It has been on my list for long but I finally decided to audit all my accounts, & passwords. The longer we are on the internet, the more we start not paying attention to security, and the more vulnerable we become.
The key triggers that drove me to pay attention to this were a security session I attended at work where the speaker told us about how a hacker hacked a wired editor’s apple account, remotely wiped his phone, ipad, and macbook, then deleted his Gmail with all backed up photos and emails, all of this to steal his 3 letters twitter account! While this wasn’t a normal hack, it was engineered by exploiting the friendliness of customer support agents at Apple and Amazon. You should read the story.
The second trigger was these two videos I watched on Computerphile where they explained how computers got really fast that they can now crack 8 characters passwords very easily & what you should do to protect your accounts.
Here are the things you should do to make sure your passwords are secure:
- Never recycle passwords. It takes hackers hacking one website to get access to your accounts on all other websites. You don’t want this to happen so make sure you have a different password for every website.
- It is very hard to memorize a password for every website, so use a password manager to store all these passwords, and have it generate a random password for each website. This way you can have a single strong password that you need to memorize while offloading the rest of the work to the password manager.
- Password managers simply encrypt all the passwords you store on their website where they can’t decrypt it unless you enter the master password. This way even if a password manager got hacked the hackers won’t be able to know the passwords you stored without knowing your master password (Not exactly like this but let’s not get into the technicalities).
- Make a list of all the accounts you have, and go change the password for each of them with a new randomly generated password. Store the new passwords in the password manager and if you store passwords in your browser (Chrome/Firefox) make sure to delete them or not store the new password there.
- NEVER exchange passwords electronically, NEVER give your master password to anyone or store it anywhere except your head.
- One might say, who cares about me? I am no one to hack. This is true, but you will be surprised at how many websites you have your credit cards, Photos, and Personal info into. Should I only secure those? NO, because hackers collect different pieces of information from different websites to hack other websites. If one account gets hacked, they can use the info there to hack other websites.
Nothing will make you a 100% secure. And I am sure I forgot some accounts that I didn’t secure. Yet before you let go remember that security is like unsafe sex, it takes one mistake to regret for the rest of your life.