Post by kas on Jul 25, 2011 20:36:34 GMT -5
I read this in a magazine I bought:
www.goodhousekeeping.com/family/safety/keep-email-safe
It was very basic so I looked for something online more informative and found this:
www.usatoday.com/tech/columnist/kimkomando/2008-10-02-safe-passwords_N.htm
Click the link to read the rest
www.goodhousekeeping.com/family/safety/keep-email-safe
Keep E-mail Safe From Hackers
Having your e-mail account hacked can be annoying (your address book could be spammed) — or dangerous if the perpetrator can gain access to personal info. Protect yourself:
1. Set up a second e-mail account for newsletters and the like: Mailing lists may give the address to others. The more unwanted e-mail you get, the greater the potential for receiving malicious files.
2. Don't open attachments or click on links from unknown sources: Keep antivirus and browser software updated — don't hit Ignore when those update reminders pop up.
3. Be smart with your password: Ideally, it shouldn't be a word found in a dictionary. And don't choose an obvious security-question answer, like your mother's maiden name.
4. Don't trust public Wi-Fi: It's fine for general Web browsing, but avoid using it for anything that you log on to.
Having your e-mail account hacked can be annoying (your address book could be spammed) — or dangerous if the perpetrator can gain access to personal info. Protect yourself:
1. Set up a second e-mail account for newsletters and the like: Mailing lists may give the address to others. The more unwanted e-mail you get, the greater the potential for receiving malicious files.
2. Don't open attachments or click on links from unknown sources: Keep antivirus and browser software updated — don't hit Ignore when those update reminders pop up.
3. Be smart with your password: Ideally, it shouldn't be a word found in a dictionary. And don't choose an obvious security-question answer, like your mother's maiden name.
4. Don't trust public Wi-Fi: It's fine for general Web browsing, but avoid using it for anything that you log on to.
It was very basic so I looked for something online more informative and found this:
www.usatoday.com/tech/columnist/kimkomando/2008-10-02-safe-passwords_N.htm
Keep your e-mail account safe from hackers
What would you lose if your e-mail were hacked? Your personal messages and contacts would be compromised. And your messages could include personal photos or financial details.
Recently, vice presidential candidate Sarah Palin's e-mail account was hacked. The contents were posted on the Internet for the world to see.
TIPS: Ask Kim
Apparently, a complete stranger did the hacking. That's how easy it is to hack an e-mail account.
The problem with Web mail
With Web mail, your user ID is generally a part of your e-mail address. Anyone who receives e-mail from you knows your user ID. An investigation into Palin's e-mail usage made her e-mail address public knowledge. So, the hacker only needed her password.
Did the hacker guess her password? No. The hacker created a new one using Yahoo's password reset feature. It's actually pretty easy to do.
To reset the password, the hacker answered a security question. That, too, was gleaned from public information.
Dealing with password reset
Your personal information may not be on the Web, but you could still be hacked. Odds are, you specified a security question and answer when you created your account. Friends and family probably know the answer to the question. Or, it could be found with a Google search.
The password reset is critical. If you answer it truthfully when setting up your account, you're at risk. So don't. Use a nonsensical answer that only you know.
For example, select "What is your father's middle name?" Answer it "my@name@is@kim." Or, use "my+dog's+name+is+Boo-Boo."
It is unlikely that a hacker could supply the correct response. The system doesn't care that your response makes no sense.
Protecting existing accounts
You probably want to keep your existing e-mail account. You probably also supplied correct information when you created it.
Depending on your provider, you can change the answers to your security questions. Yahoo users are out of luck. But Hotmail and Gmail users aren't.
In Hotmail, click your account name and select "View your account." Under Password reset information, click "Change" beside "Question." Change your security question and answer.
Gmail is more difficult to hack. Your account must be inactive for five days before you can reset the password. You can also select your own security question.
Click Settings and open the Accounts tab. Select "Google Account settings." Click "Change security question." Alter your security question and response.
Use a strong password
You still need a strong password. Your password may be easier to guess than you think. Your dog's name or phone number are easily guessed.
Maybe you thought about this and picked a random word instead. If so, be aware that hackers can crack it easily with a dictionary attack, which uses software that tries every word in the dictionary as the password.
You need to use a complex password containing both letters and numbers. If your provider allows it, add a symbol. Use at least eight characters.
I recommend creating a sentence that is easy to remember. For example, "My daughter was born in 2005" is relatively simple. Then take the first letter from each word and keep the year. In this example, you get "mdwbi2005." Such a password is easily remembered, but difficult to guess.
Remembering your passwords
You'll have trouble if you forget your password, but don't write it on a slip of paper. This defeats the purpose of securing your account. Co-workers or family members could find the paper.
Instead, use a password-management program such as KeePass or LastPass. These programs encrypt your passwords; a master password opens the database.
Or, try Pageonce. It is a Web-based password-management tool. You'll find links to these tools at www.komando.com/news.
You should also change your password and clean out your browser's saved data regularly. This includes the cache, saved forms, cookies and passwords.
Finally, don't check "Remember Me" on the sign-in page. That's an open invitation to snoop. Sign out from your account once you've read your e-mail.
—
Kim Komando
What would you lose if your e-mail were hacked? Your personal messages and contacts would be compromised. And your messages could include personal photos or financial details.
Recently, vice presidential candidate Sarah Palin's e-mail account was hacked. The contents were posted on the Internet for the world to see.
TIPS: Ask Kim
Apparently, a complete stranger did the hacking. That's how easy it is to hack an e-mail account.
The problem with Web mail
With Web mail, your user ID is generally a part of your e-mail address. Anyone who receives e-mail from you knows your user ID. An investigation into Palin's e-mail usage made her e-mail address public knowledge. So, the hacker only needed her password.
Did the hacker guess her password? No. The hacker created a new one using Yahoo's password reset feature. It's actually pretty easy to do.
To reset the password, the hacker answered a security question. That, too, was gleaned from public information.
Dealing with password reset
Your personal information may not be on the Web, but you could still be hacked. Odds are, you specified a security question and answer when you created your account. Friends and family probably know the answer to the question. Or, it could be found with a Google search.
The password reset is critical. If you answer it truthfully when setting up your account, you're at risk. So don't. Use a nonsensical answer that only you know.
For example, select "What is your father's middle name?" Answer it "my@name@is@kim." Or, use "my+dog's+name+is+Boo-Boo."
It is unlikely that a hacker could supply the correct response. The system doesn't care that your response makes no sense.
Protecting existing accounts
You probably want to keep your existing e-mail account. You probably also supplied correct information when you created it.
Depending on your provider, you can change the answers to your security questions. Yahoo users are out of luck. But Hotmail and Gmail users aren't.
In Hotmail, click your account name and select "View your account." Under Password reset information, click "Change" beside "Question." Change your security question and answer.
Gmail is more difficult to hack. Your account must be inactive for five days before you can reset the password. You can also select your own security question.
Click Settings and open the Accounts tab. Select "Google Account settings." Click "Change security question." Alter your security question and response.
Use a strong password
You still need a strong password. Your password may be easier to guess than you think. Your dog's name or phone number are easily guessed.
Maybe you thought about this and picked a random word instead. If so, be aware that hackers can crack it easily with a dictionary attack, which uses software that tries every word in the dictionary as the password.
You need to use a complex password containing both letters and numbers. If your provider allows it, add a symbol. Use at least eight characters.
I recommend creating a sentence that is easy to remember. For example, "My daughter was born in 2005" is relatively simple. Then take the first letter from each word and keep the year. In this example, you get "mdwbi2005." Such a password is easily remembered, but difficult to guess.
Remembering your passwords
You'll have trouble if you forget your password, but don't write it on a slip of paper. This defeats the purpose of securing your account. Co-workers or family members could find the paper.
Instead, use a password-management program such as KeePass or LastPass. These programs encrypt your passwords; a master password opens the database.
Or, try Pageonce. It is a Web-based password-management tool. You'll find links to these tools at www.komando.com/news.
You should also change your password and clean out your browser's saved data regularly. This includes the cache, saved forms, cookies and passwords.
Finally, don't check "Remember Me" on the sign-in page. That's an open invitation to snoop. Sign out from your account once you've read your e-mail.
—
Kim Komando
Click the link to read the rest