Each week we ask the members of our free Facebook group a question to help the community get to know each other. We love reading through your responses and seeing how supportive the community is to each other.
This week we wanted to know what they considered to be the most valuable thing they own. As always we received some really great answers, such as…
But out of all of the answers we received there was one thing which nobody mentioned…
Their passwords.
It’s probably not the first thing that comes to mind – perhaps because they aren’t a physical item? – but your passwords are critical for securing many parts of our public and private lives.
Today, we’ll look at three reasons why your password sucks (probably). Here goes…
Sometimes, easy to remember passwords are easy to guess passwords – but this isn’t always the case.
Your password could be easy to guess for a number of reasons, perhaps it is the name of a loved one, a pet or a place you have fond memories of. Ask yourself:
Could someone guess your password from the things you share online?
If your password is the name of a family member, could someone figure this out by taking a quick look through your Facebook profile?
Don’t change what you post to social media (I’m sure you’re friends and family love to see what you’re up to), instead change your password.
Perhaps your password has no connection to you or your relationships? While this may be a better approach it can still mean that your password is too common. It could be a number, a thing or a word such as:
We were recently alerted to an incident with one of our Alliance members that believed their website had been hacked. Our team sprung into action and began investigating the issue.
Something clearly wasn’t right.
The website looked mostly the same but there were some strange blog posts which we didn’t recognise. They had titles like:
We once believed that we needed a strong password to prevent hackers from trying to brute force their way into our accounts. Using special software that tries different combination of words to guess your password, they could eventually find their way into our accounts.
While this is still possible – and the reason you should use a mix of letters, numbers and symbols for your passwords – there is a much more likely way that someone could gain control of your account.
No company knowingly allows their customers information to be stolen but it happens.
There are some people out there who see your data as an opportunity to make some quick cash or stick it to society. Your data could be stolen along with thousands of other users and then posted online or sold to the highest bidder.
If you use the same password for several services this data breach becomes much more damaging. If, however, you use the same password for everything then you might just be handing someone a master key to your entire online life.
2. Hit the ‘pwned’ button to search and see the results.
The results are in and… uh oh! My personal email account may have been part of a data breach.
This is not a mock-up. My real details have been leaked and are out there somewhere.
Scroll down to see where the breaches took place and when.
You’ll see a list of companies/services along with what exactly has been compromised.
Here you can see that in May 2014 the URL shortening service Bitly was breached and email addresses, passwords and usernames were stolen.
Remember when we said using the same password was a bad idea?
Now you should understand why.
That said, it’s important to know that just because your information has appeared in a breach doesn’t mean all parts of it have. Sometimes a breach is just your email address, or a name and address. One thing is for sure though: if you have been involved in a breach then it’s a good idea to take precautions.
- Tibetan singing bowls – Kathryn
- Wedding photos – Janice
- 3 hours of daily ‘me time’ – Sudhyasheel
- Passport & photos – Lisa
But out of all of the answers we received there was one thing which nobody mentioned…
Their passwords.
It’s probably not the first thing that comes to mind – perhaps because they aren’t a physical item? – but your passwords are critical for securing many parts of our public and private lives.
Today, we’ll look at three reasons why your password sucks (probably). Here goes…
1. It’s too common or easy to guess
For many of us, we know that passwords are essential but that doesn’t stop them from being an inconvenience. Even if you only use a handful of services online you still have a bunch of passwords to remember.
Sometimes, easy to remember passwords are easy to guess passwords – but this isn’t always the case.
Your password could be easy to guess for a number of reasons, perhaps it is the name of a loved one, a pet or a place you have fond memories of. Ask yourself:
Could someone guess your password from the things you share online?
If your password is the name of a family member, could someone figure this out by taking a quick look through your Facebook profile?
Don’t change what you post to social media (I’m sure you’re friends and family love to see what you’re up to), instead change your password.
Perhaps your password has no connection to you or your relationships? While this may be a better approach it can still mean that your password is too common. It could be a number, a thing or a word such as:
- 123456
- password
- letmein
2. You use the same password
Another mistake when it comes to keeping your online accounts secure is using the same password for multiple services/websites.
We were recently alerted to an incident with one of our Alliance members that believed their website had been hacked. Our team sprung into action and began investigating the issue.
Something clearly wasn’t right.
The website looked mostly the same but there were some strange blog posts which we didn’t recognise. They had titles like:
- Costco Pizza Inexpensive Lasagne, but is it Worth It
- APA essay that is reflective: learn details and produce your action plan
- Characteristics of Russian Brides
3. You’ve already been breached
Do you know if your account information has been shared online? Would you know how to check if it had?
We once believed that we needed a strong password to prevent hackers from trying to brute force their way into our accounts. Using special software that tries different combination of words to guess your password, they could eventually find their way into our accounts.
While this is still possible – and the reason you should use a mix of letters, numbers and symbols for your passwords – there is a much more likely way that someone could gain control of your account.
No company knowingly allows their customers information to be stolen but it happens.
There are some people out there who see your data as an opportunity to make some quick cash or stick it to society. Your data could be stolen along with thousands of other users and then posted online or sold to the highest bidder.
If you use the same password for several services this data breach becomes much more damaging. If, however, you use the same password for everything then you might just be handing someone a master key to your entire online life.
Check your accounts now
1. Go to https://haveibeenpwned.com/ and type in your email address.
2. Hit the ‘pwned’ button to search and see the results.
The results are in and… uh oh! My personal email account may have been part of a data breach.
This is not a mock-up. My real details have been leaked and are out there somewhere.
Scroll down to see where the breaches took place and when.
You’ll see a list of companies/services along with what exactly has been compromised.
Here you can see that in May 2014 the URL shortening service Bitly was breached and email addresses, passwords and usernames were stolen.
Remember when we said using the same password was a bad idea?
Now you should understand why.
That said, it’s important to know that just because your information has appeared in a breach doesn’t mean all parts of it have. Sometimes a breach is just your email address, or a name and address. One thing is for sure though: if you have been involved in a breach then it’s a good idea to take precautions.
How to strengthen your security
Fortunately for me (and my poor Bitly account details) I have used a password manager for many years. I originally started using one so that I didn’t have to remember my password and I didn’t have to type it out each time I wanted to login to a site. My quest to make my life easier has probably saved me more than a few times. So my Bitly account was compromised but my password would have been 100% unique. Just a random mix of letters, numbers and symbols created by my handy password manager. A key that fits only one door. Around the time of the breach my password manager alerted me and I was able to change the login details. My old login details may still be out there in some dark corner of the web, but they are no longer valid. What could have been a stressful situation was little more than an inconvenience. Now, this won’t always be the case and sometimes these breaches can be quite serious – anything that includes credit card numbers is guaranteed to get my heart pounding. Password managers are a great way to stay organised and limit the damage that a data breach can cause, we swear by them.How secure are your passwords?
Are you guilty of using the same password again and again? Did you find your account information had been involved in a breach? Leave a comment below and let us know how your passwords stand up to scrutiny.
Brett Worth
Project Success Manager
With a background in web design and development, Brett guides our clients through all aspects of our done-for-you branding experiences.
0 Comments