Password Security Wake Up Call

I’ve been beating the password security drum for some time now. Today’s news had an interesting bit on Gawker Media (owners of Lifehacker, Gizmodo, and several other popular sites) and how they got hacked. Most telling was Forbes’ article explaining how Gawker chief mucky-muck, Nick Denton, knew his account was hacked and didn’t immediately change his password. To add insult to injury, he used the same password for Google Docs and Twitter letting the hacker into most of his electronic life.

The moral of this story is simple. Don’t use the same password in multiple places. Ever. The easiest way avoid this pitfall is with 1Password, which you can get with the Mac Power Users discount here.

Another disturbing part of this story is Forbes’ passage that, if true, reflects a complete lack of concern for Gawker’s users. Forbes writes

In the chat, Gawker’s Hamilton Nolan, after hearing that it is just Gawker users who have been compromised, remarks “oh, well. unimportant”. Gawker’s Richard Lawson wants to know if the breach is limited to “just the peasants?”

The bottom line is you can’t rely on anyone to protect your password security but yourself and if you are using the same password at multiple locations, you are going to get burned. Finally, for good measure, twice a year set new passwords on all the really important accounts for good measure. (I do this when the clocks change.)

10 Comments Password Security Wake Up Call

  1. nicolas@bzhgeek.fr

    This is so true, 1password is really the way to go and now whether you are a Mac or PC user. So no excuse.
    The Gawker team reactions or lack of reaction depending of who you are talking about just leave me speechless. I have been an avid Lifehacker reader for the past few years, hopefully but I did not sign up as a commenter.
    Now reading all this and lots of comments all over the web I just feel that :
    – they just do what they preach not to (reuse of passwords/weak passwords) so this just deserves a complete loss of trust.
    – they just don't care at all about their user base to say the least. Would you think of insulting your customers if running a business as they have done (re: Lawson's comment) ? Remember, this is not a any Web site we are talking about but a huge network making a living on their commenters.
    – a letter, not a vague tweet, of excuses is hardly missed. Technical explanations and a page long FAQ is the fireman answer not the gentleman apologies.

    I will stop here because all of this just makes me angry and I did not even have an account with them, I WAS just a frequent reader.

    P.S. : I am French so please bear with my probably poor English. Thx

    Reply
  2. nicolas@bzhgeek.fr

    This is so true, 1password is really the way to go and now whether you are a Mac or PC user. So no excuse.
    The Gawker team reactions or lack of reaction depending of who you are talking about just leave me speechless. I have been an avid Lifehacker reader for the past few years, hopefully but I did not sign up as a commenter.
    Now reading all this and lots of comments all over the web I just feel that :
    – they just do what they preach not to (reuse of passwords/weak passwords) so this just deserves a complete loss of trust.
    – they just don't care at all about their user base to say the least. Would you think of insulting your customers if running a business as they have done (re: Lawson's comment) ? Remember, this is not a any Web site we are talking about but a huge network making a living on their commenters.
    – a letter, not a vague tweet, of excuses is hardly missed. Technical explanations and a page long FAQ is the fireman answer not the gentleman apologies.

    I will stop here because all of this just makes me angry and I did not even have an account with them, I WAS just a frequent reader.

    P.S. : I am French so please bear with my probably poor English. Thx

    Reply
  3. nicolas@bzhgeek.fr

    This is so true, 1password is really the way to go and now whether you are a Mac or PC user. So no excuse.
    The Gawker team reactions or lack of reaction depending of who you are talking about just leave me speechless. I have been an avid Lifehacker reader for the past few years, hopefully but I did not sign up as a commenter.
    Now reading all this and lots of comments all over the web I just feel that :
    – they just do what they preach not to (reuse of passwords/weak passwords) so this just deserves a complete loss of trust.
    – they just don't care at all about their user base to say the least. Would you think of insulting your customers if running a business as they have done (re: Lawson's comment) ? Remember, this is not a any Web site we are talking about but a huge network making a living on their commenters.
    – a letter, not a vague tweet, of excuses is hardly missed. Technical explanations and a page long FAQ is the fireman answer not the gentleman apologies.

    I will stop here because all of this just makes me angry and I did not even have an account with them, I WAS just a frequent reader.

    P.S. : I am French so please bear with my probably poor English. Thx

    Reply
  4. nicolas@bzhgeek.fr

    This is so true, 1password is really the way to go and now whether you are a Mac or PC user. So no excuse.
    The Gawker team reactions or lack of reaction depending of who you are talking about just leave me speechless. I have been an avid Lifehacker reader for the past few years, hopefully but I did not sign up as a commenter.
    Now reading all this and lots of comments all over the web I just feel that :
    – they just do what they preach not to (reuse of passwords/weak passwords) so this just deserves a complete loss of trust.
    – they just don't care at all about their user base to say the least. Would you think of insulting your customers if running a business as they have done (re: Lawson's comment) ? Remember, this is not a any Web site we are talking about but a huge network making a living on their commenters.
    – a letter, not a vague tweet, of excuses is hardly missed. Technical explanations and a page long FAQ is the fireman answer not the gentleman apologies.

    I will stop here because all of this just makes me angry and I did not even have an account with them, I WAS just a frequent reader.

    P.S. : I am French so please bear with my probably poor English. Thx

    Reply
  5. nicolas@bzhgeek.fr

    This is so true, 1password is really the way to go and now whether you are a Mac or PC user. So no excuse.
    The Gawker team reactions or lack of reaction depending of who you are talking about just leave me speechless. I have been an avid Lifehacker reader for the past few years, hopefully but I did not sign up as a commenter.
    Now reading all this and lots of comments all over the web I just feel that :
    – they just do what they preach not to (reuse of passwords/weak passwords) so this just deserves a complete loss of trust.
    – they just don't care at all about their user base to say the least. Would you think of insulting your customers if running a business as they have done (re: Lawson's comment) ? Remember, this is not a any Web site we are talking about but a huge network making a living on their commenters.
    – a letter, not a vague tweet, of excuses is hardly missed. Technical explanations and a page long FAQ is the fireman answer not the gentleman apologies.

    I will stop here because all of this just makes me angry and I did not even have an account with them, I WAS just a frequent reader.

    P.S. : I am French so please bear with my probably poor English. Thx

    Reply
  6. cadillac1234@yahoo.com

    As a frequent Gizmodo poster I got lucky that I log in via Facebook and so far it doesn't look like my passwords were compromised.

    Changing all the passwords to hundreds of log-ins was something I was 'always going to get around to doing' but never did. This was a big wake-up call and I spent last Sunday cleaning up my virtual house.

    Reply
  7. cadillac1234@yahoo.com

    As a frequent Gizmodo poster I got lucky that I log in via Facebook and so far it doesn't look like my passwords were compromised.

    Changing all the passwords to hundreds of log-ins was something I was 'always going to get around to doing' but never did. This was a big wake-up call and I spent last Sunday cleaning up my virtual house.

    Reply
  8. cadillac1234@yahoo.com

    As a frequent Gizmodo poster I got lucky that I log in via Facebook and so far it doesn't look like my passwords were compromised.

    Changing all the passwords to hundreds of log-ins was something I was 'always going to get around to doing' but never did. This was a big wake-up call and I spent last Sunday cleaning up my virtual house.

    Reply
  9. cadillac1234@yahoo.com

    As a frequent Gizmodo poster I got lucky that I log in via Facebook and so far it doesn't look like my passwords were compromised.

    Changing all the passwords to hundreds of log-ins was something I was 'always going to get around to doing' but never did. This was a big wake-up call and I spent last Sunday cleaning up my virtual house.

    Reply
  10. cadillac1234@yahoo.com

    As a frequent Gizmodo poster I got lucky that I log in via Facebook and so far it doesn't look like my passwords were compromised.

    Changing all the passwords to hundreds of log-ins was something I was 'always going to get around to doing' but never did. This was a big wake-up call and I spent last Sunday cleaning up my virtual house.

    Reply

Leave a Reply

Your email address will not be published.