Please, Stop Helping the Hackers Guess My Passwords

There have been numerous high profile hacking attempts (and successes) in recent months and years. In 2012 alone, millions of accounts’ hashed passwords and other sensitive information was stolen across tens of different websites:

  • Zappos: 24 million accounts’ passwords and email addresses exposed
  • Global Payments: 1.5 million credit card numbers exposed
  • LinkedIn: 6.5 million hashed passwords stolen– many of which weren’t salted
  • eHarmony: 1.5 million hashed passwords exposed
  • Last.fm: Passwords compromised
  • Yahoo: 450,000 passwords leaked– in plain text

By now, I’m sure you get the point– your information is never safe. When you input your credit card number or password into to a website, you’re trusting they’ve taken the necessary precautions to safeguard this data. The reality is, there’s a lot of business that do not implement decent security practices.

In fact, the worst offenders not only store your password insecurely, but they prevent you from protecting yourself properly. In the event of a leak in which password hashes are made public, having an extremely secure password is the only way to keep yourself protected. A secure password can be composed of random letters, numbers, symbols, or even a long sentence that you remember. The issue is, not all sites let you use these kinds of secure passwords.

Read More