If It Happened to Him, It Can Happen to Anybody. (Yes, Even You.)
"Yeah, yeah, yeah."
That's what most people say to themselves when they read another article on passwords and the need to be smart about them.
Or maybe what they say is "da-da-da."
Most people are lackadaisical about the topic because they haven't had an account breached (broken into) because of a password takeover. Or maybe they think the warnings are exaggerated.
After all, any genius knows better than to use a simple password for the Internet. Or to use it for more than one account.
Evidently, every genius does not know that. Just ask Mark Zuckerberg.
Yes, that Mark Zuckerberg, chief executive officer of Facebook.
Facebook security tip.
Evidently, Facebook provides this piece of advice to all of its customers: "Don't use your Facebook password anywhere else online."
The reason is a good one: If hackers steal passwords in bulk from one business or organization, they'll try those passwords on other accounts. It's a little like finding a key in a big building and seeing what doors it will unlock.
Facebook's password advice isn't exclusively for its customers—it's good advice for everyone.
Still, it's just too easy to hear these warnings and ignore them, or say, "I'll get around to it...one day." That's what too many people do. And it will catch up to you, if you're one of them.
Just like it happened to Mark Zuckerberg.
Take your own advice, chief.
Evidently, Mark Zuckerberg used the password "dadada" for his LinkedIn account. According to a June 2016 report in The Wall Street Journal, hackers got into LinkedIn in 2012 and stole more than 100 million usernames and passwords. One hundred million!
Even though that was four years ago, Zuckerberg's stolen information showed up in an online database of stolen IDs not long ago (early 2016). His "dadada" password for LinkedIn, as it turns out, was the same one he used for his Twitter and Pinterest accounts.
How do we know that? Because hackers used that information to hack those two accounts.
And who knows where else he used that same password and what kind of damage it may have caused there!
This is sound advice. Are you listening?
This type of story—about simple passwords used for multiple accounts getting caught up in a hack—isn't a rare occurrence. It's ongoing, and the stories just get scarier.
That's why Facebook says right up front, Don't use your Facebook login and password combinations anywhere else. Very good advice.
In June of 2016, hackers released 360 million email addresses and passwords stolen from MySpace.com. That information showed up on a website that puts up that kind of juicy data for sale to other crooks who want access to it.
One group of online thieves that deals in dirty data—selling access to leaked stolen data—claimed in early 2016 to have added one billion entries to its database of hijacked login information.
And the owners of those hijacked usernames and/or passwords weren't even aware of it.
Again, if you are using the same password (whether it's simple or complex) for multiple other accounts, you are giving hackers a greater likelihood of striking pay dirt if your password is ever stolen. And every day, it seems, another organization is being hacked and caught off guard.
Unfortunately, you're the one who might end up paying for their security weaknesses.
More password tips.
Here is a list of tips from security experts that will help you stay safe and can help keep your passwords and user information out of the wrong hands. Some of them may seem simple to you—but remember that when it comes to your online safety, it's important to take extreme measures.
- Make sure you use different passwords for each of your accounts.
- Enter new passwords in privacy. Just as you don't let anyone watch when you enter your PIN at an ATM, don't let anyone watch you key in your password.
- Don't tell anybody your passwords either. They won't protect them like you would.
- If you walk away from your computer (or smart device), always log off, especially if there are others around (as in a workplace). It can take only a few minutes for a devious high-tech type to change your password or hijack it.
- Put up a strong line of defense by having good security/antivirus software that you keep up to date. Avoiding the latest malware is key to staying safe.
- Be very wary of entering passwords on public computers. For instance, at a library—you could run into malware that steals passwords. If you can't avoid it, make it a point to change that password the first chance you get...from a different computer.
- Free Wi-Fi connections at airports and coffeehouses are hotspots for hackers. Avoid using sensitive passwords there (credit card accounts, banking, etc.). Better still, sign up for and use a Virtual Private Network (VPN) whenever using free Wi-Fi.
- Change your passwords at least once a year on all of your accounts. Make it a habit.
- Don't use obvious passwords, such as 1234, ABCD...or dadada. Security experts suggest using at least eight characters of lowercase and uppercase letters, some numbers and, if they're allowed, special symbols (&, %, @, etc.).
Your passwords to your online accounts are like keys on a key ring that open doors to everything important in your world. You wouldn't give your keys to strangers or leave them around for someone to grab and copy...and use.
Treat your passwords the same way. Handle them with care and, to keep hackers out of your life, change them often.