Every hacker knows your password…

That title is tough to accept. However the reality of today is that passwords as we have used them previously are very very insecure. I’ll spare you the cryptography math. Simply explained hackers have hacked so many major websites and harvested a “whopping 642 million passwords.” http://arstechnica.com/security/2016/05/cluster-of-megabreaches-compromise-a-whopping-642-million-passwords/

The 2012 LinkedIn hack has resurfaced as all 177 million accounts and passwords (all cracked) has been released. If you had an account on LinkedIn ever that password is actively being used by hackers to access accounts on other sites (because people commonly reuse passwords). http://arstechnica.com/security/2016/06/teamviewer-says-theres-no-evidence-of-2fa-bypass-in-mass-account-hack/

I strongly encourage you to update any online service/website/app password if there’s a remote chance its the same username/email and password you had on LinkedIn (or other breached site). http://arstechnica.com/security/2016/06/how-linkedins-password-sloppiness-hurts-us-all/

In analyzing my own usage, my LinkedIn password (8 character randomly generated alpha-numeric crackable in 0.2 seconds) was reused on over 15 web services, half of which were or had financial related information.

I highly recommend using a Password Manager to securely store and generate unique passwords. The two major players with great reps and smart developers are 1Password and LastPass. Both offer free and paid levels of service w/ iPhone apps. Where possible passwords should be 12 characters or greater. Where creating remember-able passwords is necessary check out this Cartoon (bottom) then generator (top). https://xkpasswd.net/s/

Do not be like me…create unique passwords per site. It’s nice to be able to remember passwords but if you consider going to 100% managed passwords where you know none of them we may all be a bit more secure! Now go…change those passwords.