Family Safety, Identity Protection

Using Social Media Passwords With Critical Accounts

2
By on Nov 22, 2010

For some social networking sites, security is not a top priority. Some do not protect your data with the same vigilance you could expect from your bank, for example. Nor do social media require strong passwords. And if you use the same passwords for more critical sites, like webmail or online banking, having your social networking account compromised can make those other accounts vulnerable as well.

Last year, 32 million passwords were posted online after a data breach at RockYou, a company that creates applications for social networking sites. The breach revealed the weakness of most people’s social networking passwords.

InformationWeek reports, that all the major sites have the same minimum password length of six characters. And password complexity checks are few and far between.

Of the 32 million people whose passwords were exposed, almost 1% had chosen “123456.” The next most popular password was “12345.” “Princess,” “qwerty,” and “abc123” were other common choices.

In another instance, phishers posted thousands of Hotmail addresses and the associated passwords in an online forum. These passwords were equally obvious. Those used most frequently included “111111,” “123456,” “1234567,” “12345678,” and “123456789.” Many of the phishing victims used people’s first names as passwords, most likely the names of their kids, spouses, and so on. 60% of the exposed passwords contained either all numbers or all lowercase letters.

Naturally, anyone using an insecure password is far more likely to be hacked. It is crucial to have strong, secure passwords for all online accounts, including social media accounts. And it is equally important to use different passwords for different accounts. Using the same password for social media sites as for critical accounts, like webmail and online banking, is an invitation for identity theft.

To protect your identity, observe basic security precautions. Consumers should also consider an identity theft protection product that offers daily credit monitoring, proactive identity surveillance, lost wallet protection, and alerts when suspicious account activity is detected. McAfee Identity Protection includes all these features, plus live help from fraud resolution agents if your identity is ever compromised. For more tips on protecting yourself, please visit www.counteridentitytheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss hacked email passwords on Fox News. (Disclosures)

2 Comments

  • social media is the flavour as of the present days.
    SO its required that strong passwords has to be kept to prevent this .

  • Unfair to put the blame on the sites. I administer a site and its not uncommon for users, when they have a problem, to email me their passwords and say “its the same one I use for everything”.

    Some users are just totally unsophisticated and sites like facebook wouldn’t have the uptake they crave if they made security a higher priority.

    Its up to the user to have passwords that are secure and that are different from other sites.

    I recently had the painful experience of a keepass database corrupting and therefore losing all my passwords. My kids mock me for having some written on the wall – but the bad guy doesn’t sit in my office and can’t read my notes. Whichever way you play it, its for the user to play it safe.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>