Fix Your Insecure Passwords in Five Minutes

A foolproof technique to secure your computer, e-mail and bank account.

Posted:
 
85145861
Mario Tama/Getty Images

It's tempting to blame the victim. In May, a twentysomething French hacker broke into several Twitter employees' e-mail accounts and stole a trove of meeting notes, strategy documents, and other confidential scribbles. The hacker eventually gave the stash to TechCrunch, which has since published notes from meetings in which Twitter execs discussed their very lofty goals. (The company wants to be the first Web service to reach 1 billion users.) How'd the hacker get all this stuff? Like a lot of tech startups, Twitter runs without paper—much of the company's discussions take place in e-mail and over shared Google documents. All of these corporate secrets are kept secure with a very thin wall of protection: the employees' passwords, which the intruder managed to guess because some people at Twitter used the same passwords for many different sites. In other words, Twitter had it coming. The trouble is, so do the rest of us.

Your passwords aren't very secure. Even if you think they are, they probably aren't. Do you use the same or similar passwords for several different important sites? If you don't, pat yourself on the back; if you do, you're not alone—one recent survey found that half of people online use the same password for all the sites they visit. Do you change your passwords often? Probably not; more than 90 percent don't. If one of your accounts falls to a hacker, will he find enough to get into your other accounts? For a scare, try this: Search your e-mail for some of your own passwords. You'll probably find a lot of them, either because you've e-mailed them to yourself or because some Web sites send along your password when you register or when you tell them you've forgotten it. If an attacker manages to get into your e-mail, he'll have an easy time accessing your bank account, your social networking sites, and your fantasy baseball roster. That's exactly what happened at Twitter. (Here's my detailed explanation of how Twitter got compromised.)

Everyone knows it's bad to use the same password for different sites. People do it anyway because remembering different passwords is annoying.

Comments
The Root encourages respectful debate and dialogue in our commenting community. To improve the commenting experience for all our readers we will be experimenting with some new formats over the next few weeks. During this transition period the comments section will be unavailable to users.

We apologize for any inconvenience and appreciate your continued support of The Root.

While we are experimenting, please feel free to leave feedback below about your past experiences commenting at The Root.
Must-See Family Attractions
July 29 2014 2:13 PM