“Checking email, shopping and job hunting are just a few of the common online activities in which we oftentimes engage,” says LHSFNA Management Co-Chairman Noel C. Borck.
“What this means,” he continues, “is that chances are good that the routine business of your life requires a password. In fact, to keep your life safe and private, you should be using several. Your passwords should be easy for you to remember, but difficult for others to figure out.”
Most passwords are neither. Not only do most of us use the same ones or variations of them for all of our internet activities, we also protect them with security questions that have answers that can be easily deduced by just about anyone.
For example, a hacker named Christopher Chaney broke into the private email accounts of more than 50 celebrities using the names of their pets, elementary schools and favorite colors – all available on the Internet Movie Database (IMDB) and other free online sites. Between the months of November 2010 and October 2011, when the FBI finally caught up with him, the unemployed hacker nosed around A-lister romances, shopping habits and business dealings. He also accessed and sold revealing photos of Christina Aguilera and Scarlett Johansson. This past June, Chaney pled guilty to nine counts, including unauthorized access to a computer and wiretapping. He faces 60 years in prison and $2.25 million in fines.
Unfortunately, as evidenced by recent hackings of the popular LinkedIn career and eHarmony dating websites, lots of Chaneys are still out there. Millions of passwords – many incorporating the words “link” and “harmony” were stolen. The real damage caused by these and other internet security breaches is that passwords are often used to access multiple websites including those connected to banking and shopping.
(Very Easy to Guess) Passwords Include:
- your name (or variation)
- 123456 (or reversed)
Mega retailer Best Buy has confirmed that passwords stolen from other websites have been used to purchase merchandise from its online site. Best Buy was alerted to the fraudulent activity when account holders complained that they were being charged for items they had not bought. Holders of the compromised accounts were instructed to change their passwords, but they also need to monitor all of their online accounts – even those they do not use very often – to make sure that they are not still being victimized.
Keep your passwords safe by:
- Using a combination of uppercase and lowercase letters and including symbols and numbers whenever possible
- Making passwords at least fourteen characters long (makes them more difficult to guess)
- Making passwords as meaningless and random as possible
- Creating different passwords for each account
- Changing passwords regularly
- Checking password strength (www.microsoft.com/security/pc-security/password-checker.aspx)
Do not use:
- Names or numbers associated with you, such as your nickname or birth date
- Names of family members or names of pets
- Sequential letters or numbers
- A solitary word in any language
- Answer “yes” when prompted to save your password to a particular computer’s browser. Instead, rely on a strong password committed to memory or stored in a dependable password management program such as Keychain (Mac), Just1Key, Password Safe or RoboForm. (Some of these programs have fees.) Should I Change My Password is a free service that allows you to check your email address to see if it has been hacked.
“With multiple and creative passwords that you change regularly,” says Borck, “you can reduce aggravation and all but eliminate the possibility of being hacked. This is easy to do, even for non-techies. When you make a schedule and stick to it, you save yourself a lot of headaches.”
[Janet Lubman Rathner]