When I purchased my first Android based phone there was an option for a “connect the dots” style security measure. This consisted of a screen with nine dots which you had to connect in the right order to unlock the phone. It was a pretty neat idea until you consider how simple it is to see your pattern on the screen of the phone. Unless you keep your phone obsessively clean you will leave evidence of your unlock pattern right on the device making it easier for someone to unlock it. Google was quick to realize this and came out alternatives to this method which included passwords, PINs, and even facial unlock (which was a joke).
There is a rumor going around (from “sources wishing to remain anonymous”) that claims that US Law Enforcement and the NSA have been asking internet companies for user passwords. The article originally posted by cNet has made the rounds this morning across a few sites; all of them pointing back at the single cNet source. Now on top of everything else that is going on many people are ready to jump on board with this and further denounce the NSA, the FBI, DHS, IRS, and anyone else in the US government with initials. But outside of the claims from a single blogger at cNet are there any other indications that this is a common practice?
Ever have your e-mail account broken into, or your Facebook page vandalized because your 'friend' was able to guess your password? Even if you haven't, here are some basic tips to making your online accounts more secure and less vulnerable to intrusion from unwelcome guests.
The company SplashData has released a list of the "most popular" Passwords of 2012, which listed the most commonly cracked passwords by hackers. The list is based on incidents related to hacking users of different web portals and services, including Yahoo, LinkedIn, eHarmony and Last.fm. In all cases, it was an incredibly simple (read stupid) password, which hackers could crack without any effort. The report points out that many users still do not pay too much attention to the security of their online sessions. According to experts, no matter how much effort is invested in the development of secure systems, encryption, cryptography and anti-hacking tools that are becoming increasingly complex, in the end it all falls apart if users supplied their account to hackers "on a platter" with a password that even little kids could reveal.
LinkedIn has confirmed that some of the roughly 6.45 Million (yes Million) user passwords that were stolen by a Russian hacker and posted in a forum (where he asked for help in decrypting them) do correspond to LinkedIn accounts. The breach has come on the heels of recent issues with their mobile app. This caused quite a stir and has caused a few people to stop using the mobile app completely.