LAST year, an editor of a popular technology magazine was hacked. Another person through social engineering techniques retrieved his password. In just about an hour, he practically “lost” his digital life all because the hacker wanted to get his current Twitter username. It’s an interesting story of how one tech savvy person was still hacked. But we won’t be talking about how he was hacked and how all the other factors contributed to him getting hacked.
This week though I’ll talk about a few things that you can do and tools to help you secure your passwords.
We all have passwords. Some of us have one dedicated password for each online account that we use and some of us keep it simple by using just one password for everything. Most of our passwords though are made out of convenience. I’m pretty sure you made your password out of combining any part of your name and a series of numbers after that.
It’s easy to remember, yes. And it’s easy to hack into as well. If anyone who’s quite familiar with you and your personal details, they can make guesses. With a little time, patience and effort, they can make the right guess and take control of your online persona.
Here are tips and tools that you can take advantage of for a better password and a more secure online persona. These are all from Mat Honan’s article and I am passing it on to you because I recommend the same things.
• Reuse passwords. If you do, a hacker who gets just one of your accounts will own them all.
• Use a dictionary word as your password. If you must, then string several together into a pass phrase.
• Use standard number substitutions. Think “P455w0rd” is a good password? N0p3! Cracking tools now have those built in.
• Use a short password—no matter how weird. Today’s processing speeds mean that even passwords like “h6!r$q” are quickly crackable. Your best defense is the longest possible password.
• Enable two-factor authentication when offered. When you log in from a strange location, a system like this will send you a text message with a code to confirm. Yes, that can be cracked, but it’s better than nothing.
• Give bogus answers to security questions. Think of them as a secondary password. Just keep your answers memorable. My first car? Why, it was a “Camper Van Beethoven Freaking Rules.”
• Scrub your online presence. One of the easiest ways to hack into an account is through your email and billing address information. Sites like Spokeo and WhitePages.com offer opt-out mechanisms to get your information removed from their databases.
• Use a unique, secure email address for password recoveries. If a hacker knows where your password reset goes, that’s a line of attack. So create a special account you never use for communications. And make sure to choose a username that isn’t tied to your name—like firstname.lastname@example.org—so it can’t be easily guessed.
So until our web technologists come up with a way to allow us to login biometrically (via fingerprints or retina scans or DNA analysis), we all need to be more vigilant how we construct our passwords and what kind of information we put online.
Keep safe! Be secure! See you next week!
“Roark, or Wacky, is a photographer, a radio DJ, a club DJ, and a self-confessed tech geek. He’s been into the world of computing since the x86 days when computer screens were green or white. He’s a self-confessed Apple fan but is still open-source at heart. He’s wacky and he’s crazy about tech and can’t wait to be a part of your weekly tech life.”