William Fenton, PCMag.com (December 14, 2010)
"You hear about it all the time: sweeping security breach exposes thousands of usernames and passwords. Everybody knows the repercussions of password insecurity, but when push comes to shove, it's a pain to change passwords and it's even more of a pain to keep track of them.
However, if you are a member of any of the Gawker weblogs—Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot—the threat of hacking just got a whole lot more real. Last weekend's security breach exposed nearly 1.5 million accounts, including 500,000 e-mails and 185,000 passwords, to The Pirate Bay. I know what you're thinking, Pirate Bay? But that's for downloading movies. Alas, dear buccaneer, it's true.
"In the aftermath of the hack, Gawker distributed an email encouraging its members—or those who choose to remain members—to change their passwords associated with their commenting accounts. Thankfully, you're wise enough to read the best name in tech news and reviews, and we at PCMAG will help you get those passwords sorted.
"Whether you're a gawked Gawker or watchful web prowler, there are some basic rules to keep in mind as you update old passwords and create new ones...."
It's a short list: and you've probably seem the advice before. An item that's not there is - don't use "password" as your password. "password1" is just about as useless. In the Lemming's opinion.
This article's more of a teaser for a longer set of items, starting with:
- "Password Protection: How to Create Strong Passwords"
Eric Griffith, PCMag.com (August 31, 2010)
There's one the Lemming doesn't recall reading before, too: spelling your password backwards. Skrawkcab, in other words. If that catches on, the Lemming thinks it'll become a major security issue in short order. It wouldn't take too much doing to make hacking software that tries passwords like drowssap or 1drowssap.
Other advice seems more secure: like making passwords that include numbers (other than "password1"); and using words not found in dictionaries (other than your user name).
- "Making a 'Super Password' "
(August 23, 2010)
- "If Your Password is 'Password1' - CHANGE IT"
(November 24, 2009)
- "Phishing, Common Sense, and 'The Public's Right to Know' "
(October 6, 2009)
- "Passwords: Be Sure Yours Isn't on These Lists"
(April 20, 2008)