The future of passwords

An Age report into the future of passwords is interesting reading.

Looking for a safe password? You can give HQbgbiZVu9AWcqoSZmChwgtMYTrM7HE3ObVWGepMeOsJf4iHMyNXMT1BrySA4d7 a try. Good luck memorising it.

Sixty-three random alpha-numeric characters — in this case, generated by an online password generator — are as good as it gets when it comes to securing your virtual life.

But as millions of internet users have learned the hard way, no password is safe when hackers can, and do, pilfer them en masse from banks, email services, retailers or social media websites that fail to fully protect their servers.

Security experts widely agree on two core principles: make your passwords as long as possible, mixing up words with some numbers and symbols, and never ever use the same password for more than one website.

Beyond that, just cross your fingers and pray that the website you’re using is doing all it can at its end to protect the mental keys to your virtual world.

As someone who had their account hacked recently, I believe that password security is something that we don’t really take seriously until our account/s are compromised. Don’t wait for it to happen to you.

Read the whole report here.

Think your password is safe? Think again

Recently the Independent newspaper (UK) published a piece on the safety and security (or lack thereof) of our passwords.

Alarm bells have been ringing for security professionals more or less continuously over the past three years. In 2011, the number of Americans affected by data breaches increased 67 per cent. Every quarter, another multinational firm seems to trip up. PlayStation was a larger casualty, forced to pay $171 million (£112.8m) to protect gamers after its network was broken into. Before Twitter went down, 6.5 million encrypted passwords were harvested from LinkedIn, 250,000 of which later appeared ‘cracked open’ on a Russian forum. (‘1234’ was the second most popular choice; ‘IwishIwasdead’ and ‘hatemyjob’ appeared on one occasion each.) Now all these once-precious words have been added to gigantic lists that hackers can spin against other accounts in future attacks.

In part, progress depends on us – the web’s innocent masses. It’s been four weeks since I changed my password to a cavalry of new passphrases, and muscle memory still sees the old beloved word (a retro chewy sweet) typed into password boxes across the web. Companies will struggle to create security that gets under this convenience limbo. But the web is a darker place than most of us realise, and while we wait for better technology to filter through, it’s probably best to get used to slowing down and locking up.

Read the entire article here.

Staying safe online

The Social Media 4 Us website has provided some excellent tips for all of us to stay safe online. As well as the tips, they explain how to go about them, problems and solutions. Tips include:

  1. Create stronger passwords
  2. Shop safely online
  3. Back up your data
  4. Knowing what to do if your Twitter account is hacked

Read the whole post here.

How parents normalised teen password sharing – danah boyd

Social media and internet researcher danah boyd (featured on this blog in posts entitled Parental stalking online ‘unwise’ and Privacy in networked publics) has researched the teenage phenomenon of password sharing.

boyd says she has found the origins of password sharing, which is

The idea of teens sharing passwords didn’t come out of thin air. In fact, it was normalized by adults. And not just any adult. This practice is the product of parental online safety norms. In most households, it’s quite common for young children to give their parents their passwords. With elementary and middle school youth, this is often a practical matter: children lose their passwords pretty quickly. Furthermore, most parents reasonably believe that young children should be supervised online. As tweens turn into teens, the narrative shifts. Some parents continue to require passwords be forked over, using explanations like “because I’m your mother.” But many parents use the language of “trust” to explain why teens should share their passwords with them.

This is an important article for parents to read. Click here for the full text.

25 worst passwords of all time

Last week, Mashable published the list of the worst passwords of all time. Do you have one on the list? If so, change it asap!

SplashData created the rankings based on millions of stolen passwords posted online by hackers. Here is the complete list:

  • 1. password
  • 2. 123456
  • 3.12345678
  • 4. qwerty
  • 5. abc123
  • 6. monkey
  • 7. 1234567
  • 8. letmein
  • 9. trustno1
  • 10. dragon
  • 11. baseball
  • 12. 111111
  • 13. iloveyou
  • 14. master
  • 15. sunshine
  • 16. ashley
  • 17. bailey
  • 18. passw0rd
  • 19. shadow
  • 20. 123123
  • 21. 654321
  • 22. superman
  • 23. qazwsx
  • 24. michael
  • 25. football