January 8, 2009

Hack Attack

See?  I'm not just down with Twitter yet.  Here's a story about them getting hacked (and it wasn't that hard). "Happiness" as a password?  Gimme a break.

People look, you need to think about this stuff.  I don't know where I got this from, and I'm pretty sure I've mentioned it before, but here's a simple algorithm for password security:

First, make up a short password.  Preferably a random string of numbers and letters and maybe even with a funky character in there.  Nothing memorable.  Have a mix of lowercase and caps.  How about Br@1nS?  Ok, so you just commit that bad boy to memory.  Now, when you set up a password you use that AND the first and last letter or two from the site you're signing into.  So for Amazon.com your password would be amBr@1nSon.  For Paypal it would be paBr@1nSal.  Got it?  So it's easy to remember, hard to crack, and different for every site.

Also, those stupid questions you answer so you can remember your password?  Come up with fake answers!  Look what happened to Palin.  Someone tried to break into her account and the question was something like Name of your High School? and they just Googled it and Bam, they were in.  Come up with some algorithm for that.  Maybe if the question is Name your High School? you could have "GoofyAnswer High School" and for Mother's maiden name? you could have "GoofyAnswer Maiden Name" so you would always know what to type but again, it would be different for each site.

The next step would be password creation/protection software.  I won't list any here because I haven't tried them, but if you poke around on the net there are a few different options.

Any other ideas?