Support us with Kachingle!
September 13, 2012 | 12:00 a.m. CST
Passwords are the single-most important piece of information that connects us to our cyber lives. These six- to 20-something jumbles of letters, numbers and symbols make it possible for our information to be safely stored on the Internet.
Or so we hope.
Recently, there have been major security breaches at a number of popular sites, including LinkedIn, eHarmony and other web communities. According to an Aug. 21 story published in The Atlantic Wire, the main reason behind the success of these attacks is a simple but scary one. Password- hacking techniques have gotten better while our inventiveness and cleverness when it comes to creating them has gone downhill.
Erin Morris, an MU junior, knows firsthand why it’s important to use secure and clever passwords to avoid attacks. She has been hacked three times across different platforms, including twice on Facebook. Three months ago, her account was hacked by what’s called a “spambot,” which posted inappropriate links on her friends’ walls. “It was really kind of embarrassing because it looks like you’re posting it,” Morris says. “But obviously I would never be posting porn to a friend’s wall.”
Although the stories of people falling victim to password hacking are numerous, the perpetrators themselves fly somewhat under the radar.
A simple Google search for “password hacking” returns results for downloadable programs that do the job. In many cases, password-cracking can come in the form of phishing, a seemingly harmless email or message asking for an updated or changed password. When responded to, victims unknowingly surrender personal information, oftentimes including passwords. Terry Robb, a spokesman for MU’s Department of Information Technology, says to look out for suspicious messages and to never respond.
There are a few steps Internet users can take beyond ignoring these sly emails to make sure their account information doesn’t become the property of hackers.
First, however repetitive it might sound, create a unique password for every online account, Robb says.
Second, when creating a new password, construct something complex. Avoid common words such as “password” or single dictionary words, says Mike Bellman, a tech support agent with Socket, a Columbia Internet and telephone service provider. “A decent password would be the name of your pet as well as the model of your first car plus your graduation year,” Bellman says. “Three things easily remembered by you, but nearly impossible for someone to hack using an algorithmic method.”
Before creating that complex password, however, be sure you can remember it. “It’s a balancing act between complexity and simplicity, and we err on the side of more complexity,” Robb says.
Although writing down passwords has its dangers, Bellman recommends that if you have to, keep them in a place away from the computer and fill them with extra “garbage” phrases or numbers that you and you alone will be sure aren’t actually part of the password.
For those who have had accounts cracked, the lesson on the importance of password strength comes too late.
“I thought it was only people who weren’t careful enough that always found themselves in sticky situations on the Internet,” Morris says. “But you literally could just be doing nothing wrong, and you’re faced with something stupid like this.”