Categories
Password

Use Different Passwords for Different Sites

I woke up today to a couple of tweets from friends, “Did you get hacked?”.  Uh oh.  Not a good message to see first thing in the morning.

There were couple of tweets about Russian work-from-home sites from me.  Definitely not something I remembered tweeting.  I immediately logged on to Twitter and changed my password.

A little while later I became aware that over 6 million LinkedIn passwords had been exposed on a Russian hackers forum.  Then I remembered that my Twitter and LinkedIn passwords were the same, so I immediately changed my LinkedIn password … this time with something unique.  Embarrassingly, I had written about this a few months ago.  At the time I didn’t take either site too seriously, but I now see that this can hurt your online reputation.

I already use different passwords on my banking sites or any site that saves payment information – PayPal, eBay, Amazon. Tonight I am updating passwords on several other websites, just to be safe.

I don’t have proof that the LinkedIn hack was related to my problem with Twitter.  I’m just glad I noticed this before any serious damage was done.

Use the password generating tool on this site to get a new password today.

Categories
Password Security

The Big Security Blunder by Apple

It was recently announced that Apple’s FileVault software had a serious error that exposed user’s passwords.  FileVault is a program that stores users passwords on their computer.  A programming mistake caused the passwords to be stored as plain text instead of encrypted.  That means that anyone one – or any malicious bot – could have stolen passwords without any effort.

Apple has fixed the flaw and it is recommended that all users apply the appropriate update.  The update affected the OS X Lion operating system. It is always good security practice to keep your computer up to date with the latest software releases.

If you were infected, you should create new passwords using our password generator just to be on the safe side.  It never hurts to be more secure.

Categories
Password

Most Common Passwords

Everytime hackers release a set of usernames and passwords, it give analysts a chance to see passwords that people use in the real world.  Here is a list of the top 25 passwords from an attack on Sony in December 2010.

seinfeld
password
winner
123456
purple
sweeps
contest
princess
maggie
9452
peanut
shadow
ginger
michael
buster
sunshine
tigger
cookie
george
summer
taylor
bosco
abc123
ashley
bailey

source: Troy Hunt

You can bet that every hacker has these passwords in their brute force dictionary. The next time they attack a network they will try these passwords. If you use one of these – or another easy to remember password – your account will be compromised.

Use our random password generator to get a better, safer password today.

Categories
Password Security

How to Manage and Remember Computer Passwords

The days when most of us had one password to logon and one more to access the internet are gone. Many sites now demand registration and a password and few of us can remember them. Depending on the level of security you need, there are various strategies for creating memorable passwords and managing them effectively.

Passwords for basic security

The easiest way to simplify password proliferation is to use the same one for everything. This is not recommended unless someone else gaining physical or web access to your details is not an issue. There are hackers and scamsters out there and using the same password is like giving them your front door key. Create different passwords for every account and if you can’t remember them then the easiest option is simply to store a list on your computer.

If your computer remembers them for you, you might still need to access them if you’re away from home. One option if you have a web-based email service like Yahoo, Hotmail or Googlemail, is to send them to yourself in a message so you can retrieve them wherever you are. (Don’t put ‘passwords’ in the subject field!)

Higher level security

For top level security, don’t let your browser remember your passwords for you and keep your passwords in your head. If you don’t want to spend time doing the ‘reset password’ dance and waiting for an email to come in to reactivate your account, the key is creating memorable passwords that are sufficiently strong.

Creating good passwords – and remembering them

Many sites will ask for a password that is at least eight characters and includes at least one number. Some are also case-sensitive. The secret for a memorable password is to work to a template made of several easy-to-recall components. For example, in number + letters + letters, number could be the first four digits of your phone number + an acronym for the site the password is used to access + either date, month or year of birth: 5552spmk70 for your supermarket shopping.

It doesn’t look memorable, but the key is that you can work it out. By varying the last number you will still have a substantially different passwords that only give you three options if you get it wrong, so most sites won’t shut you out. For additional security add one capital – perhaps the last letter of your site acronym: so 5552spmK70.

The template as mnemonic can be varied almost infinitely according to your preferences. Make it more complicated if you like (generally speaking, the more letters and letter-number-case combinations, the harder it is to crack). If you have two passwords for one site, make one the other one backwards.

Be creative

With imagination and a little effort you’ll be able to manage and remember computer passwords galore, or at least have a good shot at guessing if your memory fails you.

Categories
Password Security

Password Do’s and Don’ts

Five “Don’ts” & Five “Dos” for Better Passwords

1. Don’t leave passwords blank.
2. Don’t use your username as a password.
3. Don’t use identifiable information (such as a birthday).
4. Don’t write passwords down.
5. Don’t use auto-fill for passwords (especially on public computers).
6. Do use 8 characters or more.
7. Do use a combination of uppercase, lowercase, numbers, & symbols.
8. Do memorize your password.
9. Do change your password periodically (at least every 60 days).
10. Do keep your password a secret.

Categories
Password

Why do I need a long password?

Security experts suggest that you create passwords with 8 or more characters.  Why does password length matter?  When a hacker attempts a bruce force attack, longer passwords make it more difficult.

The success of the brute force attack depends on two things.  1) password length and 2) number of possible characters that are being tested.

Let’s assume that a brute force attacker will use all lower case letters, all upper case letters, plus about fourteen common keyboard symbols.  That gives the attacker (26+26+14)=66 characters to work with.  A 1-character password has 66 different combinations.  While a 2-character password has 66*66 combinations or 4,356 combinations.  The table below continues the calculation.  The time to crack column is based on testing 250,000 passwords per second.

Characters Combinations Time to Crack
4 18,974,736  76 seconds
5 1,252,332,576 5009 seconds
6 82,653,950,016 4 days
7 5,455,160,701,056 253 days
8 360,040,606,269,696 46 years
9 23,762,680,013,799,900 3014 years
10 1,568,336,880,910,800,000 198,927 years

In summary, when it comes to password security, more characters are safer.