Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Tech-Related News Tech-Related News
Search Search
Search for:
Tech Support Guy > > >

Wired Journalist Hacked


(!)

WendyM's Avatar
Trusted Advisor with 3,997 posts.
THREAD STARTER
 
Join Date: Jun 2003
Location: Northern California
09-Aug-2012, 11:25 AM #1
Wired Journalist Hacked
Heard this on NPR this morning. It reiterates a lot of the things we already know about password security and backing up data, but it also shows how easy it is for someone to get into your accounts with a very small amount of information:

http://www.wired.com/gadgetlab/2012/...n-hacking/all/
valis's Avatar
Moderator with 63,678 posts.
 
Join Date: Sep 2004
Location: as above
09-Aug-2012, 12:44 PM #2
been following that since it happened.....talk about a black eye for Apple.

by the by, here's another good read about social engineering and how effective it can be.

http://finance.yahoo.com/news/how-a-...-wal-mart.html
WendyM's Avatar
Trusted Advisor with 3,997 posts.
THREAD STARTER
 
Join Date: Jun 2003
Location: Northern California
09-Aug-2012, 01:27 PM #3
Yeah, I imagine it's surprisingly easy to get people to give you what seems like innocuous information. Nobody's going to give you a social security number or a credit card number, but a casual chat about the type of computer you're using? Sure, why not?
valis's Avatar
Moderator with 63,678 posts.
 
Join Date: Sep 2004
Location: as above
09-Aug-2012, 01:33 PM #4
especially if you say you are from corporate IT.
dandxg's Avatar
dandxg dandxg is offline
Member with 72 posts.
 
Join Date: Feb 2007
Experience: Intermediate
12-Aug-2012, 01:31 PM #5
So how do we deal with this then, hacking passwords?
I have so many passwords and user names, I kid you not it must be 80-100. I can't even keep them written down so I use a pretty weak one frankly for e-mail and no secure stuff and then use a couple of strong ones for everything secure required. I mean what's the answer to keep track of so many user name passwords, Roboform? Or just put them in excel and obfuscate them?
dandxg's Avatar
dandxg dandxg is offline
Member with 72 posts.
 
Join Date: Feb 2007
Experience: Intermediate
12-Aug-2012, 02:19 PM #6
If you guys are really interested there are some good books on social engineering and there is a forum on linkedin, black hat that talks about some of this.
Ent's Avatar
Ent   (Josiah) Ent is offline Ent is a Trusted Advisor with special permissions.
Computer Specs
Trusted Advisor with 5,270 posts.
 
Join Date: Apr 2009
Location: United Kingdom
Experience: Intermediate
12-Aug-2012, 05:59 PM #7
Quote:
Originally Posted by dandxg View Post
I have so many passwords and user names, I kid you not it must be 80-100. I can't even keep them written down so I use a pretty weak one frankly for e-mail and no secure stuff and then use a couple of strong ones for everything secure required. I mean what's the answer to keep track of so many user name passwords, Roboform? Or just put them in excel and obfuscate them?
Password managers can be a good solution.

Remember that some passwords need special care. As the article points out it's particularly important to protect services which are considered an authoritative indication of who you are. I'd suggest it could be more dangerous to reuse a password on 10 sites than to use the same password for your main email and one other site. The simple reason is that if someone does gain access to your email, they'll normally also have access to dozens of "password reset" options on external sites.
loserOlimbs's Avatar
Computer Specs
Member with 7,800 posts.
 
Join Date: Jun 2004
Location: Wichita, KS
13-Aug-2012, 09:07 AM #8
Quote:
Originally Posted by dandxg View Post
I have so many passwords and user names, I kid you not it must be 80-100. I can't even keep them written down so I use a pretty weak one frankly for e-mail and no secure stuff and then use a couple of strong ones for everything secure required. I mean what's the answer to keep track of so many user name passwords, Roboform? Or just put them in excel and obfuscate them?
There are a few ways.

1) There are Password Managers. Things like Keepass http://keepass.info/
Its free, and will store your passwords, generate them for you, and even allow you to use passwords more secure than what you can generally remember. Things like 30 character passwords randomly generated with Mixed case, numerals and special characters.

2) Group your passwords. I like this idea personally. Its an easy way to keep your passwords separate, but not have dozens of passwords. Have 1 password for things like forums, another password for email, a third password for banking sites. Most importantly here, is that if someone gains access to one, they can't automatically have access to it all.

Things I would not do, is leave any of these open or use open storage. For example if you use Keepass, secure it with a really good password.

Do not use thing like Firefox's "remember my password" feature. It takes me a matter of seconds to locate the database Firefox stores these in and decrypt them to plain text.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑