Thursday, 16 December 2010

Protect your password

Over the weekend a site called Gawker, I confess I've never heard of it, was hacked and account details of over a million users were published.  That includes their passwords.

Because people are inclined to use the same password for several different accounts, there has been quite a chain effect and Twitter accounts have been compromised.  Amazingly, the most common password among the Gawker users was 123456 followed by password and 12345678. 

Apart from not using the same password for different accounts, there are other important lessons we can learn:
  • Don't use an easily guessed password such as "123456" or "password".
  • Do use a mixture of upper case, lower case, numbers and other characters.
  • Don't use a word that can be found in a dictionary.
  • Don't use the same password everywhere.
  • Don't use personal information such as your name or date of birth.
It's only a year or so since passwords were collected and published in a very similar way, and that time the very same passwords turned out to be the most commonly used.

This video, I think, is good at explaining how to set up something more secure.


  1. Very, very interesting,thanks for the link!

  2. I've heard of Gawker. I even have a password. I guess that means I am finally published? I'm hacked at that. I do like your suggestions for making up passwords, but, if someone hacks a database of personal information, then there it is, even though it is difficult to remember. :)

    Your point is well-taken.

    I am at a loss as to why someone would want information about the crazies who are Gawker members, though.

  3. My brother is the only one I know that can remember a password that is like a generated random number with alphabets.

    What I'd like to see is someone who has created viruses, Trojan horses, and hacked into major databases be caught and prosecuted and sentenced as if they have committed tax fraud.

    Sometime you personal data is just stolen, because it is in a place it shouldn't be, by people who by law are suppose to protect your privacy. That has happened to me. All of my patient info was downloaded to a laptop which was stolen. The file wasn't encrypted and the laptop didn't even belong to the hospital. Fortunately, no fallout from it yet.

    A thief is a thief.

  4. Important info, but I have so much trouble remembering passwords!


Forethoughts, afterthoughts, any thoughts. Tell me.


Blog Widget by LinkWithin