Change Your Weak Password! Or Someone Else Will

Would you believe three of the most commonly used passwords are: “123456,” “password,” and “iloveyou?”

I logged into Gmail recently and was pleasantly surprised to read this screen pop at the top of the screen:

“Thousands of online accounts are hijacked every day. If you re-use your Gmail password at other websites, change it now.”

Thank you, Google! This is exactly the kind of message people need to hear!

Many people use the same password on multiple sites. If you think about all the different sites that require you create a user name and password to use the site’s services, consider that each of those sites employ varying degrees of network security. Less sophisticated sites may even store your password in their database as unencrypted text! And if their network is hacked, and a hacker discovers your password, they may attempt to use it on sites like Facebook, AOL, Yahoo, and Google to see if it works. If you’ve used the same password everywhere, well, bad people now have access to a lot of personal data. I don’t think it’s an exaggeration to say that many identify theft cases begin with a simple password hack.

So change and diversify your weak password! Or someone else will.

Resources:

I’m by no means an expert on digital security or passwords for that matter. But I have found good resources that have helped me become more sophisticated in my use of passwords.

  • There are a lot of tools available to help you avoid having to remember different passwords for all those sites. I use LastPass, and there are other similar trustworthy services worth looking into.
  • Here’s a good, eye-opening read on password hacking from John P. at One Man’s Blog: How I’d Hack Your Weak Passwords.
  • Clearly I’ve developed a fascination with passwords. I listen often to a podcast called Security Now where hosts Steve Gibson and Leo LaPorte discuss topics related to internet, cyber, digital, and network security. Passwords come up often. In fact, Steve Gibson has his own fascination with passwords. Unlike my fascination, however, his has the potential to help people be safer online. You know, because he’s like a computer science genius and all, and I’m not. Anyway, he created a fun tool called Password Haystacks which analyzes the time required to hack a given password, assuming certain variables. For example, 123456 is hacked in under 20 minutes if the hacker is using an exhaustive key search, or brute force technique. Play around with Password Haystacks and see how your password (or hopefully passwords) stack up!

About these ads

About Trent Scovell

http://about.me/trentscovell
This entry was posted in Nerd!, Tech and tagged , , , , , , , , . Bookmark the permalink.

2 Responses to Change Your Weak Password! Or Someone Else Will

  1. Now that’s a Public Service Announcement! Thanks Trent. That Haystacks site is wild…

  2. You’re welcome! Thanks for checking out the post. Haystacks is fun. Steve is also working on a method of creating unique passwords “off the grid” using a Latin square as a paper-based password guide. Latin squares are used in the familiar Sudoku puzzles. The idea is the user would create a unique Latin square and use the characters on the grid as a way to generate passwords. Not sure I’ll go that far with my password diversification, but the idea in general is pretty cool (and nerdy!).

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s