All Things Password: What You Need To Know and How To Safeguard Yours.

by News Editor on June 22nd, 2012 in Security Tips.

Password breach was the most talked about topic in the internet security arena in June. The hysteria began when a user on a Russian forum claimed that he gained access to 6.5 million passwords to the professional networking site, LinkedIn. And as the week went on, the scope of the leak grew significantly to affect both eHarmony and Last.fm. eHarmony, the popular online dating site reported that "a small fraction" (about 1.5 million) of their user base have also been affected while Last.fm did not release any specific numbers.These affected companies have reset the compromised account's passwords and have sent out notification explaining how to reset them.

If you are signed up as a user in one or all of these accounts, the first thing that came up in your head when you read or heard about the leak, was probably, “Is my account is danger?” These password breaches that caused a black eye for the social-networking service, have definitely made us think twice about the strength of our passwords. It’s definitely time to discuss all things passwords!

Here are some security advices from the tech experts…

Jeremiah Grossman of WhiteHat Security suggested that we should not be using the same password for all of our online accounts. He recommends picking passwords that are hard to guess, not found in the dictionary, six characters or more in length, and that have a mix of numbers and letters. Two examples are y77Vj6t or JX0r21b.
Since having multiple passwords can be hard to remember, you can write down the passwords on a piece of paper that fits in your wallet or on index cards that can be locked in your desk. Or, you can use a password manager, which is software that stores your password and encrypts the data Grossman says.

Chris Wysopal, of Veracode, also said that it is also good to keep a password manager, like the Password Wallet app, on your phone so you can access them easily if you are away from your computer. Additionally, he said it is important to change passwords if they have similar patterns. For instance, he said one of the hacked passwords he saw was "scottlinkedin" which could potentially be a security risk for Scott's other accounts.

If you think that sounds too complicated, you can always follow these simple but worthy tips from Lavasoft’s tech experts:

  • Never simply use words that are found in a dictionary. Instead, mix characters and numbers in a way that is memorable to you. Use complex passwords of at least 10 characters, comprised of letters, symbols and numbers.
  • When selecting numbers do not choose ones that may be personally identifiable to you; your birthday, Social Security number and phone number are off limits.
  • Always use different passwords for accounts that involve monetary transactions. The only thing worse than having one account cracked into would be to have all of your accounts cracked into.
  • Do not have your browser store passwords and log-in credentials - this is especially important to remember if you are using a shared computer.
  • Change your passwords regularly!