Change Your Passwords Right Now

Since the first computer virus was created in 1982, everyone who uses a computer has needed to take precautions to safeguard data and sensitive personal information.

Last week we heard that LinkedIn, eHarmony, and last.fm all suffered from attacks which stole passwords. These are the latest in a long history of sites being attacked and passwords compromised.

Those attacks are not all. Your friends on Facebook start posting weird messages due to their account being compromised, you find out that another friend has been abducted in London and needs money wired, that the UN has millions of dollars waiting and you could be of help and get a percentage, or you get another email from your "bank" asking for personal information.

You can never let your guard down or you too could be taken.

Change your passwords right now. It is likely that you have not changed them in a long time, you use a weak password, or a combination of the two.

Too difficult to remember all of your passwords? There are tools to help you besides sticky notes on the side of your monitor.

Protect your passwords using software like Password Safe, 1Password, or Password Gorilla. Those applications are a securely encrypted safe in which to store all of your passwords.

When you use software like those three, use an entire password phrase as the master password. Something you can remember like the old “The quick brown fox jumps over the lazy dog”, but make sure to use spaces and capital letters, even use the quotation marks if you’d like.

In all applications and all websites always use a password, never use a default password, the longer the password the better, don’t use the same password in multiple sensitive places, and protect your passwords.

Here are some basic rules:
        •        Always use a password, never let a password be blank
        •        Always change a password immediately after receiving one that was given to you
        •        Use as many characters as possible when creating a password, don’t just use eight use 16 or 20 or more
        •        Use different passwords everywhere, at least for sensitive information like banks or anywhere they might store your credit card information

Since email and HTML (the language of the web) were created prior to the commercialization of the Internet, security was not a primary concern. As a result spoofing and phishing are possible. Phishing emails are the number one source of hackers getting your personal information and making your computer part of a zombie botnet. Spoofing is when an email appears to come from a source other than the true source.

The most common spoofing and phishing attacks are fake emails from a bank, the IRS, or the Social Security Administration. These emails are made to look identical to one from the bank and if you click the link in the email, it will take you to a website that looks just like the bank as well. But beware, look carefully in the address bar of your web browser, it will not actually be bankofamerica.com (for example). The criminals ask for your personal information and then use it to steal from you and the bank.

Here are a few other basic security principles:
        •        Never directly click a link in an email message, always copy and paste or type the address
        •        Do not download a file from a website or an email message unless you are 100% sure of the source
        •        Do not buy software from a questionable source as it may contain a virus, worm, or spyware

The moral of the story is to trust but always verify and to change your passwords regularly. Be safe and enjoy the world of technology.