Thursday, June 13, 2013

Just for now



..................................... until we can find something better

DON’T
  • Reuse passwords.  If you do, a hacker who gets just one of your accounts will own them all.
  • Use a dictionary word as your password. If you must, then string several together into a pass phrase.
  • Use standard number substitutions. Think “P455w0rd” is a good password? N0p3! Cracking tools now have those built in.
  • Use a short password—no matter how weird. Today’s processing speeds mean that even passwords like “h6!r$q” are quickly crackable. Your best defense is the longest possible password.
DO
  • Enable two-factor authentication when offered. When you log in from a strange location, a system like this will send you a text message with a code to confirm. Yes, that can be cracked, but it’s better than nothing.
  • Give bogus answers to security questions. Think of them as a secondary password. Just keep your answers memorable. My first car? Why, it was a “Camper Van Beethoven Freaking Rules.”
  • Scrub your online presence. One of the easiest ways to hack into an account is through your email and billing address information. Sites like Spokeo and WhitePages.com offer opt-out mechanisms to get your information removed from their databases.
  • Use a unique, secure email address for password recoveries. If a hacker knows where your password reset goes, that’s a line of attack. So create a special account you never use for communications. And make sure to choose a username that isn’t tied to your name—like m****n@wired.com—so it can’t be easily guessed.

No comments: