CyberVor Attack Illustrates the Need for Password Managers
If you’re not already using a password manager, now would be a good time to start.
Last week, in the largest online security breach to date, a Russian crime ring stole the passwords and user names for 1.2 billion accounts on at least 420,000 different websites as well as over 500 million unique email addresses. Hold Security of Milwaukee, the firm that uncovered the breach, attributes the theft to a group of roughly 20 hackers from south-central Russia working under the name CyberVor. (“Vor” means “thief” in Russian.)
The CyberVor attack follows the massive data breach from the Heartbleed virus in April, illustrating the difficulty of keeping personal information safe in our high-tech world.
As a safety precaution, experts recommend changing all of your passwords after an online attack hits the news. Ideally, your password should be at least eight characters long. It should include a combination of letters and numbers, including punctuation symbols like an exclamation mark if the site allows this. Use both uppercase and lowercase letters. Avoid passwords that incorporate easy to guess information, such as your name, the names of your children or spouse, your hometown, your birthday, or your zip code. Passwords shouldn’t use words that can be found in a dictionary, but you can make your password more secure by using substitute characters in words, such as replacing the letter O with the number zero or replacing the letter S with a dollar sign.
Of course, finding a clever-hard-to-crack password is only half the battle. You should have different passwords for all of your online accounts, so hackers who gain access to your Facebook profile aren’t able to successfully read your email and make withdrawals from your online bank account. If the idea of manually creating special passwords for every online account sounds like a huge hassle, the best way to protect yourself is to use a password manager. A password manager is a program that lets you set a master password and then creates individual passwords for all of your accounts. The data is protected using secure encryption.
To use a password manager, All you need to do is remember the master password to access your information. As an added bonus, most password managers have built-in protections against online threats from keylogging malware, phishing, and pharming. Popular online password managers include LastPass, Dashlane, and RoboForm Everywhere. Most password managers offer both free and paid versions, although paid services provide more options such as the ability to use the service on multiple devices and to sync between devices.
Photo courtesy of Dev.Arka via Flickr.