If you've been paying attention to tech news, you've probably heard a few of the recent stories about major password compromises. There was the theft of millions of LinkedIn members' passwords back in June. Then came word in July that more than 400,000 Yahoo! passwords were leaked. Just last month, we heard about the "epic hacking" of Mat Honan, which wiped out the Wired writer's digital life.
In a terrific new piece about the assault on passwords, Ars Technica IT security editor Dan Goodin warns that the average Internet user is more vulnerable today than ever before:
The ancient art of password cracking has advanced further in the past five years than it did in the previous several decades combined. At the same time, the dangerous practice of password reuse has surged. The result: security provided by the average password in 2012 has never been weaker.
While there's no such thing as complete online security, you can take several steps to make your accounts safer. Today's task is to put some time in to making your passwords harder to crack.
Start by reviewing Lifehacker's new password security checklist. It's packed with useful information and points you to resources for auto-generating strong passwords and tracking security breaches of sites you have accounts with. Follow that up with a look at a recent post on The Atlantic Wire, in which a hacker offers a series of practical tips for picking better passwords.
More and more online account providers are making two-step verification available to users. This method of protection requires you to have not only a password, but also a second code (which is typically sent to your phone), in order to prove that you are, indeed, you. If you have a Google account, it's highly recommended that you turn on two-step verification. It can be a little tricky if you're unfamiliar with the process, so check out CNET's video guide, which explains things simply and clearly.
Many of us have many different online accounts these days, and remembering unique, strong passwords for each one of them is a huge pain (if not downright impossible). Consider signing up for a password manager, a service that stores all of your passwords in a single database. Once you log in to your password manager, the tool unlocks the various complex passwords you've created so you can easily and automatically connect to all of your online accounts. Some of the best-loved password managers are LastPass, 1Password, and KeePass.