Online Security and Safety Evangelist to McAfee Robert is an identity theft expert who is committed to ...
In light of the Yahoo Voices hack where 450,000 passwords have been compromised, it’s time again to let the world know what they are doing wrong when it comes to passwords. CNET pointed out that:
2,295: The number of times a sequential list of numbers was used, with “123456″ by far being the most popular password. There were several other instances where the numbers were reversed, or a few letters were added in a token effort to mix things up.
160: The number of times “111111″ is used as a password, which is only marginally better than a sequential list of numbers. The similarly creative “000000″ is used 71 times.
Protect your information by creating a secure password that makes sense to you, but not to others.
Most people don’t realize there are a number of common techniques used to crack passwords and plenty more ways we make our accounts vulnerable due to simple and widely used passwords.
Common Ways Hacks Happen
Dictionary attacks: Avoid consecutive keyboard combinations— such as qwerty or asdfg. Don’t use dictionary words, slang terms, common misspellings, or words spelled backward. These cracks rely on software that automatically plugs common words into password fields. Password cracking becomes almost effortless with a tool like John the Ripper or similar programs.
Cracking security questions: Many people use first names as passwords, usually the names of spouses, kids, other relatives, or pets, all of which can be deduced with a little research. When you click the “forgot password” link within a webmail service or other site, you’re asked to answer a question or series of questions. The answers can often be found on your social media profile. This is how Sarah Palin’s Yahoo account was hacked.
Simple passwords: Don’t use personal information such as your name, age, birth date, child’s name, pet’s name, or favorite color/song, etc. When 32 million passwords were exposed in a breach last year, almost 1% of victims were using “123456.” The next most popular password was “12345.” Other common choices are “111111,” “princess,” “qwerty,” and “abc123.”
Reuse of passwords across multiple sites: Reusing passwords for email, banking, and social media accounts can lead to identity theft. Two recent breaches revealed a password reuse rate of 31% among victims.
Social engineering: Social engineering is an elaborate type of lying. An alternative to traditional hacking, it is the act of manipulating others into performing certain actions or divulging confidential information.
Tips to Make Your Passwords Secure
In the end, it’s the responsibility to the public to protect themselves. This disclosure now requires those currently exposed to change their password. The rule of thumb is to change your passwords frequently, every six months. It’s a cliché, but true, passwords need to be strong. Let the keyboard be your palate and be creative. A common mistake people make is that they use dictionary or slang terms. Beware. Dictionary attacks use software that automatically plugs common words into password fields making password cracking effortless for various tools.