3 things got me to changing some more passwords online. I had recently changed some already … after warnings related to Facebook. I think a lot of people have a bad habit of using a couple or a few common passwords (often combined with our email addresses) to log onto the ever increasing numbers of sites and accounts online that we have to deal with. The problem is that if one of those sites gets hacked or social engineered (someone physically pretends to be YOU on the telephone or whatever…) then other accounts of yours are also vulnerable along with any single one.
Use more than one password … and change them often. I know its work … but it’s better than having an account OWNED. I had a Bellsouth email account taken away from me a few years back – and trust me it’s no fun! (* Well, except for Me – throwing them back OUT was pretty fun – since I reported them to everyone in their company and their ISP.)
Anyway Tim O’Reilly on my Google+ had a posting about this stuff. And I had already bumped into a warning from Google that I should use 2-step verification for logging on to Google. Supposedly someone had logged in, or attempted to log in to my account. (that was the premise anyway.) So I set up the kind of Pain-in-the-Ass 2-step thing with Google … along with the special custom email log on passwords for Gmail (which are now completely separate passwords between my iPhone and my Desktop PC) which I don’t even care to know what they are (this is the recommendation from Google.) The two step thing involves 2 things to thwart hackers (other than yourself) 1 – your username and password, and 2 – a code that is sent (either voice call or Text Message) only to your phone. Both are required to log on after that. You can allow “trusted computer” of yours to log on without that for up to 30 days. And that’s good enough for me.
So along the way I also got Tim’s recomendation of this article: http://arstechnica.com/information-technology/2012/08/secure-your-digital-self-auditing-your-cloud-identity/ - I already have read some of their articles as I have them on Twitter in my iPhone.
So … all good stuff. I went a changed some other mission criticle passswords that weren’t on the Google gridwork … just to be extra extra safe. And now I feel a lot better that I can have Happy Rest of Year. New passwords are not related to anything that can be social engineered or researched about me – so doing so would be pointless for man or machine.
—
Alan Spicer
http://www.marinetelecom.net – http://www.wifiyacht.net
+1 954 683 3426
communications @ marinetelecom.net