I’m not the first person to say this, and I probably won’t be the last…
Make sure that you have different, secure passwords for every web service you use. I know it’s a pain, but the pain is a fraction of the pain you will experience if someone breaks into many of your online accounts.
People often ask me why it’s worth the bother. They are pretty careful, and it wouldn’t be too bad if someone broke into many of their online accounts. Maybe… but there are a number of very good reasons why you need to be more careful.
- however careful you are, you can’t protect yourself against a service provider’s inadequate security. If LinkedIn, Sony and others can get hacked, you can’t assume anyone is hack proof.
- if your password is made up from a dictionary word or name, it’s easier for hackers to crack. While adding numbers and symbols makes it better, don’t be fooled into thinking that p@ssword123 is a good password.
- whether someone gets your password because you gave it to them (inadvertently I assume) or because of someone else’s poor security, then any service you use the same password for is at risk. Once a hacker knows they can get into one of your accounts, it’s easy to try hundreds of other services with the same login details.
- if someone breaks into your email account, all bets are off – from there they can likely reset passwords on most of your online accounts and get access to just about anything they choose.
So, what to do about it.
- use a different password for every service you register for. Period. Even if it’s some site you don’t care about and may never go back to. There are plenty of tools to help you manage all your passwords (1Password, Roboform, Lastpass to name a few), or use a simple system to help you create easy to remember, unique passwords (this is my favourite).
- use strong passwords. Tools like 1Password will generate unique, strong passwords for you automatically, but it’s not hard to generate passwords which are hard to guess, but easy to remember. For example, the first letters of a memorable phrase, or four random words strung together.
- make doubly sure that your email accounts are secure. If you use Gmail or Google Apps, consider using their two step authentication. A bit more hassle, but much more secure.
Following these steps won’t make you invincible, but they will massively reduce the chances of your online accounts being compromised.