This week there have been a couple of things in the news about hackers accessing passwords. First LinkedIn were targeted and then eHarmony and Last.fm suffered a similar fate. Also this week, Mitt Romney was compromised when someone managed to access his Hotmail and Dropbox accounts.
The LinkedIn passwords of 6.5 million users were posted online but in their ‘hashed’ or ‘encrypted’ form. This then set a precedent for other hackers to try and crack the codes in order to decipher each of the passwords. Some of these were then also posted, however the codes that were cracked were the easy ones where people had used simple words or names for their passwords. Those users who had more secure passwords were the lucky ones as they had time to be informed by LinkedIn about the security breach and then change their account passwords before the original ones were deciphered.
Despite the fact that most people have been used to dealing with passwords for at least a decade, either to logon to their computer, access an email account or logon to a website or social network many people are still not aware of how dangerous it is to choose an insecure password such as a pet’s name or a word such a ‘love’ or ‘coffee’. It is amazing how many people still do not think about security in this way when choosing a password.
Here are a few tips to bear in mind when using passwords online (I’m sure you’ve heard them all before):
- Use both ‘UPPER’ and ‘lower’ case characters.
- Include numbers and special characters.
- Don’t choose a word that is in the dictionary or a person’s name.
- Use more than one password – not the same one for all sites.
- Don’t write it down (especially not on a post it note attached to your monitor!)
- Change your passwords regularly.
Allegedly Mitt Romney’s account was accessed by the hacker guessing a secure question correctly. This brings another issue to light in terms of thinking about the other secure information you use on a site. How easy would it be for someone else to guess your answers with a little bit of knowledge about you personally?
With the internet continuing to integrate more and more with our daily lives and the number of passwords we need to remember increasing all the time this is a really important issue which I fear is not going away any time soon.