Had a Radio Listener Instant Message me today on Facebook wondering if I could recommend a Free Email program. She stated that she had previously used MSN but had been hacked into and got rid of the program. At the top of my mind, I recommended Gmail. The program comes from Google which offers a wide range of tools that you may or may not use from Google Voice, Talk to Picasa to email with Gmail just to name a few.
As soon as I had typed my suggestion for Gmail I received a response right back, “Can’t use that – friend had hers hacked..” I was beginning to see a pattern here. The thought came to mind about delivering a smart alec answer of “Maybe you should use the postal service” but then thought, she might come back with “somebody stole the mail out of the box!”
This of course for those of you looking for a free email program or using any type of service on the web brings the reminder to make sure your passwords are difficult to crack. Using words like password, dog, admin or pass are easily guessed and could open up your Email or any kind of program requiring a login to problems.
Another reminder is to not use the same password for multiple services. While this can be more difficult as more services require user names and passwords, this can help protect you in the case a system is compromised with personal information and associated passwords. There are some programs and even hardware on the market to help not only create passwords that would be very difficult to crack but also store passwords for multiple sites. One of those companies is ID Vault found at http://www.idvault.com/
If you are looking for some ideas on how to create a viable password, a good rule of thumb is make the password more then 8 characters. There are some password cracking programs that can quickly uncover a password in less then an hour when the password is less then 5 characters. Using Lower and Upper Case along with punctuation and numbers is also a great way to make the password more difficult. Many will recommend using a favorite term or saying to help deliver a strong password. Maybe you enjoy eating at Five Guy Burgers (Plug Bell Please). How about taking the term “I Love Eating at 5 Guys Burgers!” This could be translated to Ilea5GB! – We have upper Case, a Number and Punctuation mark in the password.
It’s also good to remember safe computing as well. If you get email from unknown users asking you to click on something, do you really have to? Do you have to open a file from a known user that you haven’t talked with in awhile? Do you have a good anti-virus program? There are some free ones that are quite good on the market however, having the security of a program that is constantly testing and delivering solutions to its users with a paid subscription to updates will provide more protection again new viruses. Isn’t it worth the 30 or 40 bucks a year?
So please remember, in most cases – if your Email was hacked – there was probably a step here and there that was missed. Clicking a link, no protection on your system, using a public computer and not logging out or a system already infected with a keylogger or a password that can be guessed at or easily figured out. Also, don’t write your password under your keyboard or on a post it note attached to the monitor. Yes, I’ve seen that before. For more information on Virus Protection take a look at http://www.symantec.com The Makers of the popular Norton Anti-Virus or http://www.eset.comthe makers of one of my favorites Eset Nod32. More tips on Password Creation can be found at http://www.microsoft.com/protect/fraud/passwords/create.aspx
Generating a secure password is only half the battle. I have found many users sign up for a website such as Gmail or Hotmail and decide to associate a real life object, name or dates as the security answer for password retrieval. This is a big no no in my opinion.
Example: What year did you graduate High School? (If it was 1992, use something like 1905). It wouldn’t be difficult for someone to do a bit of research online to gather the information needed to crack your accounts. You do not have to be exact. Just use something random.
I have also found that creating multiple e-mail accounts for different parts of your life is a good idea. Lets say you create one for financial and one for social. (Facebook, Myspace, and Twitter). Not allowing anyone to know the e-mail address you use for online Banking or other sensitive sites is extremely important.
I also recommend applications that store your user account information. One I have found that works well is Keepass (Free). It is available for Linux, Windows and Mac OS X. Keepass creates a database that is encrypted and protected with a single password. (Use a secure password.) Using something like your pets name would be very foolish. Keepass generates a random password based on a predefined setting within the application. You can generate passwords as complex as you like. When using an application such as Keypass, It is an excellent idea to create random backups of the file. The one pitfall of an application that stores your passwords in a single file is the following. If you loose, delete or misplace the file. You will be lost. So please take the proper precautions. However this application can be installed or placed on a USB stick for potability. That is a definite plus.
Keepass for Windows – http://keepass.info/
Keepass for OS X – http://www.keepassx.org/
Keepass for Linux – Check your distros repository. In Ubuntu you search for Keepass in Add and Remove Applications.
Keepass in action – Hak5 Episode on Securing your passwords with Keepass – http://www.youtube.com/watch?v=B7TtjOjtN_g&p=66F36D11CF83B9F4&playnext=1&index=8
This is just one angle on securing yourself online. Making sure your computer is protected from malware that is designed to steal private information is also important. You cannot protect yourself from every single threat out in the wild. But educating yourself is very important. Take the time to read everything you come across online or on your computer. Try not to randomly click on pop-ups and adverts. If you have issues with understand anything you happen to come across. Google is your friend! Search it online!
Other side notes:
Making sure your operating system is up to date.
Update your Anti-virus and Anti-malware software. Schedule regular scans on a weekly basis.
Keep track of the applications you install on your system. Write it down in a notebook.
Patch all 3rd Party Software. – The CNet Tech Tracker is an excellent (Free) application that keeps track of all software installed on your machine. It supports Windows and Mac OS X. It compares the version of software installed on your computer with the version listed in the CNet Database.
http://www.cnet.com/techtracker-free/
Hope this helps!
~wp