Last week a Russian hackers group stole 1.2 billion Internet user passwords. I am completely paranoid because I am not exception. Like you I can be hacked any day with strangers accessing my banking passwords and more.
If you think you are safe, rethink again! and see why your online passwords will be hacked if you don’t act today.
According to Forbes the hacker group CyberVor stole 1.2 billion username and password combinations, along with more than 500 million email addresses. Plus over 420,00 Internet sites!
This is a huge wake-up call to consumers and companies that attackers are going after personal and work accounts in order to impersonate our online personas.
“A very low percentage of companies store your passwords well and most don’t even know they’ve been breached at all,” Joe Siegrist, CEO and cofounder of LastPass. “Never trust a website with a password you use anywhere else.
There are a few steps you can take to better protect your accounts from hackers.
To avoid being a victim of cybercrime, it’s essential that your overall password strategy is in check — a move that’s way more important than changing individual passwords as often as you think you should.
I know we have passwords for everything, games, apps, phones, tablets, banking, emails, bills, and the list goes on. Of course it’s easy and very tempting to use the same passwords because you know them and it’s so quicky – wrong! If you use the same password for all your accounts, and if a hacker get access to them, you will make his/her life even easier, because in seconds he/she will have access to your private life – so first rule; use a different password EVERY TIME.
Below there is a list of the 25 worst passwords in 2013 (Mashable). If yours is included, seriously think about making a change.
Password With Personal Information
Avoid password words that include personal information, like your birthday, pet’s name or a favourite colour because they’re easy for hackers to guess.
If you haven’t updated your password recently, now would be the time!
1- Make sure it’s a strong password containing capital and lowercase letters, numbers and special characters.
2- Don’t use the same username and password combo for every site. This is especially true for sites that have personal information like the site to your bank or credit card
Consider using two-factor verification for the sites that offer it, such as Google, Amazon, Apple, Twitter and Tumblr. Two-factor verification (or two-factor authentication) is like double-locking your door at night to decrease the chances of an intruder breaking in. Companies that offer this security feature typically send a specialized code in a text message to users’ phones each time they want to log in from a new device.
This is an invaluable precaution because it means your second-step password is never the same, and a hacker wouldn’t be able to get their hands on the text-messaged code that expires, refreshes every 10 seconds and changes after each login attempt.
Create Strong Passwords
There’s no shortage of articles on strong password tips, but what was once considered strategic and clever — such as using symbols, capitalizations and numbers like 3 in place of the letter “e” — are old tricks. So here’s what you need to know now: Use a different password for each account you use — you wouldn’t use the same key in all of your locks, so the same goes for passwords.
“Only people who use random unique passwords on every site have reduced their risk from this latest breach — if you re-use passwords you are critically exposed,” Siegrist said.
– Passwords should also be long — at least 14 characters — and when you use common replacements (like symbols and letters), make sure they’re not tacked on at the end; scatter them throughout.
– McAfee recommends using combinations of dictionary words that aren’t related to each other, such as “catfolderspaceshuttle” with numbers and symbols, that make it easy to remember and hard to guess.
– You’ll want to avoid common phrases and idioms like “icameisawiconquered,” which are easier to guess.
Many companies lay out too many rules during the password-creation process, forcing users to pick a phrase with a certain number of characters, numbers and uppercase letters. While this strengthens passwords, the complicated ones are easy to forget. And since each account should get its own unique password, remembering which complicated should go where is a challenge.
Password managers such as LastPass, Dashlane or F-Secure make it simpler to get into your accounts quickly without racking your brain for which login information goes where. Sign into their service, and your passwords auto-populate when you visit other sites.
“Breaches will continue to happen and sites will continue to store your password insecurely,” Siegrist said. “The question you need to ask yourself is would you trust this site to have a copy of your house key.
If your house key could be copied instantly and used anywhere in the world by any person in the world, you wouldn’t. It’s important to give each site a randomly generated password instead.”
If you’re up for being loyal to specific browsers and don’t want to pay for a password-manager subscription, many offer in-built security features such as Apple’s iCloud Keychain, which keeps your Safari usernames, passwords and credit card information only on the Macs and iOS devices you approve. This means a hacker trying to access your data remotely won’t have any luck. To set it up, click here.
Other browsers such as Firefox and Chrome have similar syncing security services, as well.
On my side, almost in same time I’m writing this article, I already changed the password to access my Mac, my emails and my banking accounts. I know it will take at least an extra 2 hours to change the other online passwords, but I’m taking hacker threats very seriously and I hope you do too.
Image Credit: Deposit Photos