A conman you should listen to


Passwords for more than 6 million LinkedIn accounts were leaked by hackers this past week, and just after that was announced, there was a leak of more than 1.5 million eHarmony user passwords. The strong advice from security experts: Change your passwords now.
Here’s the scoop: you should change your passwords for these accounts, and if those passwords were used on any other accounts, you need to change those, too. Run, don’t walk, to change passwords if any of those accounts are related to your financial data.
Creating and managing passwords is a nuisance for many, but it is one of your first defenses against preventing identity theft and illegal access to your important accounts. It’s something you should take seriously.
Here are some security tips:

  • Ideally, you should use separate passwords for each account. At the very least, create and memorize unique, separate, and strong passwords for your banking and your email accounts, and any other accounts that have financially sensitive information. Do not re-use those passwords on other sites. That way, you would limit damage and exposure if one account is compromised.
  • Take the time to learn about and create strong passwords. Microsoft Security Center offers simple advice on creating strong passwords, as well as a secure password checker, a tool that you can use to test the strength of a password.
  • Make it a routine practice to change passwords regularly, particularly for key accounts. At a minimum, do it twice a year at daylight savings when you change your fire alarm batteries.
  • Avoid storing credit card information online. Enter it in every time when making a purchase. Today’s convenience might be tomorrow’s headache.
  • Never enter a password into an email or a site you have clicked through an email. Phishing can be very convincing. Instead, if you get a notice from a bank or some other account, go directly to the website from your browser and sign in there.
  • Consider a password managing service. While we can’t make a recommendation for a specific service, some popular ones frequently cited on tech forums include LastPass, KeePass, and 1Password. These have different features and benefits, and help solve the problem of remembering and storing passwords. While there are free versions of password management services, this seems important enough to consider paying an annual service fee for.

See our other posts on ID theft and scams.

One thought on “A conman you should listen to

  1. When I first got the notice from LinkedIn, I was suspicious. A common phishing scheme is to send an email with an urgent notice to click a link…which takes you to a bad site. But I typed in the url for resetting passwords at LinkedIn, and changed my password right away. This was actually a good exercise. My old password was quite simple; this forced me to create a newer more complicated password. Later in the day I noticed on a news feed that this breach was real, with an admonition to react quickly; as with this blog. Paying attention to our on-line security can be a pain, but it’s a small price to pay for all the benefits of open communication that the internet provides.

Leave a Reply