Register | Forgot Your Password? | Close

Was there another huge hack of stolen passwords for LinkedIn, Facebook, Gmail, etc.? - Rebecca

The most recent rumblings of yet another security breach for over two million accounts from sites like Facebook, Yahoo, Google, Twitter and LinkedIn are true and should serve as another wake up call for all of us.

Security firm Trustwave discovered a server in the Netherlands that had posted over two million credentials for social media and email accounts that had been compromised from around the world.

According to Trustwave, the five most common passwords were "123456," "123456789," "1234," "password" and "12345," despite all the warnings about using simple passwords.

In fact, in their estimation, only 5 percent of the stolen passwords were considered excellent, 17 percent were considered good and the rest were pretty weak.

In addition to traditional brute force attacks to break simple passwords, they believe that the cybercriminals used silent keylogging programs to record keystrokes on computers that they had infected. Keyloggers allow a remote hacker to essentially record every keystroke you type and send the transcripts of your activities to them automatically.

Keyloggers can be hidden inside of other programs that appear to be legitimate or inside of fake copyrighted materials such as movies, music and expensive software programs on file-sharing networks.

If a keylogging program sneaks its way into your computer, there are no real obvious signs that you have been infiltrated which is why they are so dangerous.

If one of your social media accounts was compromised during this attack, you would have been notified and asked to create a new password by now.

Security breaches are a fact of online life (just ask two million people at Maricopa Community Colleges), so you should assume that at some point, your accounts will be compromised and consider doing the following:

1) Make your passwords longer

Adding more characters to your password will significantly decrease the chances of it being "guessed" by hackers. Shoot for a mimimum of 15 characters but make it something that you can remember. Add extra symbols, upper case letters and numbers for the most secure passwords. A great resource for understanding and testing your password ideas is Steve Gibson's Password Haystack tool).

2) Activate two-factor authentication on all your accounts

Two-factor authentication uses something you know (your password) with something you own (your cellphone). Once you set it up, anytime someone uses your password from a computer, tablet or smartphone that the site does not recognize, it sends your cell phone a special code that you must type in within a short period of time.

Unless someone steals your password and your phone at the same time, they won't be able to access your accounts. It's also a great way to know that someone has acquired your password. If you get a text message with a special code and you aren't trying to log into your account, someone else is!

3) Quit using the same password on all your online accounts

Hackers know that most people use the same passwords across many of their accounts, which makes a breach even more dangerous if you're guilty of doing this.

I've written in the past on creating strong, but easy to remember, passwords along with some suggested password management programs which is posted here.

Ken Colburn, Data Doctors, President of Data Doctors, weekend show host

share this story:
Attention KTAR.com Comment Users: We have recently changed our comments boards.
We would like you to be part of the conversation and The Voice of Arizona by logging in with your Facebook, Twitter, Google+ or Disqus account. Existing KTAR (Arizona Sports) account members will need to create a Disqus account or use one of the aforementioned social media logins. Thank you.
comments powered by Disqus

World Class Arizona

  • Dignity Health

    World Class People. World Class Company. Excellent care, delivered with compassion, for all in need.
  • CopperPoint Mutual Insurance Company

    SCF Arizona has a new name. They are now CopperPoint Mutual Insurance Company.
  • Taylor Morrison

    World Class People. World Class Company. We are a national home builder committed to building homes inspired by you.
  • Go Daddy

    World Class People. World Class Company. Go Daddy is a Fortune 100 "Best Companies to Work For."
  • Avnet

    World Class People. World Class Company. Here's information on a Fortune 500 company from Arizona.

Voice For A Better Arizona

  • Working For Arizona

    The business and economics of Arizona at the start of 2014 and looking forward.
  • Arizonans In Need

    Putting a focus on charities and organizations who provide help and/or need your help to fulfill their missions.
close

Share: