Daily Archives: November 21, 2009

Protecting Your Data

Who are you willing to allow access to your password protected email address/online bank account/computer log-in, etc?

Recently I got an email from a contact of mine, telling me a story about how she had to go to another country to visit an ill cousin and now needs to help pay for some medical bills but don’t have enough money on her and can she borrow some from me?

It looked suspicious so I contacted the person and asked her if she had sent that email. Turns out of course she didn’t. So it came down to a hacked password in her email account. It was not possible to recover that email address as the hacker had changed the password, and reset the secret question and answer to be able to reset the password!

If you run into such situation where your email address has been hacked, here’s what I suggest you do, in this sequence:

1. First of all, if you have used the hacked password for anything else (which many people do), change those immediately, following the guidelines for powerful password creation below.

2. Try to change the password in your hacked email. Depending on the provider, there is usually a link for “forgotten password” in the login page. Use it and follow the instructions.

3. If you can’t change the password because the hacker already changed the secret question or alternate email address, see if  there is a validation page alternative like Hotmail has here.

4. Send an email to all your contacts letting them know about the hacking, so they are alert to any spoof emails coming from that address. If you were not able to recover your hacked email address account, send the email from a different one.

When you create a password, follow these guidelines:

a) DON’T use your name, date of birth, social security number, zip code, area code, or any combination of those in it.

b) DON’T use a word that can be found in a dictionary

c) DO use a combination of uppercase AND lowercase characters

d) DO include at least one number in it

e) DO include at least one special character in it (!@#$%^&*)

The reason for the above is there are programs that will automatically try to guess a password using a dictionary and other data that can easily be found in your computer. This is what is known as a “brute force attack“. Such an attack can be very effective, IF you violate the above guidelines.

Finally, it is recommended that you DO change your passwords periodically. I know people who literally have had the same password for everything for over a decade!

The above simple guidelines should keep your password-protected accounts/data much more secure. Don’t underestimate the power of a good password.