Support in other languages: 
Showing results for 
Search instead for 
Do you mean 
Reply
Retired Employee
JameZ
Posts: 3,110
Registered: ‎07-11-2010
Location: Malaysia

How "safe" are your passwords?

[ Edited ]

Hi All,

 

This is just a discussion on the recent information hack and password hack based on the Wikileaks and Gawker media hacked issue.

 

PCmag's coverage on Gawker incident

 

Cnet's coverage on Gawker incident

 

Based on this current events, it really makes me think about the safety of my passwords if ever these sites which stores my information, password and email has been compromised. What steps do we need to take to prevent identity theft or fraud. I understand BugBatter has written a post on "Tips for Keeping Your Lenovo Safe Online" however in this post I want to discuss some tips on passwords which are kept on sites which could be hacked (such as Gawker incident) and prevent futher "password" leak and prevent those people from accessing other sites such as social media sites, banking information and etc.

 

So the following are the items which I normally practice.

 

Using different password for different sites.

 

  • Banking password
  • Forum password
  • Office ID password
  • Email password
  • Social media site password
  • Never use the same password for the site and for your email account.

Passwords are alphanumeric and are 12 characters long

 

  • Example of password "jKpw45q1UsW2"

No words found in dictionary for password is used.

 

  • This is to prevent those using brute force attack

Using different email accounts.

 

  • 1 email is for your social network or friends / family to send important emails
  • 1 email is for your spam (those chain mail sorts - hate those)
  • 1 email is for banking use or business use

Change password every 2 to 3 months.

 

  • Just in case your password has been compromised.

 

The above is the sort of prevention which I practice, please feel free to add more as I know there are heaps of security guys out there and I would love to hear from you all about how to keep our passwords safe in case such Gawker incident happens. I rather lose 1 account than people accessing my information.

 

Also I understand some of you uses a password generator and password manager to keep your software, feel free to discuss on those as well.

 

Not forgetting, please try to explain a bit on the terms and how does it help so people like myself can understand better.

 

//JameZ

 

p.s - Found this article on Gawker's incident - "How to protect your business from poor password choices"

 

edit note: added some info.

 

 

Check out the Community Knowledge Base for hints and tips.


Did someone help you today? Press the star on the left to thank them with a Kudo!

If you find a post helpful and it answers your question, please mark it as an "Accepted Solution"!




W520 | 4176-38U | i7 - 2720QM | Quardo 1000M | 8GB RAM | 60GB OCZ Agility 3

Bugbatter
Posts: 757
Registered: ‎05-01-2010
Location: USA

Re: How "safe" are your passwords?

Related article with an excellent how-to video: "The top 50 passwords you should never use"

http://nakedsecurity.sophos.com/2010/12/15/the-top-50-passwords-you-should-never-use/


If you find a post helpful and it answers your question, please click the "Accept As Solution" button.

Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.

Microsoft MVP - Consumer Security

SpywareHammer

Posts: 1,502
Topics: 38
Kudos: 117
Solutions: 49
Registered: ‎04-20-2010
Location: Jeffersonville, Indiana
0

Re: How "safe" are your passwords?

[ Edited ]
Yeah I am one of those users, I get daily emails from LifeHacker (amazing stuff). Well I did figure something was up when I did not get and email or 2 for a few days, and had also noticed that none of the links in the emails worked, then I received an email from gawker the next day, I quickly changed passwords to here, and emails due to not knowing what password/username lifehacker had. Of course my bank is different. But yeah none of them are the same anymore... LOL. I got lucky I would say.
IT Specialist and Consultant
Lenovo Tablet Evangelist
Current Machines: IdeaCentre A300, ThinkPad Tablet, ThinkPad L410, and IdeaPad U410 Touch

Deutsche Deutsche Community   Español Comunidad en Español

Lenovo - the latest in DOtabs, DOpads, DOcentre's, DOstations and DOservers!
Lenovo Staff
Serene_Lenovo
Posts: 1,003
Registered: ‎08-02-2011
Location: Singapore

Re: How "safe" are your passwords?

[ Edited ]

 

Interesting story of a Singapore celeb who had her Facebook account compromised... and she didn't even know!

 

http://news.asiaone.com/News/Latest%2BNews/Showbiz/Story/A1Story20110814-294426.html

 

 

When actress Apple Hong found herself locked out of her Facebook account on Thursday morning, she didn't immediately do anything about it. It was only in the evening that it dawned on her that her account had been hacked.

The hacker used her account to ask her fellow artistes for their telephone numbers.

 

The 33-year-old actress said: "I don't feel particularly upset about losing the Facebook account. After all, the stuff I post there is not really private.
"What really gets me is that my friends might have been duped by the hacker and might have given him their contact details thinking it was me."
Hong was not the only celebrity victim. Fellow actress Joanne Peh's Facebook page was also hacked.
Around 4pm yesterday, Peh tweeted that her "Facebook account got hacked", but she had "since restored it".
But about four hours later, she tweeted: "Hacked my Facebook again? What the..."
Unlike Peh, Hong didn't give it much thought when she could not access her account on Thursday. "I usually check Facebook first thing in the morning, and I found it strange that my password was rejected," she said.
"I tried entering different passwords I usually use, but that didn't help."
She then made an online request to reset her password, and was told that the change would take effect only after 24 hours.
Anxiety kicked in when she received a call from her actress friend Cynthia Koh.
"Cynthia called me at about 11.30pm and told me that she had received a Facebook message from my account saying that I had lost all my contacts," she said.
"The message asked her to reply with her mobile number and other contact details."
Thankfully, Koh did not take the bait.
"After her call, I managed to successfully log into my Facebook account with the new password," Hong added. 

"I immediately updated my status to alert my Facebook friends about the hack and warned them to not give out their contact details."

Yesterday morning, she sent out a message blast through messaging service WhatsApp to warn her friends about the hacker.

 

She then discovered that an unknown e-mail address had been added to her Facebook account.
This gave the owner of the e-mail address access to her profile and related settings.
"I tried time after time to remove the e-mail address, but Facebook did not allow me to do so," said Hong, whose relief at regaining control of her Facebook account was short-lived.  Yesterday afternoon, she was locked out of the account again.
The message she had posted to warn her friends about the hack had also been removed from her Facebook page.
Hong submitted a complaint to Facebook and has no plans of trying to regain access to the account. She said she will eventually create a new Facebook account.

 

The New Paper was unable to reach Peh for her comments.
Internet security expert Aloysius Cheang said there are several steps you can take to protect your Facebook account from being hacked.


"Look into anti-virus and anti-data-leakage security software to protect your mobile phone or computer," said Mr Cheang, the regional director of Cloud Security Alliance. Netizens should also read up on the creation and usage of passwords.
"Never create a password based on information that is known about you, such as your date of birth and your pet's name," he added.
It is also worth the hassle to disallow your Internet browser from saving your password. Mr Cheang recommends changing your password every 90 days. Finally, log on to the Internet only at trusted access points.


"For those who need to log on to public access points such as free wireless network wireless@sg, choose the secure version, which is wireless@sgx, or check the box which allows you to connect securely," advised Mr Cheang. This article was first published in The New Paper.

 

Lenovo Staff
Serene_Lenovo
Posts: 1,003
Registered: ‎08-02-2011
Location: Singapore

Re: How "safe" are your passwords?

Dogdurianlaughjump

Randomness at its best? Apparently that is the best way to go about ensuring your account never gets hacked into. That, and get a password manager.

Great tips from this article:
https://m.facebook.com/l.php?u=http%3A%2F%2Fwww.zdnet.com%2Fblog%2Fnetworking%2Fcartoon-makes-better...
Guru
ColonelONeill
Posts: 6,845
Registered: ‎12-26-2009
Location: Toronto

Re: How "safe" are your passwords?

[ Edited ]

Original found here:

http://xkcd.com/936/

W520: i7-2720QM, Q2000M at 1080/670/1340, 21GB RAM, 500GB HDD, FHD screen
X61T: L7500, 3GB RAM, 500GB HDD, XGA screen, Ultrabase
Posts: 1,502
Topics: 38
Kudos: 117
Solutions: 49
Registered: ‎04-20-2010
Location: Jeffersonville, Indiana
0

Re: How "safe" are your passwords?

Safest password ever is one created with 63 randomly generated characters of both letters and numbers. :smileyhappy: Would take years to crack it.
IT Specialist and Consultant
Lenovo Tablet Evangelist
Current Machines: IdeaCentre A300, ThinkPad Tablet, ThinkPad L410, and IdeaPad U410 Touch

Deutsche Deutsche Community   Español Comunidad en Español

Lenovo - the latest in DOtabs, DOpads, DOcentre's, DOstations and DOservers!
Bugbatter
Posts: 757
Registered: ‎05-01-2010
Location: USA

Re: How "safe" are your passwords?

[ Edited ]

Related:

Study suggests Facebook passwords too easy to work out

Facebook and other social network users are giving away clues to their online passwords, according to a new study.  http://www.bbc.co.uk/news/technology-15258401

 

 


If you find a post helpful and it answers your question, please click the "Accept As Solution" button.

Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.

Microsoft MVP - Consumer Security

SpywareHammer

Posts: 1,502
Topics: 38
Kudos: 117
Solutions: 49
Registered: ‎04-20-2010
Location: Jeffersonville, Indiana
0

Re: How "safe" are your passwords?

your links not working, for some reason its adding %EF%BB%BF/ to it when you click it.

Delete %EF%BB%BF/ and the page will load. Weird.
IT Specialist and Consultant
Lenovo Tablet Evangelist
Current Machines: IdeaCentre A300, ThinkPad Tablet, ThinkPad L410, and IdeaPad U410 Touch

Deutsche Deutsche Community   Español Comunidad en Español

Lenovo - the latest in DOtabs, DOpads, DOcentre's, DOstations and DOservers!
Bugbatter
Posts: 757
Registered: ‎05-01-2010
Location: USA
0

Re: How "safe" are your passwords?

Thank you for letting me know. I'm not sure why that link did not format. I edited the post, but it is the same link. Maybe it will work now?


If you find a post helpful and it answers your question, please click the "Accept As Solution" button.

Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.

Microsoft MVP - Consumer Security

SpywareHammer