This post comes a bit later than I originally intended, but with things so crazy here at work as the semester has gotten underway, I’m surprised that I’ve had any time to sit at my desk in the first place.
It may be old news by now, but this article, which details the now-infamous hacking of journalist Mat Honan, is one of the scariest things I’ve read in a long time, at least from a digital life perspective. Before you continue reading this post, please take some time to read the article if you haven’t already. (note: the article contains some strong language).
Done? Good, read on.
Since the time of the hacking, Apple has reportedly stopped allowing iCloud password resets over the phone, and Amazon followed suit some days later. But the underlying premise here is still very real, and very concerning – just how secure are your sensitive data and accounts online?
This post is going to be a short post with a few links for you to read, focusing on two security measures that I strongly recommend you take.
First, if you have a Google account, enable 2-step verification (also called 2-factor authentication). It involves a traditional password (“something you know”), but adds an access code sent via SMS to your phone (“something you have”). It takes more time, but you can opt to do this every 30 days if you’re on a trusted computer. Plus, you’ll get an SMS in the event that an unauthorized party successfully gets past your password phase on your account. Rather than go over it in detail here, I’m going to instead link you to a good article and video about it.
Second, in general, your passwords should be strong passwords. Some guidelines to follow can be found here. Also, one of my favorite webcomics did a strip about this topic as well, seen here. Bottom line – password length matters more than all of those “special characters” that website ask you to enter.
Finally, I am exploring password managers such as 1Password. I haven’t ever used one before, but they seem like a decent enough idea.
Please take steps to secure your online identities and information. Don’t wait for the companies who hold all of your personal information to patch their holes. Not everyone who hacks accounts like in the story above is doing it just to educate the masses…