When Facebook was in it’s infancy, an acquaintances’ account was hacked. The hacker proceeded to send messages to the account owner’s friends detailing how he was stranded in a foreign country and needed money fast! Thankfully his friends were skeptical and did not send money, but Facebook marked him as a spammer and cancelled his account. He was forced to start all over with a different email address.
How did the hacker access his account so easily? Well, this acquaintance used the word “fishing” for his password. Either the hacker knew him well and guessed at the password or the hacker used software to try words from the dictionary until he found the correct word. Sounds crazy, yes? Not for the hacker.
Recently another acquaintances’ email was hacked from somewhere in China. The hackers sent hundreds of spam emails from her account. How did the hacker access her account? She used her daughter’s first name for her password.
If you own, run, or service websites with login accounts, do your customers a favor and set policies that requirement minimum safety measures.
If the content with the login is sensitive information, step it up a notch by requiring:
If you use websites with login accounts, do yourself a favor and set your own policies even if the website hasn’t.
Do NOT use:
If fishing is your thing and you cannot part with it, then intertwine it with numbers and symbols.
Note: These strings are purposely extra long, so no one will be tempted to use them. A 7-character string is typically sufficient.
If you have many online accounts, do NOT use the same password for all of them. Can you imagine what could have happened if my friend had also used “fishing” for his online banking account? Yikes, now the hacker knows his password for everything!
When dealing with financial accounts (online banking, stocks, etc.) make the password as difficult as possible to crack. The best way to do this is to memorize a string of random numbers, letters, and symbols.
If you have several online financial accounts, and don’t want to memorize several random strings, then figure out a pattern where one digit changes. For example, if you have an account with Ameritrade and one with Wells Fargo, change the first letter to match.
Do not store your passwords in a file on your computer. If your computer is hacked, there goes your world again. Memorizing your passwords keeps them safe and is good exercise for your brain. Or, better yet, keep them in an Internet Password Organizer left in a safe place.
Concerned about forgetting your password? Most websites make it easy to reset it via email.
Bottom line – do not make it easy for hackers to walk in and just "ask" for your passwords.
Have you been hacked? If yes, let us know what you did to strengthen your password security.