eBay has
revealed that it’s online servers have been hacked and the personal details of
15 million British users (that would include the Republic of Ireland)
have been stolen. Another press release has stated that all 233 million eBay
users personal details and passwords are now in the hands of hackers. Ebay has
urged anyone using the site to change
their password but in my opinion you
need to do much more than this. This article outlines some basic security
practices you should employ to ensure that
when a site you are using is hacked it has a minimal effect on your
security.
Managing Passwords
Protecting
your passwords is probably the most important thing you can do with regard to
your internet security. I say passwords because you should NOT use the same
password on more than one site.
This is key to maintaining your security
as once a hacker gets access to your data on any site their first ‘port of
call’ will be your email account. If the password is the same you’ve just given
them everything they need to scam or steal from you.
Storing Passwords
I do not recommend storing your password list
on your computer or a usb key or flash drive. Use the old fashioned method –
buy a copy book and keep them completely off your computer. When writing them
down ensure you do not make it too obvious what the password is for. Keep the
list secure, and keep a copy outside the house.
If you must store the passwords on your computer you should employ an
encryption program such as Truecrypt(click here to visit Truecrypt site) to create an encrypted area on the machine
or usb device for the password list. Because of space limitations I cannot
address use of encryption here but may do so in a future article.
Changing Passwords
Change your
passwords at regular intervals and never
reuse a password either on the same account or another account.
Password Format
You should
ensure your password contains upper and lowercase letters numbers and extended
characters. Don’t use personal information such as your date of birth as this
is easily guessed. For example say we want a password of tin can alley. This is how you might actually create this
password tiN*caN#alleY@4026. Note the use of upper and lower case letters,
extended characters *#@ and numeric characters. Avoid use of similar items
across passwords and do not reuse numeric codes. Remember the hacker will have
one of your passwords and will be working from that premise.
