Yahoo! and Google Offer Advice on Protecting Your Email Account
It recently came to light that more than 10,000 Hotmail accounts were compromised – someone managed to get hold of the usernames and passwords for these accounts and posted them on Pastebin, a text-sharing webpage. Microsoft acknowledged the fact that these accounts were compromised “due to a likely phishing scheme” and launched an investigation “to determine the impact to customers.” The list has been taken down at Microsoft’s request.
It then came to light that Hotmail wasn’t the only one to get hit by phishing attacks. Google’s Gmail, Yahoo!’s Yahoo! Mail and AOL were hit as well. Just like in the case of Hotmail, the usernames and passwords of thousands of Gmail and Yahoo! Mail users were distributed online. Google announced that it ran a forced password reset on the affected accounts. Yahoo! announced that it is not aware of any compromised accounts, but some Yahoo! IDs may have been made public. In light of this, email users are advised to change their password. You know, just in case.
And since this month is National Cyber Security Month, Google was kind enough to share some tips on how to choose a smart password:
- Do not reuse a password
Some people use the same username and password for pretty much every online account they have. This is a bad idea. If one account is broken into, all accounts can easily be broken into because they share the same username and password. Recycling is a good idea when it comes to the environment, not when using passwords.
- Do not use common words
A password composed of a single word can be easily broken. You are advised to use a password made up of letters, numbers and symbols.
- Do not pick an easily guessable password
Do not use the name of your child, pet or significant other as your password as they are easily guessable. Also, do not use your birthday, phone number or address as your password as it is easily guessable as well.
- Keep passwords you’ve written down in a safe place
Do not write your username and password on a sticky note and put it in a highly visible place if you share your workspace with others. Anyone who walks by can see your login credentials and use them. If you write down a password in a computer file, try not to name that file “my passwords” or something similar. Create a unique name for it so other people who use the computer do not immediately realize what’s inside it.
- Password recovery options must be up-to-date and secure
You may forget your password – it happens. No problem, you can reset the password you forgot. In this regard you must have an up-to-date email address on file for each account you have. This way, when you need to send a password reset email, it goes to the right place.
Alternatively you can answer a bunch of questions and prove you are the account holder who forgot the email for the aforementioned account. Some online services let you create a custom question – come up with a with a question that has an answer only you would know. The answers to some questions can be easily guessed by going though the info about you readily available online: stuff you’ve posted to online networking profiles, blogs, and so on.
Yahoo! has provided some general tips about staying safe online:
- Do not reuse the same password (just like Google said before)
- Do not send passwords over email. Ignore any email asking you to give away your password. Instead or replying to it, click the Spam button.
- Be weary of phishing sites used to steal your login credentials. Some telltale signs include: the URL contains an extra word or misspellings; there are typos on the site, outdated content, broken and missing pictures.
- Use a genuine, properly good security software application.
As a littler trivia sidenote, do you know what the most common password from the 10,000 compromised Hotmail accounts was? It was 123456.
It then came to light that Hotmail wasn’t the only one to get hit by phishing attacks. Google’s Gmail, Yahoo!’s Yahoo! Mail and AOL were hit as well. Just like in the case of Hotmail, the usernames and passwords of thousands of Gmail and Yahoo! Mail users were distributed online. Google announced that it ran a forced password reset on the affected accounts. Yahoo! announced that it is not aware of any compromised accounts, but some Yahoo! IDs may have been made public. In light of this, email users are advised to change their password. You know, just in case.
And since this month is National Cyber Security Month, Google was kind enough to share some tips on how to choose a smart password:
- Do not reuse a password
Some people use the same username and password for pretty much every online account they have. This is a bad idea. If one account is broken into, all accounts can easily be broken into because they share the same username and password. Recycling is a good idea when it comes to the environment, not when using passwords.
- Do not use common words
A password composed of a single word can be easily broken. You are advised to use a password made up of letters, numbers and symbols.
- Do not pick an easily guessable password
Do not use the name of your child, pet or significant other as your password as they are easily guessable. Also, do not use your birthday, phone number or address as your password as it is easily guessable as well.
- Keep passwords you’ve written down in a safe place
Do not write your username and password on a sticky note and put it in a highly visible place if you share your workspace with others. Anyone who walks by can see your login credentials and use them. If you write down a password in a computer file, try not to name that file “my passwords” or something similar. Create a unique name for it so other people who use the computer do not immediately realize what’s inside it.
- Password recovery options must be up-to-date and secure
You may forget your password – it happens. No problem, you can reset the password you forgot. In this regard you must have an up-to-date email address on file for each account you have. This way, when you need to send a password reset email, it goes to the right place.
Alternatively you can answer a bunch of questions and prove you are the account holder who forgot the email for the aforementioned account. Some online services let you create a custom question – come up with a with a question that has an answer only you would know. The answers to some questions can be easily guessed by going though the info about you readily available online: stuff you’ve posted to online networking profiles, blogs, and so on.
Yahoo! has provided some general tips about staying safe online:
- Do not reuse the same password (just like Google said before)
- Do not send passwords over email. Ignore any email asking you to give away your password. Instead or replying to it, click the Spam button.
- Be weary of phishing sites used to steal your login credentials. Some telltale signs include: the URL contains an extra word or misspellings; there are typos on the site, outdated content, broken and missing pictures.
- Use a genuine, properly good security software application.
As a littler trivia sidenote, do you know what the most common password from the 10,000 compromised Hotmail accounts was? It was 123456.
