Keeping in the mind the latest cyber crime by the Russian gang.
We have been reading all over in the news about various hacking incidents. On Tuesday, 05 Aug 2014, a Russian crime gang had accumulated about 1.2 billion username and password combinations.
Information about this cyber crime was exposed by Milwaukee-based Hold Security, that calls it “the largest known collection of stolen Internet credentials.”. However, researchers have not shared the origin of the data nor have they divulged the victim websites. The company also said that it didn’t want to name the organizations whose websites are still susceptible to hacking, quoting non-disclosure agreements.
Online life has always been under security threats, but now with the exaggerated attention on them it imperative to review different ways to protect yourself.
If one feels that there could be a chance of any of your password being compromised, then its time to change them with no further delay. One of the most important things you can do is to make sure your passwords are strong enough. Below are the top seven ways to spike them:
* Ensure your password is long. The optional minimum length is eight characters, 14 can be better and if the length of the password is 25, then even better. There are some services which have character limits on passwords.
* Always use variation and combination of letters, numbers, usage of upper and lower case and symbols such as an exclamation or an asterisk mark. One might encounter some services that don’t allow that, but one can try to diversify it as much as possible. “SecREt*!28” is a better combination than “secret28.”
* Desist from using dictionary words, even if you want a number /symbol combination. Programs designed to crack passwords by going through databases of known words are available. One can use a combination of adding numbers in the middle of a word – like “seC012Re304T” instead of “secret012304.” Another way could be making a sentence and apply just the first letter of each word – as in “mhwtss” for “make hay when the sun shines.”
* Use of substitute characters. For example, instead of the letter O, you can use the number zero and or replace P with the number nine.
* Desist from using easy words, like your pet name, your own name, name of your hometown, pets name, or any of your close relatives name. Similarly avoid using birthdays or pin codes. However the same can be used at the time of creating a combination which could result in a complex password. You can try reversing your birth date or phone number and apply it to a twine of letters. Also, you should also avoid using the word “password” as your password, or any consecutive keys on the keypad, such as “3456″ or “qwerty.”
* Do not recycle passwords on any accounts. For example if you creating a password for one time use them it can be considered ok to use simple passwords and repeat them in those situations. Do not use them for sites where it lock features that involve credit cards or posting on a message board. That will require you to focus on having strong passwords.
One exemption is to login using a centralised sign-on service like in Facebook Connect. Facebook gives you the option of using the username and password instead of creating a separate one for the video site, as per Hulu. On a technical note, this isn’t reusing your password, but a matter of Hulu borrowing the log-in system which Facebook already has. This information isn’t deposited with Hulu, in fact Facebook simply states your identity to Hulu’s computers. Therefore it’s very important to keep your Facebook password secure.
* Gmail, for example allows you to use two passwords when you use a particular computer or device for the first time. If the feature is available, then the service will send a text message with a six-digit code to your phone every-time you to use Gmail from an unrecognized device. You’ll need to state that code for access, and once used the code expires. It’s optional, and can be frustrating – but it could surely save you from a lot of heartache later on. Hackers will find it difficult o access the account without having an access to your phone. One can turn it on by visiting the account’s security settings.
