Due to the recent hack to Adobe’s database, it is highly recommended that you change all passwords associated with your Adobe.com account or any account created from an Adobe software registration.
According to CNN, it is estimated that the security breach at Adobe impacts over 150 million users. The Wall Street Journal indicates that online giants such as Facebook and Diapers.com, required users with breached accounts to change their password. In addition, banks and other organizations that provide online account access are also automatically resetting user passwords. You can check to see if your user name, email address, encrypted password, and password hint was included in Adobe’s security breach on a Dutch Student’s website, lucb1e.
3 Tips to Secure Your Online Accounts
Tip#1 Never provide your user name and password to an app until you can confirm it as a trusted source
Before you authorize social media applications such as Twitter, Facebook or Google permission to share your login credentials (Your user name and password combination) with other apps, look in the web address to be sure the URL matches the social media application granting the request.
For example, the image below on the right, displays the authorization request from Favstar.fm to you. Favstar.fm is requesting your authorization for Twitter to share your log in credentials, with them.
If the logo in the authorization request represents Twitter, Facebook or Google, then the web address must point to their website. Click the image below on the left to see that the web address belongs to Twitter, the social media website that Favstar.fm will use to make the authorization request for your login credentials.
In the same image, notice that the lock in the URL indicates the connection is secure and that the website is a secure source that you can trust.
Untrusted websites can steal your login credentials to hack your social media accounts. Be sure you only authorize apps from trusted websites.
Tip #2 Separate your online accounts by type and then, associate each online account type to one password
This will help you identify the online accounts at risk during a security breach. Tighten your personal password security policies when you use similar or different user names to access each online account.
An example of account types and password reuse:
(Online Account Type) Social Media Password Ja@kles456
- Facebook – (User name) Jane@yahoo.com
- Twitter – (User name) livingneogreen
- YouTube (User name) Jane2001@gmail.com
(Online Account Type) Banking, Credit and Auto Password: Hum@6Me
- Chase Bank (User name) Johnday
- American Express (User name) Johnday2013@yahoo.com
- Bank of America Visa (User name) Johnday61999
- Ford Motor Acceptance Corporation (User name) 356891A
Tip #3 Never use personal information as a password hint
With the number of web apps and APIs, this makes it very easy for hackers to discover who you are. One well formed request to an API from LinkedIn or Facebook and hackers can verify your employer, the name of your pet as well as the name of your daughter and your mother’s maiden name. If they search your social media page, they may find out your favorite food and or your favorite color. Take for example, this blog post from the NY Times, where the writer describes how someone broke the encryption on the hacked Adobe passwords, then revealed the passwords of other users when he used a text string search.
Questions about your family, first car, and favorite foods are all common things we use for passwords and password hints. Consider this, you may give away passwords and password hints when you post online, upload pictures online or complete online surveys on social media sites like Facebook and instagram or on your personal blog. Be smart, think outside of the bit! Keep your password hints unrelated to your personal life.
Remember, it is your responsibility to protect your online information. The ability to respond to a security breach can save you time and money to keep you Living NEO Green.