As the rain continues to fall in Los Angeles, I find myself reading an expose on passwords. Following the recent hacking into Google’s email and RockYou, the company that makes all of the software for Facebook, MySpace, and other social networking sites, there has been a deeper look by security professionals into password security. When the hackers that broke into RockYou obtained the passwords to its sites, they went so far as to publish the passwords online. Other hackers and security researchers quickly downloaded the list; one group to wreak havoc, the other to better understand the mentality of computer users.
123456, abc123, qwerty, and password seem to be popular favorites. In many cases, researchers determined, hackers don’t even need to work at breaking in. When so many people use the same passwords, criminals can simply try those first for ease and strike gold right off the bat. It’s like when people leave their keys in the ignition. What car thief doesn’t love that?
Jeff Moss of the Homeland Security Advisory Council advises a different password for each account: 1 for the bank, 1 for the credit card, another for email, and so on. And if your memory can’t handle that, he recommends a 12 letter/number combination. What hacker is going to spend that much time trying to decode a 12 digit password when he can just move on to the next guy and type in monkey? (see #14)
With all this rain, today seems like the perfect day to change some passwords. I’m thinking why stop at 12 digits? Maybe 14 digits, ancient Latin, and a retina scan. Unless your name is HxT584Jpu. Nobody’s going to guess that one.