I worry about my passwords–every day I get at least one direct message from a friend whose account has been hacked. Even writing about passwords has me nervous it will set me up for some attack. Like many “networked moms” today, I have what seems to be a million passwords that are becoming increasingly more difficult to remember. I added them all up the other day and it’s over 50 if I go beyond social media channels.
And so many of my accounts are linked; I post to Pinterest and it goes to my Facebook page. All of my accounts are also all tied to an email address of some sort. Add to it my visibility online and I feel very vulnerable despite that fact I’ve made them as complicated as I possibly could and haven’t used a reference to anything in my life. But I could still be hacked–1 billion accounts were hacked this year alone. I could be next, so could you.
I rarely read magazines while working out at the gym, but the cover of WIRED magazine caught my eye. The headline was “Hacked”–I just had to read it.
Matt Honan, a senior writer for WIRED, had been hacked. Like me, he thought he was being careful. But he thought wrong. And it only took the hackers about an hour and to compromise his Gmail, Twitter, and Apple passwords. They took everything including his family photos.
So what are Matt’s tips?
1. Set up a unique email address for password recoveries. Never use it for communications.
3. Give bogus answers to security questions. Just make sure you can remember them. But bogus answers make it harder to hack. They can’t find it in personal data online.
4. Enable two-way authentication whenever it’s offered (Google offers it).
5. Don’t ever use the same password twice.
6. Don’t use standard number substitutions as the cracking tools now have them built in.
7. Don’t use a short password ever.
8. Change your password every 30 days, which is just what I’m going to do right now. There’s a web app called “Should I Change My Password” that alerts you when any major service provider gets hacked.
9. Consider using a password manager like LastPass and 1Password.
10. Change your app permissions. Twitter and Facebook app permissions are something I go through quite often to clear out. I try apps all the time or allow access to Twitter for contests and sweepstakes so I find it important to go back and clean up my act.
11. Never use a site with “http.” I’ve become more conscious of “https” versus “http.” Remember the “s” is for security.
12. Don’t forget to log out of your accounts. Otherwise you’re leaving the front door open.
I just spent an hour changing my passwords and setting up some two-way authentications. I feel a little better. When was the last time, you changed yours?
Have additional tips? We’d love you to add to our list.