Must Read

Password Security And How Even Mark Zuckerberg Got It Wrong

News broke on Monday, 6 June, that Facebook CEO Mark Zuckerberg fell victim to hackers who compromised his Pinterest and Twitter accounts.

Now, the first question on everyone’s minds would be “Why in the world does Mark Zuckerberg have a Pinterest account??”, but that’s not a query we are able to seek to answer.

Hacking group OurMine has claimed responsibility for the shenanigans and as expected, the Facebook mogul’s Twitter and Pinterest accounts have been cleared of any evidence of the incident, but as the saying goes “What happens on the internet stays on the internet forever”.

How It Went Down

The hackers had allegedly gained access to Zuckerberg’s accounts via business networking site LinkedIn’s 2012 data breach, of which a hacker had posted a list of 6.5 million encrypted passwords on a forum. While password resets were enforced, the horrors resurfaced in mid-May this year, with a seller offering emails, passwords and account information of over 117 million users in the second round.

Reports have also noted that Zuckerberg’s Twitter and Pinterest account have barely been used, with the former being last updated in January 2012, a few months before the data breach.

The alleged password used by the hackers was also revealed to be ‘dadada’ – mortifyingly elementary, even for a babbling toddler’s standards. Perhaps Zuckerberg was applying his simple, yet effective way of dressing to his account passwords too?

zuckerberg
Image Credit: financetwitter.com

Regardless, it comes as timely advice. Here are 5 ways that you can keep your accounts and personal data safe, or at least, get a better shot at doing so:

1. Don’t use the same password for all your accounts

I get it, I get it.

It’s much easier to remember a single ‘impenetrable’ one as compared to bespoke combinations for each and every account you own – I was guilty of it myself! However, as we’ve all learnt from the Zuckerberg incident, when you apply this mentality to passwords, when one fort falls, those with similar walls do too.

2. Change your passwords regularly

I remember when my old workplace had us change our passwords every 90 days. Admittedly, I was annoyed that I had to come up with something new each time, but with situations like these happening, I guess you can say that it’s a necessary evil – especially for work-related matters.

For personal accounts, it is recommended that you do not go for over a year without changing your password. So that outdated password you’ve been using since your first Neopets account? Ditch it.

3. Rules set for password safety are troublesome but also necessary

Remember the annoying ‘password must contain upper and lowercase, numbers, symbols and the soul of your first pet goldfish’ criteria when you’re hastily filling in new account information? Well, it’s probably a good idea to follow.

Here’s popular Youtuber Natalie Tran’s (@communitychannel) hilarious take on the situation:

4. Simpler is better?

Ah, a common adage. While it’s particularly relevant for making our lives less complicated and clearing our thought processes, the same DOES NOT apply for our passwords.

Need more proof? Here’s a list done by password management software developer Splashdata, revealing the most commonly used passwords in 2015:

Image Credit: SplashData
Image Credit: SplashData

While the lack of effort does bring on a good laugh, you’d think that after all the hacking scares and conditioning by account registrations that more creative passwords would emerge – apparently not.

5. Even if you don’t use it, change its password

The reason as to why the hackers got their way with Zuckerberg’s Pinterest and Twitter accounts was basically due to negligence. Granted, Zuckerberg’s a busy man and the accounts didn’t seem to be very much utilised by him.

Same goes for our various accounts accumulated over the years – I’ve heard of friends having their >15 year old Neopets accounts hacked in the past few years, rendering them ‘penniless’ on the site. It’s not limited to my social circle, as Vice published an article on millions of Neopets accounts being compromised.

While it might not matter to the presently-working adults, the matter becomes more dangerous if your credit card information and email addresses are still on the site. With that information, hackers can gain access your currently-utilised accounts and cause much havoc even without leaving their seats.

As Jim Czulewicz, chief revenue officer for JumpStart (which owns Neopets) advices, “Any Neopets users, even if they no longer play on the site, should change their password. With the information in the dump, a hacker could potentially access other services if they are protected with the same password.”

Password Changes – A Tedious, But Necessary Habit

So there you have it, information that we all had at the back of our minds, but never really gave a hoot about – until stuff happens.

Password and account management can be a bore when we’re already so busy with our daily lives, but trust me, once you get over the initial compilation process, it will run like clockwork.

Feature Image Credit: Reuters

 

Subscribe to Vulcan Post Newsletter

Stay updated with our weekly curated news and updates.