starter Posts: 38

    password managers are a bad idea

    thanks Broni. I had the same thought about those managers. Scares me. I know I should use a clean computer to do it all on before but just wondering ...since all my accounts have my email address---won't they all just go right to my yet perfectly uncleaned computer especially since I use outlook and they might have all my credentials to change passwords themselves already.
    I will read the article now. THanks so much for quick response.
     
  4. Broni

    Broni Malware Annihilator Posts: 47,691   +268

    It'd be a good idea to send all emails from secure sites (like banks) to a different email address, which will be accessible from clean computer only.
    Your ISP allows you to create quite a number of email addresses.
     
  5. lorilev

    lorilev TS Rookie Topic Starter Posts: 38

    email change for security with banking

    Ok. I read that wonderful article you linked me to and it was very helpful. Thank you. I will start with changing all my email accounts with my banking to something new and keep it just for that. Oy. Such a headache to keep track of all this stuff. The price we pay for internet life. Have a great evening.
     
  6. Broni

    Broni Malware Annihilator Posts: 47,691   +268

    Same to you :)
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.