Exactly one week ago, the world commemorated the annual World Password Day. Well, passwords these days are the only thing between a hacker or intruder to our beloved data. In lieu of the recent saga of the heart-bleed bug, it is perhaps the right time to look at this again.
After the media disclosure of the bug publicly, which probably forced many administrators scrambling, some additional 2,500 servers were patched which then ironically introduced the then, unaffected servers. These system administrators, probably under pressure to “do something” then had to clean up the mess, but overall, the media disclosure did help to get most vulnerable servers patched quickly. For those who are not too sure what is this, here’s a simple summary:
The Heartbleed bug was a programming mistake that allowed attackers to pull 64k chunks of “secure” server memory which would typically host credit-card numbers, credentials and other personal information that you might have stored with the server.
So with that, and what the media calls the Open source’s worst hour and massive vulnerability, here come’s McAfee or also known as Intel Security with the World Password Day.
Here’s some interesting fact tibit for you guys:
- The most common password is “123456” and the second most common password, is “password”
- Research shows that 90% of passwords are vulnerable to hacking
- 1 in 5 Internet users have had their email or social networking account compromised or taken over without their permission
Together with Dell, Acer, Lenovo, Toshiba, Terra, UOL, CCE, Windstream, Positivo Informática’s Digital Business Area and many other companies, they are leading an effort to help educate consumers worldwide on the importance of password safety. We, or the Consumers, are encouraged to take the World Password Day pledge to change or strengthen their passwords by using the newly launched, http://www.passwordday.org, a dedicated destination for password education.
Here are the top 9 tips for password protection:
- Choose length AND complexity (use 14+ characters)
- Use a password manager such as LastPass (or preferably one that comes with encryption and stored away from your main device)
- Change passwords regularly
- Use different passwords
- Use case-sensitive alphanumerics (if symbols are supported, even better!)
- Don’t use any dates or facts that can be found online
- Don’t text, email or casually share your passwords
- Don’t use simple passwords (123456, password, qwerty, etc.)
- Don’t use one word passwords
Note: Remember to check if the site has the heartbleed bug patched already, otherwise, changing the password is useless! You can use the free LastPass to check if the site is still vulnerable.