A November 2013 article1 illustrates the importance of taking common sense precautions with on-line passwords. Cyber criminals stole customer information from Adobe in September and posted it on-line.2 An engineer downloaded the stolen file and figured out a friend’s Adobe password from it.
The worst part is that the password hint for thousands of customers was "same as my bank password." Since Adobe had not encrypted the customers’ e-mail addresses, all the thieves have to do is guess which banks the people use and help themselves.
Here are a few practical tips for password security:
- don’t use the same password for all accounts. At a minimum make sure the one you use for banks and other important accounts is different from the one you use where security is less important.
- It is best not to write your passwords down. If you must, don’t store them under your mousepad, or taped to your laptop. That is like "hiding" your front door key under the door mat.
- Choose passwords that are hard to guess. But don’t make them too complicated; that just increases the likelihood you will write them down. Avoid things like your birth date, spouse’s name or other information that is easy to find.
- Adobe Breach Inadvertently Tied to Other Accounts, Nick Bilton, N.Y. Times Bits Blog, Nov. 12, 2013.
- Adobe To Announce Source Code, Customer Data Breaches, Krebs on Security, Oct. 3, 2013.
This article originally appeared in our free semi-monthly newsletter. To receive future issues, please add your name to the subscription list.