In the past month or so, the word “hacker” has dominated the news. There has been an alarmingly high number of high profile attacks and they’re only getting more frequent. And while the groups behind the attacks have been targeting large companies, the companies aren’t the only victims. By now I’m sure anyone reading this article is well aware of Sony’s misfortune with the PlayStation Network incident. We did a writeup on it back when it happened. And while that incident was certainly a total nightmare for Sony, the damage wasn’t exclusive to them, as the personal data of millions of users fell into the hands of the hackers.
And Sony is far from the only company that got hit. Just earlier this week we learned that Chinese hackers broke into the Gmail accounts of senior U.S. officials. And now, in an event that kind of brings us full circle, we learn that the Sony Pictures website was hacked. Again, user info was obtained.
Unfortunately, there isn’t a whole lot you can do when a major company loses your info like that. However, it is in your power to prevent your own accounts from being hacked and that’s something you should take very seriously, especially nowadays that we’re putting more and more important information online.
In the Sony article, I linked to a page explaining that multi-word phrases make for good passwords. Now I’ll do you one better. Use a full sentence to help yourself remember a string of letters, numbers, and symbols. For example, “Michael Kwan and Stephen Fung Enjoy Dot Com Pho” becomes MK&SFE.CP, which would be a very secure password.
This prevents hackers from using what’s called a “dictionary attack” to find your password. Unfortunately, a lot of computer users are still ignorant of proper computer security and they continue to use normal words for passwords. If you’re password can be found in a dictionary, then your account isn’t secure, plain and simple. Hackers will use a program that checks every word in the dictionary against your password and it’ll only be a matter of time before they get in.
And even when you find a good, secure password, don’t use it for every website. If hackers get a hold of it, they’ll have instant access to all of your accounts. Now I don’t expect you to remember dozens of different passwords and you don’t have to. There are plenty of websites that store multiple passwords for you. Lastpass is a good example and the Firefox plugin can automatically enter all of your passwords for you.
Put the “S” in https
Everyone is familiar with the “http” that precedes all URLs. Fewer people know about “https” and even fewer know what the difference is. “Http” stands for “hypertext transport protocol,” and it’s a protocol that allows information to be passed back and forth between you and a website you visit. When visiting “http” websites, crafty and nefarious computer users have ways of seeing the information you enter on that website.
If the website url is preceded by “https”, that means the website is secure, which is actually what the “s” stands for. These pages encrypt the information so that prying eyes can’t see what’s going on. Most pages that ask for extremely personal information – such as credit card numbers – will be encrypted. Sadly, not all are. Whenever you’re putting really sensitive information out there, check that url. Some websites, like Twitter, actually offer both. To be on the safe side, start using “https” whenever you can.