The Part of Heart Bleed No One Seems To Be Explaining

I’m sure, by now, you’ve heard all about Heartbleed and that you should change your passwords as soon as the websites you have accounts on confirm they are patched.

But I keep hearing from non-technical people ‘Why would anyone want into my Facebook/Twitter/other non-financial/credit card link account? For what purpose?’ And no one seems to be explaining!

So why should you worry?

Because hackers think you are dumb. They assume, rightly in a lot of cases, that you use the same username and password for all your logins. This is bad practice, of course, but lots and lots of people do it.

So the hacker harvests hundreds or thousands or millions of usernames and passwords from, say, Facebook, and then puts them into a programme that sends those username and passwords across the web. It automatically tries the username/password combinations it has saved and, if it gets lucky, gets into your bank, or your email (for phishing or replicating) or some other useful thing. And they have you.

So how do you remember unique passwords for all of the things you access?

There are three really easy ways to create secure and memorable passwords:

1. Think of a sentence that you will remember on a specific site, like Facebook Sucks But Everyone Uses It So I Do. Then take the first letter of each word: FSBEUISID and then add some symbols or numbers rather than letters: FSB3U1S!D. Appears totally random to someone else, but you will remember it!

2. Create a code of numbers, letters and symbols: 123&^324. For each website, add 2 or 3 characters to that code: FB123&^324. Now you only have to remember your random code and your website code.

3. Create a pattern on the keyboard. You look at the keyboard and imagine shapes on top of the keys. Trace those shapes with the keys and a totally random string of characters will be chosen, but all you have to remember is the pattern.

So wait until you get the all clear on your sites (there’s lists all over the web) and then get to strong password creation!

Posted in daily.

2 Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.