Monday, November 7, 2011

How Secure Are You?

Ask yourself:
  • How easy would it be for someone to guess my password?
  • How many sites to I frequent? Do I use the same password for each site?
  • How important is the information that I have online?
  • What would I do if I lost it all?
There are a whole load of questions that you can add to this list about online security. Often many of us don't really think about this until after the fact. That is, after we may have been compromised. Recently in an article in The Atlantic Monthly, James Fallows recounted how his wife's Gmail account was hacked and the ensuing fall out that came of it (including deletion of 6 years and over 4 Gb of emails - they were eventually recovered but only, it seems, due to the author's connections with some big players at Google and the relatively new Undeletion Project). You can read the lengthy and detailed account here.

In the end, however, we are left with three suggestions about network security:
  1. Use Gmail's new 2-step verification - As stated, this is a Gmail only suggestion. You can set this up while in Gmail by clicking on Account Settings and under Security clicking on Using 2-Step Verification. Part of the process will be a 6 digit code that Google will send you that you will need to login if you are on a computer other than your own (on your own computer you will only have to use it once every 30 days).
  2. Use strong passwords - using words isn't necessarily good but if you don't, your password may be hard to remember. One workaround is to use more than one word or better yet, a phrase that would be familiar to you (including spaces - since to a hackers computer a space is no different than a letter and thus the password looks like a long string of characters). If you can it may also be good to use a string of non English or gibberish words that only you would know.
  3. Don't reuse passwords - if you have several accounts, don't use the same password for each. This doesn't mean you need to remember 100s of passwords. However, for sites that need to really be secure (online banking, email etc) you will probably want to do this for them. Then for sites that you would rather not be compromised (AirMiles, Chapters etc) create two or three strong passwords that you use for all of them. Then for sites you may not care about that require passwords you may want to create one or two passwords to use for all of them.
Now, doesn't that make you feel all warm and fuzzy.

No comments: