If you didn’t get your fill of scares this past Halloween, sit down and read this article about password security from Matt Honan, the Wired Magazine writer who’s digital life was destroyed this past summer in minutes by teenage hackers. If you only read one article this year, you should read this one, but in case you don’t (or can’t or won’t), I’ll try to sum up the most important parts of the article:
- We are sacrificing privacy and security for convenience.
- Passwords (even long, hard to guess ones) are no longer viable.
- The technology industry hasn’t been able to come up with a better solution to this problem.
What this means for you:
Again, if there is one article you should read this year, especially as you gear up to get your online shopping done this upcoming Black Friday, it’s this one! You’ve heard me give you all the precautions and practices you should be following to better secure your online information, but Matt explains in easy-to-understand, non-technical terms why folks like me are growing increasingly concerned – and in some cases frightened. We, as a civilization, have hit a critical point in our history, and if we don’t make some careful choices and some necessary changes to how we use computers, we are heading down a road of security ruin that could impact anyone that uses technology as a critical part of their lives.
Until better solutions to the password problem arrive, there are some things you can do:
- Don’t use the same login and password for multiple sites.
- If it’s available, use 2-factor authentication to secure accounts, especially email.
- Don’t use easy to guess passwords. Use really hard ones for your most important accounts.
- Use a separate, hard-to-guess email account for password resets that is separate from your main email account. Gmail is great for this, as it offers two-factor authentication.
- For password hint questions, eg. “What is your mother’s maiden name?” use incorrect answers that aren’t easily found on the web, and only you would know.
Read the article for even more tips on how to make yourself harder to hack.
[…] the industry as a whole is still scrambling to come up with a solution to the failure of passwords as a security mechanism. So far, the best some sites can offer is 2 or 3-factor authentication, and as can be surmised from […]
[…] to get stuck in a vicious circle. In this particular case, technology has been navel-gazing on the password issue for years despite having the solution in hand decades ago: multi-factor authentication. In its most […]
[…] Honan, the Wired writer who had his digital identity stolen in a harrowing cyberattack last year, is back with another chilling article about yet another technology failing to protect us: this […]
Fascinating and troubling article. Thanks Chris. I’m not sure that I understand one of the tips that was listed. Will you please elaborate on “Use a separate, hard-to-guess email account for password resets that is separate from your main email account” ? This is confusing to me because if I’m resetting a password–let’s say it’s a bank password–isn’t the confirmation sent to the email address I have associated with the bank account?