How Does It Work?
September 17, 2008
Passpack Responds to Email Hacking of Sarah Palin
Sarah Palin Learns About Password Security the Hard Way
News reports that vice presidential candidate Sarah Palin's personal email was hacked and posted on the Internet brings national attention to the growing problem of online security. The group who invaded Palin's Yahoo account likely gained access through an attack on Yahoo's password recovery system. It's estimated more than 21 million passwords are stolen every year. For those who aren't celebrities, cyber snooping is likely to be done by somebody you know; 47% of all identity theft is perpetrated by friends, neighbors, fellow employees, family members or significant others.
How Are Passwords Hacked?
- Brute Force: hacking software available to anyone online, these services attempt to guess your password over until they break in.
- Challenge/Response: to recover a password, you're asked questions you answered when you set up your account, usually easily attained information.
- Social Engineering: such as "phishing", the user is tricked into divulging his password through an email or phone call.
"Even the most secure website is only as strong as the password you create; your best defense is to create unique, complicated passwords and to utilize a password manager," says Tara Kelly, Co-Founder of Passpack, a free online password manager. "A brute force attack can guess a weak password within minutes," she said.
Passpack offer these tips for password security:
- Use as many characters as a site allows: uppercase, lowercase, numbers, symbols, sentences. Don't use personal information: names, telephone numbers, addresses, favorite movies, etc. If you can't choose a long or complex password, change it often.
- Use a password manager like Passpack to create and store super-strong passwords. Be aware that some "password recovery" sites are phishing schemes, so only use sites recommended by authorities like cNet and PC Magazine.
- Use trusted online software, it's more resistant to brute force attacks than software on your hard drive.
- Give false answers no one else can figure out to online security questions to avoid challenge/response attacks.
- Never write down your passwords anyplace someone could have access: post-its, computer files, cell phones, laptops.
- Never respond to an email or phone call asking for your passwords or personal information.
- Avoid these common passwords
- (your first name)
Passpack stores your passwords in an online vault only the user has access to through a strong password phrase: the packing key. No need to remember individual passwords, just your packing key- so use stronger, unique passwords for each online account. Passpack gives you a password generator, and resists all three types of password attacks. Passpack is a free service, accessible from any online connection.
Since 2006 Passpack is the leading innovator in web-based password management and secure collaboration. Passpack employs the highest grade encryption systems, coupled with security patterns built specifically for the Internet to guarantee complete data privacy. Businesses worldwide trust Passpack to protect their logins every day.
Contact - Tara Kelly, email@example.com