Was there another huge hack of stolen passwords for LinkedIn, Facebook, Gmail, etc.? – Rebecca
The most recent rumblings of yet another security breach for over two million accounts from sites like Facebook, Yahoo, Google, Twitter and LinkedIn are true and should serve as another wake up call for all of us.
Security firm Trustwave discovered a server in the Netherlands that had posted over two million credentials for social media and email accounts that had been compromised from around the world.
According to Trustwave, the five most common passwords were “123456,” “123456789,” “1234,” “password” and “12345,” despite all the warnings about using simple passwords.
In fact, in their estimation, only 5 percent of the stolen passwords were considered excellent, 17 percent were considered good and the rest were pretty weak.
In addition to traditional brute force attacks to break simple passwords, they believe that the cybercriminals used silent keylogging programs to record keystrokes on computers that they had infected. Keyloggers allow a remote hacker to essentially record every keystroke you type and send the transcripts of your activities to them automatically.
Keyloggers can be hidden inside of other programs that appear to be legitimate or inside of fake copyrighted materials such as movies, music and expensive software programs on file-sharing networks.
If a keylogging program sneaks its way into your computer, there are no real obvious signs that you have been infiltrated which is why they are so dangerous.
If one of your social media accounts was compromised during this attack, you would have been notified and asked to create a new password by now.
Security breaches are a fact of online life (just ask two million people at Maricopa Community Colleges), so you should assume that at some point, your accounts will be compromised and consider doing the following:
1) Make your passwords longer
Adding more characters to your password will significantly decrease the chances of it being “guessed” by hackers. Shoot for a mimimum of 15 characters but make it something that you can remember. Add extra symbols, upper case letters and numbers for the most secure passwords. A great resource for understanding and testing your password ideas is Steve Gibson’s Password Haystack tool).
2) Activate two-factor authentication on all your accounts
Two-factor authentication uses something you know (your password) with something you own (your cellphone). Once you set it up, anytime someone uses your password from a computer, tablet or smartphone that the site does not recognize, it sends your cell phone a special code that you must type in within a short period of time.
Unless someone steals your password and your phone at the same time, they won’t be able to access your accounts. It’s also a great way to know that someone has acquired your password. If you get a text message with a special code and you aren’t trying to log into your account, someone else is!
3) Quit using the same password on all your online accounts
Hackers know that most people use the same passwords across many of their accounts, which makes a breach even more dangerous if you’re guilty of doing this.
I’ve written in the past on creating strong, but easy to remember, passwords along with some suggested password management programs which is posted here.
- Telecommuting: 5 tips to make it work for employers and employees
- See how top CFOs feel about economic growth in the Valley
- Migraine myths that keep patients from effective treatments
- Here’s why Gaydos went tankless with his water heater
- 12 things to watch before the Oscars
- Bocce ball and basketball: How you can help Arizona's Special Olympics athletes
- Tips on building the best wine room in Arizona
- Avoid the nightmare: 6 tips to choose a great contractor
- Breast cancer: Improved testing and treatments means more survivors
- Best and worst of Super Bowl commercials
- Failed back surgery: New hope for patients living in pain
- Ticking time bombs: Telltale signs your water heater is about to explode
- Reading glasses could be a thing of the past
- 6 cool ways teachers are using technology in the classroom
- Emerging tech jobs in Phoenix and how to get one in 2017
- 4 top treatments athletes use for pain
- Emergency! What to do when bathrooms flood
- Operation Santa Claus needs holiday help
- This college bowl season is likely to be epic
- Arizona kids in crisis: How you can help
- 11 holiday classics for the ultimate movie marathon
- New treatment offers hope for migraine sufferers
- 11 stadiums to watch your favorite football team
- Shopping for a TV? Best models for 2016
- The new beer pairing guide for holiday foods
- Avoid this holiday plumbing disaster in your home
- 7 tips to avoid holiday weight gain
- New treatments mean better prostate cancer survival rates
- 5 of the scariest things found in drains
- 6 tips to create the best family movie night
Latest Data Doctors
- Lessons and tips we can all learn from 1 billion hacked Yahoo accounts
- Should I consider adding Trusteer Endpoint Protection to my computer?
- Know your options if you are suddenly hit with ransomware
- If hackers can access public figures' email accounts, how can I stay safe?
- Don't worry: Portable cellphone battery chargers are not likely to explode