In recent news security experts are saying that more than two million Facebook, Google, and other “cloud” accounts have been hacked, compromised, and circulated online! This is just another hack attack announcement in a slew of online account compromises that’s been in the news lately.
So you might be wondering, how in the heck did they get into so many different types of accounts? Well, the answer actually is very simple: 1.) A Dictionary and 2.) User complacency. Users can be terrible at picking good strong passwords and remembering them for each service they sign up for or online account they create.
The attackers that stole the Facebook passwords used a dictionary of common passwords and variations thereof ie: password123, PAssW0rd123, etc… to try to log into a users Facebook, Gmail, or other online service. These attacks are automated and can be carried out successfully in a very short time. So if your password matches an entry in the password dictionary then the attacker gains entrance to your account in relatively short order. Then in a nutshell, the ill-doer simply takes the guessed password and tries it on all your other accounts, your Gmail, your Facebook, your bank. And then those compromised accounts get sold. Sometimes they are used for spamming and sometimes for worse things.
And you probably know what happens next if you’ve ever had your Facebook or Gmail or Yahoo account hacked– friends emailing you telling you that you’re sending spam, or worse like identify theft.
So how can you protect yourself?
- Change your passwords to random passwords at least 8 characters in length that contain a capital, a number and a symbol.
- Use a different password for each different account to keep the damage localized to that service and not spread to your other accounts.
- Use a password keeper tool like Keypass Keepass password safe to make managing different passwords easier by only having to remember one.
Free Good Password Tool
Here is an easy password generation tool. If you click the link it will generate a random passwords. Click refresh in your browser until you find one that suits you. And don’t worry, this link is refreshed every time and no two passwords are ever the same and we don’t record what passwords are chosen.