Early last week , the Internet security researchers discovered a horrible problem called " Heartbleed " . It is a gap in the encryption tool used about two- thirds of Internet servers . If the gap was exploited hackers , login names and passwords for all your accounts can leak . Here's how to outsmart :
Site security checks before changing the password
It is not yet known what the affected site or passwords Heartbleed what affected . But if you have a Yahoo account , OkCupid , or Github , you should immediately change your password . Three popular site was known to be vulnerable , but they have strengthened security .
Other large Web companies have taken steps to face Heartbleed . You can check if a site has updated its security , by entering the domain name of the site was in https://www.ssllabs.com/ssltest .
If everything is green , the security of the site has been repaired and safely change your password . If not green , hold on . Changing the password on a vulnerable site will have no effect or even potentially uncover your new password .
If Heartbleed no , the password has always been the target of hackers . You should change the password for important accounts every 90 days .
Here are other tips : .
In addition to wearing a new password , now important for you to wear extra defense that has been available for many sites . This feature is called " two- stage authentication . " Some are calling it " the verification log in " , or many other names .
This option is offered many email services , banks , and social networking . He sent a code that can only be used one time ( usually via text message ) every time you ( or anyone else ) trying to get into your account . You must enter the code to access the account .
Use at least five different passwords
The biggest mistake that may occur is wearing the same password for all accounts . If your password is leaked on the website , someone might try to other sites .
Instead of trying to memorize all the different passwords for each site , you should memorize the password in a group . Start with five main categories : banks , email , social networking , online stores , and the latter , a rare site you visit . Among the categories , you can distinguish each password by adding one or two characters at the end of the password to indicate a specific site , such as AZ for Amazon.com .
If one of your retail stores terbobol , for example , you should immediately change all passwords in that group . This strategy might provide a bit of breathing space for you .
Choose strong passwords
What goes in the category of strong passwords ? Longer , the better . Set up a password at least six to eight characters in length , including numbers and letters . If your password appears on the list of words that are vulnerable hackers , should repeat from the beginning .
The name of the family pet and should be avoided . Therefore , cyber criminals are likely to have access to your personal information . They could observe through what your profile posted to your Facebook page .
Unfortunately , sites and applications have different standards and regulations about the amount and character of the password are allowed . For example , some sites do not accept capital letters , while others actually require it .
A friend recently determined to change the password on 129 accounts owned . He almost got frustrated when he found a site does not accept passwords with punctuation " and " or " & " . While the other sites did not receive a dollar sign or " $ " .
Important to use a unique password to your email address . Therefore , hackers were able to break through the email account you can use the " forgot password " to reset the passwords on your accounts to another.
Some people deliberately give wrong answers questions about security in the field . For example , " What was your first car type " or " Who's your pet name . " That way , hackers who have information about the user can not guess the correct answer .
There is help to remember
Write the password to something that is always tucked in the wallet it risky . However , better still storing passwords in a safe place , rather than copy it in a place that is easy to find.
However , there are ways to remember long passwords .
The most basic is a mnemonic tricks . For example , use the password in the form of a random phrase or word that you can remember . Or , use the first letter of each word of a phrase that you remember the password . So " I Left My Heart In San Francisco " to " ILMHISF . " That was the song that brought Tony Bennett , senior jazz musicians .
Do not get hung up on phrases and words that are attached to your life . Better to remember the made-up phrases . Like the wrong name for your dog , something that is difficult for criminals .
Another option : some people choose to rely on the service and password management applications , such as LastPass , PasswordBox , and 1Password . Services like this store all passwords in one roof , also suggests a strong password .
However , some security experts recommend that we not collect all passwords in one point which may be compromised, especially if the service as it saves the password of the remote server . Still, it is more secure than just using "1234 " or "password . "
WSJ
No comments:
Post a Comment