— from Lisa Steckley for 376Tech.com —
One for One
Don’t re-use passwords. Rule number 2 to keep the data doors locked. Why? The bad guys know we have a bad habit of re-using passwords. The sites we use those passwords on have a bad habit of getting hacked. The crooks have programs that try hacked passwords on hundreds of sites quickly. You see the problem. If you have re-use your password it won’t take them long to find the sites you use and get into your account.
If they don’t get in with the simple brute force, others take the time to target you directly. They do not know how big of a fish you are until they get in. In their mind, you are worth the effort. They have many ways to profit off your email, accounts or computer, even if they don’t get to the bank account.
For the bad guys, it is a numbers game. Passwords sold from hacks bring cents each. Verified passwords bring much higher prices. Sell either a few million times? A good day for the bad guys.
Tech Tip: Don’t be the low hanging fruit. Each site needs a unique, long password.
For fun- check out this collection of sites that have been hacked: https://haveibeenpwned.com./PwnedWebsites
This is only a partial list. There a plenty more that do not tell us they lost our data because it is bad for business!
**If you are reading theOrcasonian for free, thank your fellow islanders. If you would like to support theOrcasonian CLICK HERE to set your modestly-priced, voluntary subscription. Otherwise, no worries; we’re happy to share with you.**
Excellent advice. I would also suggest changing the passwords on your router, printer, and any other device on your network that can connect to the internet, as such devices have already been hacked and used in botnets and bitcoin mining schemes.
Thank you Robert. Also important to secure those devices. We will dive deeper into these connected devices later in the column, so thanks for the preview…. and concern. End point (each of us) need to practice good security hygiene to protect all of us.
Good column, Lisa. I would like to put in a plug for password managers. In addition to the requirement of “unique, long passwords”, I would add that it should also not be in any known language. Random strings of characters (including UPPER, lower, 1234, and punctuation) should be used. I use random.org to get truly random passwords, ex: dSG%XMTez^GF82Z*qfL
It’s difficult for humans to remember strings like that. Password managers can. Here is a good review of current password managers:
https://www.cnet.com/news/the-best-password-managers-directory/