This post is long, but it’s important, so no complaining about the length!
It happened again … an email from a website that I frequent and have a profile for has been hacked. A list of usernames, email addresses and encrypted passwords have been stolen from their “secured” servers. So now I go through the frustrating process of changing the password for not only THIS site, but whatever site I used the same password for, assuming I remember them all. Fortunately for me, I’ve done this dance before, and I’ve learned my lesson …
Today, there are way too many sites that we freely give our information to. Who can turn down the opportunity to “win a new iPad”, even if you already have one? And all they want is my email address? Sure. Create a profile? No problem. Create a user name and password? Ok, I’ll just use the same password I use for everything else. But if that information gets out, if someone gets access to that user database, and if their databases aren’t highly encrypted … then you have a problem. If that password is the same one you use for Amazon, PayPal, your email, your banking information … then you’ve practically handed over the Keys to your Kingdom.
You don’t normally think about how much information about you there is in your inbox; information that if someone got a hold of, could cause quite a bit of headache to you, and possibly your friends. Think about it … I get a hold of your address book, and I have a virus or some other evil file, and I send it to ALL of your friends in your address book. They see the email is from you, and they click the link … now I have them too, assuming they don’t have virus protection. And even that sometimes isn’t enough, depending on the payload of that file they just clicked on.
You can do more to protect yourself. I know … it’s a pain remembering passwords. But considering the consequences of bad password management, it’s a sacrifice I need you to make. I’ll only list SOME the BASIC ways you can better protect yourself:
VIRUS PROTECTION SOFTWARE NEEDS TO BE ON YOUR COMPUTER. Do I need to go into detail? No? OK. Don’t make me say it again.
Stop it with the simple passwords. “PASSWORD” is not a password. Neither is your kid’s name, your dog’s name, your birth date, QWERTY … those aren’t secure enough. If you HAVE to use a name, do more with it. Make it backwards, include numbers and punctuation. ANYTHING to make it not so obvious. And if it’s the same name forwards and backwards (I’m looking at you, Bob), it’s not a contender.
Don’t use the same passwords for EVERYTHING. I know, I know … but you wouldn’t have the same key for your car, your house AND the garage, would you? Same scenario. Loose the key, only one thing is affected. You need the same mentality for passwords.
Tier your passwords. Have a throw away password (and email address, for that matter) for things like contest entries and whatnot. That way if the site gets hacked, all they have is your junk email address and a password that you only use for things like this.
Both iOS and Android have “Password Vault” applications that you can store your usernames passwords along with the sites they’re used for. It’s better than a Post-It note on your monitor. I don’t think I need to say this, but the whole Post-It note thingie isn’t very secure. Bad encryption on that little sheet of paper.
Be smart about what you click on. Every email attachment isn’t harmless, even if it came from someone you know. If it doesn’t look like something they’d normally send, don’t touch it. Especially if it’s referring to a “Video that you were in that you have to see”. And chances are you don’t have a rich uncle in some foreign country that has died and left you a large sum of money. Be smart. Every email isn’t harmless.
I can go on, but these cover some of the basic ways you can protect yourself. Believe me … it’s worth the effort to protect the “Keys to your Kingdom”. And you really, REALLY don’t want me receiving an infected message from you because you didn’t protect yourself. This speech is a lot less enjoyable over the phone with my lecture tone behind it.
Talk to you soon!