T4L: Pass On Passive Passwords

Advisory: Change all your critical account passwords (email, bank, social media) immediately and often.

I agree, it is troublesome to come up with complex and unique passwords for every online account or service (in my case, 82 and counting), but I believe (from anecdotal experience only thank God) that it is less troublesome than having your data, PC, money and or identity stolen, held at ransom, revealed or deleted.

The Problem
So, here is the background, way back (in tech terms at least) in 2012, there was a data breach.  LinkedIn, Tumblr, MySpace (remember them?) and other sites were hacked, releasing some 117 million login details including passwords into the wild.  I can’t say why the data remained underground so long; I can say, however, that the data is available for sale and is being sold to some bad people (yup, that is a technical term).

This affects you (and me), if you haven’t changed your password in a couple of years or if you re-use passwords across different platforms.  The hackers are, right this minute, using the data to attack your accounts.  And, they have succeeded.  High profile celeb accounts like Mark Zuckerberg's were among those compromised this week.  Think about it, he’s one of the world’s greatest programmers, and he was hacked.  Still feel you’re immune?

The Option
You can check if you've been compromised at: haveibeenpwned.com, but personally, I’m busy.  So, I’d rather skip this step, assume all old passwords have been compromised and set new ones.  Even “the leader of the free world” resets his nuclear launch codes periodically, why can’t you reset a few passwords?

So real is the threat, that several sites forced subscribers to reset their passwords to gain access.  They completely denied access with old passwords.  Why not take their lead and take a moment to reset all your passwords.

The Solution
Before you start to complain about the brain power required to compute and mentally store scores of unique passwords, consider a password manager.  Check out cross-platform options like 1Password and LastPass.  Apple ecosystem dwellers can rely on Keychain.  Trust me, this is not the time to skimp; pay for the best service you can afford and enjoy convenient features and options.

While you're at it, going through all your accounts individually and setting up UNIQUE passwords for EACH account, why not take another moment to enable two-factor authentication (2FA) on every account that supports it.  Recently Google made 2FA simpler and other will follow suit, but that is for another post.

The combination of strong, unique passwords and 2FA is , currently, the best protection against hacking.

Tech4Life airs every Wednesday morning at 8:15 am on @RJR94FM