A couple of weeks ago, Sam couldn’t decide if this was a threat or a sales pitch.
I’m talking about the recent hacking from a Russian group. In total, they stole 1.2 billion usernames and passwords. Hold Security was the company that alerted the world to the security breach.
The hackers hit roughly 420,000 websites.
As Sam wrote of the ‘attack’:‘I don’t doubt there was a massive hack by a Russian cybercrime gang. But the language used by Hold in their threat report does seem a little “salesy” to me.’
Because of this recent attack, Sam explained some steps you can take to protect yourself online…
Things like changing passwords every two months, or more. Make them complex as well. Use a combination of upper and lower case letters, symbols and numbers too.
For regulars online this sort of thing should be second nature.
But one of the problems with constantly changing our access details is remembering them.
I recently worked out that I had 17 unique passwords that I change regularly.
Quite frankly, I can never remember them. Which means I have them written down somewhere with cryptic clues to remind me what they are.
This is part of the problem. In order to protect ourselves, we’ve made these brilliant passwords that no human can easily remember.
There are password remembering sites like keepass.info and lastpss.com that help. However I’ve yet to use one of these sites.
And I’ll bet many of these passwords are still ‘crackable’ by skilled hackers.
In some cases, the tougher we make our passwords to remember, the easier they are to crack.
To prove this point, check the ‘How Secure is My Password?’ site. You simply enter in a password, and it will tell you how long it will take to crack.
Take this for example. Passw0rd1 would take a standard desktop PC about 39 days to crack. I tried one of my more recent passwords and was told it would take about a year. So I got a little more creative, and I ended up with a million years.
Much better you say?
Not really. Because I’m stuck with a bunch of letters and numbers that make no real sense to me. Plus, most hackers aren’t using a ‘standard desktop PC’.
As one website wrote, ‘Through 20 years of effort, we’ve successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess.’
For the past couple of years, internet blogs like lifehacker.com reckon multi-word passwords are safer than what we use now.
In other words, a sentence of mismatched words increases the difficulty of your password.
I’ll explain what I mean. The websites I mentioned above say it isn’t numbers and symbols that make your password tough to crack. It’s the length.
The suggestion is to put three, four or five ridiculous words together. And this will make your passwords more secure.
When I tried a password like ‘giantbirdsflyinghigh’ – the site tells me it will take 157 billion years to crack.
There might be something to the idea of using silly sentences as a password.
But don’t think a password which takes a million, or a billion years to ‘hack’ would be a ‘safe for life’ password.
Let’s be honest. No password is safe for life. A reality of the digital age means we have to constantly alter how we verify ourselves.
The recent Russian hack proves this.
The problem is passwords are the most common way of confirming ourselves online.
Some companies use biometric information to validate us. But there’s yet to be a mass take up of companies offering this tech. Also, some people don’t like the idea of a company storing physiological information about them.
However, one Aussie researcher has come up with an idea.
Queensland University of Technology researcher Xavier Boyen reckons people and cryptography should be working together.
Assistant Professor Boyen believes we have too many passwords to remember. As he told the Australian recently, ‘We have a lot of new techniques that would be much more amenable to human operations while retaining the proven security that we seek in terms of mathematical cryptography.’
Boyen thinks by using cryptography we can make our online information safer. Another benefit is that it will be easier for us to remember.
Traditionally, cryptography requires heavy computer calculations. This means it’s pretty much useless for everyday life.
Because of this, Boyen has a very simple suggestion.
‘It could be the case that when you authenticate to a bank, instead of typing in your password the bank will send you a list of numbers and you know that you have to pick the second, the fourth and the fifth of those numbers and add them together.
‘Using these kinds of techniques, as one example, it is possible to actually hide from the phone – which may not be working in your best interests – what your password is, what your secret is.’
Initially, Boyen could see this idea for secure electronic voting.
But this sort of tech would benefit many other industries.
In fact, it would be perfect for any site that holds financial information.
Perhaps the biggest benefit is that your passwords aren’t stored anywhere.
The information you use to prove your identity would be constantly changing, making stealing that information a lot less tempting.
It could be one step closer to safer computing in the meantime.
Shae Smith+
Editor, Weekend Tech Insider
Five Cool Ideas From Around The Web
Cool Idea #1: Sick of remembering the combination or digging in your bag for the key to your bike padlock? Meet the Noke. Pronounced ‘no key’, it’s a padlock that unlocks via the Bluetooth on your smartphone. It’s pretty simple. You pair the Noke through an app with any Bluetooth enabled iOS or Android device. And when you reach within 10 metres (this can be changed) of Noke, it automatically unlocks the padlock. You can pre-order Noke through the Kickstarter campaign for $59 now.
Cool Idea #2: How many parents are sick of their kids ignoring their calls and messages? Well, one frustrated mum decided the only way to get her son to answer his calls was to force him. After teaching herself how to program an app, she created this app for frustrated parents, ‘Ignore No More’.
The app means that, if a kid ignores their parents, or selected persons call, they can remotely disable the teenager’s phone. They simply enter in a four digit password, and BAM! The kid can’t message, use the internet, games or even call their mates. The only way to activate the phone again is for the kid to call a ‘selected person’ to reactivate the phone.
The mum who created the app says her son almost never ignores her calls or messages anymore.
Cool Idea #3: How often do you walk around Melbourne — or anywhere for that matter — and wonder what it looked like a century ago? Always? Never? Well, wonder (or not) no more. South Australian firm Intec is trialling their ‘Where the heck am I?’ app. Built for Google Glass, and using GPS coordinates, it throws up pictures of old buildings stored with what they call a ‘Trove’. Which is data combined from various government services.
There’s no plan to roll it out and make it available for the public.
But…imagine a time where we all have something like Google Glass. You land in a new city. As your virtual tour guide takes you around the city, you can see what it looked like through various points of history.
The-we-have-to-deal-with-it Idea #4: In case you missed it, the Australian Tax Office has decided to tax bitcoins, effective immediately. Depending on your financial circumstances, you could be up for capital gains tax — like shares. If you’re paid in bitcoins, you could be subject to fringe benefits tax. You won’t have to pay GST on bitcoins if they are for personal use and under $10,000. Is this going to legitimise crypto currencies for use in Australia? Or is the ATO hungry for your hard earned cash? You decide.
Cool Idea #5: Like it or lump it, most kids learn the basics from smartphones or tablets these days. However, one report found that only one in five apps from the Apple store is appropriate for kids. Apple has 367,960 apps for kids and Google’s Play store has slightly less at 318,670. That might sound like heaps. But as a regular buyer of these, most kid apps out there are rubbish and offer little in the way of educational value. Here you’ll find the most highly rated educational kid’s apps for iOS devices.
The post Need a New Password? Try this… appeared first on Sam Volkering's Tech Insider.