Saturday, January 1, 2011

Strong Passwords: It Can be Done

"Gawker Victim? 4 Ways to Make Your New Password Secure"
William Fenton, PCMag.com (December 14, 2010)

"You hear about it all the time: sweeping security breach exposes thousands of usernames and passwords. Everybody knows the repercussions of password insecurity, but when push comes to shove, it's a pain to change passwords and it's even more of a pain to keep track of them.

However, if you are a member of any of the Gawker weblogs—Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot—the threat of hacking just got a whole lot more real. Last weekend's security breach exposed nearly 1.5 million accounts, including 500,000 e-mails and 185,000 passwords, to The Pirate Bay. I know what you're thinking, Pirate Bay? But that's for downloading movies. Alas, dear buccaneer, it's true.


"In the aftermath of the hack, Gawker distributed an email encouraging its members—or those who choose to remain members—to change their passwords associated with their commenting accounts. Thankfully, you're wise enough to read the best name in tech news and reviews, and we at PCMAG will help you get those passwords sorted.

"Whether you're a gawked Gawker or watchful web prowler, there are some basic rules to keep in mind as you update old passwords and create new ones...."

It's a short list: and you've probably seem the advice before. An item that's not there is - don't use "password" as your password. "password1" is just about as useless. In the Lemming's opinion.

This article's more of a teaser for a longer set of items, starting with:It's mostly common sense: like not putting your password on a sticky note in the office.

There's one the Lemming doesn't recall reading before, too: spelling your password backwards. Skrawkcab, in other words. If that catches on, the Lemming thinks it'll become a major security issue in short order. It wouldn't take too much doing to make hacking software that tries passwords like drowssap or 1drowssap.

Other advice seems more secure: like making passwords that include numbers (other than "password1"); and using words not found in dictionaries (other than your user name).

Related posts:

2 comments:

Brigid said...

Typo: "At item that's not there"

The Friendly Neighborhood Proofreader

Brian, aka Aluwir, aka Norski said...

Brigid,

Got it: thanks!

Unique, innovative candles

Visit us online:
Spiral Light CandleFind a Retailer
Spiral Light Candle online store

Pinterest: From the Man Behind the Lemming

Top 10 Most-Viewed Posts

Today's News! Some of it, anyway

Actually, some of yesterday's news may be here. Or maybe last week's.
The software and science stuff might still be interesting, though. Or not.
The Lemming thinks it's interesting: Your experience may vary.
("Following" list moved here, after Blogger changed formats)

Who Follows the Lemming?

WebSTAT

Family Blogs - Blog Catalog Blog Directory