The New York Times is reporting that several computer security firms say they have identified an effort by a Russian cybergang injected malicious code into at least 420,000 websites to gather the data. Because people tend to use the same password, or a form of the same password, on multiple sites, when even a medium-sized breach occurs, it can have major repercussions because those passwords are used on so many systems. This no medium sized breach. It' enormous.
Suggestions from the experts:
• Prioritize. Identify the accounts where your money is. Identify the accounts where your medical information is. Identify the accounts where your sensitive medical information is. Change those passwords now.
• Mix it up. Create passwords that are 10 characters or longer and include uppercase letters, lowercase letters, symbols and numbers
• Split social media and money. Do not use the same password for credit cards and bank accounts that you use for social media or websites. Do not even use a form of them.
• Revise record-keeping. Don't store your account information in an unsecured document on your computer or network. It is best to keep such information as a secure hard copy.
• Keep data close. Don't share your password, even with friends and family. If particular circumstances require that you do so, change the password at the first possible opporunity.
• Stay informed. Beyond changing passwords and creating better ones, watch the news for stories like this one.
Daily Kos Diarist stevemb suggests that we Use A Password Manager. "Most people simply can't remember more than a few strong passwords, so they fall into bad habits of using weak passwords (bad -- an automated guessing program will break it easily) or using the same password everywhere (worse -- one breach and everything falls).
The problem can be avoided by using a password manager; you only have to remember one master password. I use KeePass, which has versions for just about all platforms (including mobile devices) and is free; searching for "password manager" will turn up other options.
On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.
by stevemb on Wed Aug 06, 2014 at 06:02:49 PM CDT. Thanks stevemb