The ancient art of password cracking has advanced further in the past five years than it did in the previous several decades combined. At the same time, the dangerous practice of password reuse has surged. The result: security provided by the average password in 2012 has never been weaker.
The average Web user maintains 25 separate accounts but uses just 6.5 passwords to protect them, according to a landmark study (PDF) from 2007. As the Gawker breach demonstrated, such password reuse, combined with the frequent use of e-mail addresses as user names, means that once hackers have plucked login credentials from one site, they often have the means to compromise dozens of other accounts, too.
The article goes pretty in-depth into the hacking/cracking methods used, but the early parts and the very end should be enough for the less technical folks. This is something to keep in mind, both for your personal accounts and anything you’re responsible for at your library/workplace.
Social Media Security Basics [infographic]
Written with government in mind, but applies to anyone using Twitter for professional/organizational purposes.
As we all use the internet to store more and more of our personal information, documents, music, etc., we need to be mindful of the risks involved and take measures to defend against hacking and other intrusions into our data.
… Her move to the cloud had coincided with the larger and irreversible shift of business, personal, governmental, and every other sort of activity to the cloud. The shift is irreversible because it brings so many advantages. Who would go back to searching for addresses on paper maps after using online mapping services? Needing to save and file canceled paper checks rather than inspecting them online, or doing a thousand other chores in pre-cloud form? In addition to these corporate and public services, whose users are increasingly conducting their business and storing their data in the cloud rather than on paper, our personal data has moved to the cloud as well, with the premise that we’ll be able to retrieve and work on our correspondence, our contacts, our photos and documents, from any computer connected to the Internet. But, of course, the more we rely on the cloud, the more we expose ourselves to its vulnerabilities. These include the breakdowns that affect any complex system. …
Wolfram Alpha terrifies me, in all honesty. It’s like SkyNet combined with Google, and we know all about those two things – they will eventually take over the world. (Yes, one of them may be fictional, but you get what I am saying, I hope.)
However, one of the niftier things that Wolfram Alpha has to offer these days is its ability to generate passwords for all your favorite services. Let’s take a gander at just how this works.
Do you always use unique passwords? Are those passwords always “strong”? Does your library’s web presence require strong passwords for all users? Do you have password recommendation clearly posted on your web resources for your users? What makes a good password? Are complex passwords the most secure? Is it uniqueness? Is length the most important thing in a password? I’ll start by saying the single most important thing is uniqueness, never reuse a password on everything.