It’s more than just an annoyance to see the growing number of reports of password files being “leaked” or web based services being compromised by hackers. It is a serious security risk for many people – and we can’t be sure how many might be affected.
What can we think about doing that might reduce the risks? Here’s a few tips and ideas:
- Use different passwords everywhere. Even if you just add 3 different characters to the end of an 8-character password it can make it many times more difficult to crack.
- Know where you have registered! If you don’t keep bookmarks in your browser for all sites where you register, start doing that now, so that changing passwords is less of a chore in future. Sub folders for critical and less important sites can help prioritise this task.
- Thinking about critical sites – banking, personal information, etc – it is far better to have a different email address for these sites than the one you use for a more trivial application like Twitter.
- On Twitter – check your settings and revoke permissions for any apps you don’t need, use or trust. And think twice about adding vanity apps – the sort that promise to help get followers or feed your ego in some other way.
- On sites where you are encouraged to add “friends” consider removing inactive friends. This way, for example on Twitter, you’ll only have to contend with Direct Message spam from active users! SocialBro or one of these10 apps can help you identify them. When you’re done – revoke those permissions! If you worry about a few who might return, set up a watch using ifttt.com or add them all to a list you can monitor occasionally for activity.
- Finally, those sites you signed up for and now can’t be bothered with – go and delete your unused accounts.
- 10 (or so) of the worst passwords exposed by the LinkedIn hack (arstechnica.com)
- What the password leaks mean to you (FAQ) – CNET (news.cnet.com)
- LinkedIn Confirms Hack And Leak Of “Some” User Passwords” (techcrunch.com)
- Now Last.fm looking into password hack. Who’s next? (gigaom.com)