Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Just how hackable is your digital life?

Sarah Jacobsson Purewal | Sept. 25, 2012
When Wired News reporter Mat Honan had his digital life hacked—and subsequently, virtually wiped out—in August, the significant loss of data he endured wasn't the scariest part of the experience. Much more terrifying was the method by which hackers drilled into his digital accounts.

Search for yourself. Before you start worrying, it's a good idea to get a handle on how much information about you is out there by searching for yourself. Type your name into Googleboth with quotation marks and withoutand with relevant keywords, such as your address, phone number, email addresses, job title, company, and alma mater.

See what you find, and try to look at the information the way a hacker would. Is there enough data there for someone to piece together your life? If so, you need to take steps to improve your personal security.

Use passphrases instead of passwords: Passwords are a tricky security issue. The best passwords are computer-generated mixtures of letters, numbers, and special characters (such as exclamation points and question marks). Unfortunately, the resulting alphanumeric strings are also extremely difficult for most people to remember. But since most passwords are hacked via brute-force methodsthat is, by having a computer go through all possible combinations of characterslonger passwords are more secure simply because they take longer to discover.

For example, an Intel Core i7 processor takes just hours to crack a five-character password, but it takes more than 10 days to crack a seven-character password. That's why security experts recommend using passphrases instead of passwords. See Alex Wawro's password primer for pointers on building a good passphrase.

Stay updated: One of the easiest ways to prevent intruders from compromising your computer is to make sure that you're always running the latest version of all your PC applicationsincluding your antivirus program.

"Drive-by downloadsmalware that downloads to your computer when you click on a malicious linkoften work by exploiting known bugs in software," Harrison says. "These bugs are usually fixed in updated versions of the software, but that won't help you if you're still running the old version."

Prioritize accounts: You may not be able to remember complex passphrases for every account you have, and that's okay. According to Doug McLean, senior director of product marketing at McAfee's Global Threat Intelligence, the average online American has more than 100 accounts, not all of which are important.

Instead of creating different passwords for every account, create unique ones for only the important accountsemail accounts, online banking accounts, social networks, and other accounts that contain sensitive information. For relatively trivial accounts, such as message boards, it's fine to use an insecure, hackable password.

McLean also suggests creating a "junk mail" email address for accounts that you don't really care about. You can use this junk email address to sign up for message boards, contests, and newsletters. Then, if one of the junk accounts is compromised, hackers won't have your real email address or your real passwords.

 

Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.