If you ever watch action movies, you’ve seen myriad scenes of computer-savvy characters hacking into highly secured computers. The passwords always seem ridiculously easy to figure out. The movie’s hero glances around the villain’s desk, sees some telltale signs of what the password might be (the name of a pet, an alma mater, a favorite color, etc.), and—boom—he’s hacked into the protected account.
Unfortunately, in real life, many folks really do have supereasy passwords to guess. Recently (as in today), several brands have had their Twitter accounts hacked. The news is reporting rumors that the hacking may be related to passwords.
So, if you’re on Twitter, you’ve probably seen a rash of, uhm, “interesting” tweets coming from @BurgerKing, @Jeep and, most recently, @MTV.
Those Twitter accounts were hacked, beginning with @BurgerKing yesterday.
Around noon on Feb. 18, @BurgerKing tweeted: “We just got sold to McDonalds!”
After the tweets after that grew in absurdity, intensity, and profanity, until the account was suspended while @BurgerKing got to the bottom of things.
Then, earlier today, @Jeep had its Twitter account hacked. The tweets all were about Cadillacs, which @Cadillac was quick to say, “Just to clarify, Cadillac is not connected to the hack of the @Jeep Twitter account.”
And while I started writing this blog post, I heard that @MTV, too, was hacked.
So, what’s the deal with all this hacking? Most reports are stating that the “hacks” are related to passwords. (Remember that Twitter reported on Feb. 1 that cyber attackers may have stolen user names and passwords of 250,000 users.)
Protect Your Passwords From the Get-Go
In light of the hacks rumored to be related to passwords, I asked Rob Larkin, Web developer at MarketingProfs, about what folks can do to make their passwords harder to figure out.
“Mostly, the key is protecting your password to begin with. That means NEVER using the same password on one site that you do elsewhere (in a perfectly secure and impossible-to-manage world). I like to use variations on the beginning and end depending on what the realm is.
“For example, my GMail password is unique, not used anywhere else at all; if someone can access your email account, they can easily reset passwords on all websites. My bank and financial logins are different as well. Then I have a password for work stuff, another for mid-level secure stuff, and finally a junk account that I use for all-over-the-Internet stuff, where there’s no real harm if that account is compromised.”
I asked Larkin to give an example of hard-to-crack password. He said that when creating different passwords be sure to have a different character or two at the beginning and a different set at the end.
“For example,” Larkin said. “I might use this for GMail: g7MAINPASSWORDms, with g7 at the front and ms at the end. I’ll translate that into my head as ‘mail secure’ for the suffix and ‘Google 7′ for the prefix and so on. My core password is almost always the same, so I only have to remember the variations for different tiers.
“At that point, it’s still safe to even jot down the prefix and suffixes since the core of the password is only in my memory, and no one would be able to do anything with the pre/suffixes.”
Larkin also recommends being smart about what websites you’re following.
“If you visit malicious sites or fail to keep your system (Windows or otherwise) and software (like Java, Flash, Adobe) up to date with the latest security patches, someone who has compromised your system can watch you type all your passwords, so a rigid security system for your password means nothing.”
You should also be careful about the computer you’re using to log onto a secured site. “Never log into an important account from someone else’s computer unless it’s absolutely necessary,” said Larkin. “You don’t know if it has spying eyes on it.”
How Often Should You Change Your Password?
Larkin recommended changing the password every six months. He also suggests changing the suffixes, too, but never both at the same time. “So, I can memorize the new password first!”
Additional Reading
To find out more about creating safe passwords and preventing your accounts from being hacked, check out the following articles.
• How to Create Safer Passwords: A Simple Formula
• Four Ways to Protect Customer Data
• 5 Tips to Keep LinkedIn From Being HackedIn
Feel ready to go revise your passwords now? Great! Before you go, here’s a humorous reminder about creating safe passwords from xkcd’s Randall Munroe.
