Since social media account hacking is trending these days for many reasons — I assume companies trying to sell a service, infrastructure vulnerabilities, unhardened API, or price to pay for being popular or using weak passwords — it’s high time to touch on this topic.
Short words in the dictionary like “apple” is not a strong password.
Nature of the Beast
“Strong passwords” are those that are hard to guess.
There’s nothing we can do about account hacking as a result from platform-related issues like weak security infrastructure or data theft. We’ll tackle what users can do on their own to minimize the chances of hacking from happening. There’s no amount of “two-step authentication” that can prevent accounts from getting hacked. Just as companies get smarter so are hackers. Technology is available to both parties, so it’s simply a matter of wits and time.
If you’re popular on social media, you can rest assure that hackers will attempt to take control of your account, even briefly. Unless you share sensitive information on social media platforms, the most hackers will get from a successful account hack is notoriety. I believe for some that’s their goal.
Old School Passwords
It’s counter productive to come up with a password that even you won’t remember.
So what can you do about your passwords? Use a password that will take time to guess. That’s all there is to it.
Most online services, aside from financial institutions, require passwords to be longer than eight characters with a mix of letters in upper and lower case, numbers and some special symbols like punctuation marks. Others recommend passwords to be random characters that bares no resemblance to any word in the dictionary. This recommendation originated from the Unix world. I’ve worked with these people and they can be very nitpicky about security, some are understandable while in other times overkill or impractical.
Some portals have password generators that suggests passwords for you whenever you create an account or (forced to) update your account password. An example of this are M&;p9SnfY2(( and +m(zC$_k3EPG. Many online services also recommend you change your password regularly. So you have to memorize a random string of characters that’s difficult to remember. And by the time you’ve memorized it, you’ll have to come up with a new one. It’s good if you only have one online account to maintain. But when you use multiple apps, websites and e-mail accounts, it becomes daunting… if not impossible.
Never Share Your Password
Forget about signing up for single sign-on service (SSO), which is an even riskier option. You’re trusting one company to safeguard the keys to all your online accounts. If they get compromised, all your accounts will be compromised. Malicious acts can happen internally too. When it comes to user privacy and personal data, the lack of regulation in the technology industry doesn’t provide a lot of assurances that tech companies won’t abuse your data.
Be Smart About Your Password
So now what? It’s time to do away with single-word passwords or passwords so difficult even you won’t be able to remember. Here are few tips on passwords without all the string attachments:
- Use phrases not words, but still use letters, numbers and special characters like punctuation marks.
- Come up with passwords that you can easily remember.
- Avoid using security questions that are based on publicly available information.
- Avoid recycling security questions between apps, platforms or services.
- Store your passwords offline in a password protected document — on your phone temporarily but never the cloud.
- If your account is popular, change it periodically, but keep track of the changes in a document.
Ditch the single word password, use multi-word or phrases instead like mottos, quotes, scripture passage, etc. Keep in mind that upper and lower case letters matter.
Sequoia Trip 2019!
Aliens are coming in 2010?
#Vancouver 2010 Olympics
Buy Me 2 Starbucks!!!