Forget your password and keep safe online

Two major worldwide attacks in May 2014, hackers compromised servers via the Heartbleed vulnerability and stole details from 110 million people. Then later in the month, eBay was hit and forced all 128 million customers to change their password after hackers broke into their databases.

The problem is now that we use our passwords online so often (online shopping, banking, social media sites, email accounts etc) that it is getting to be impossible to remember so many different passwords. To minimise the human memory-power needed to process so much information, people often choose to use a single password (or a few variations on this).

Whilst this approach means that it is simpler to access multiple services, it has a key weakness: what if the service provider you are using has their system compromised? Unlikely? Well, there are many publicly available instances of passwords being stolen - in 2012 when LinkedIn was compromised, over 6 million user passwords were posted online - mine among them. Other systems hacked have included AdobeTwitterFacebook and Yahoo - and too many others to mention.

Now you can see the problem; if hackers gain access to one of your passwords then they can guess that you use them all over the internet - Googlemail, Amazon, banking, Twitter, Facebook etc. You can see how very quickly they might gain access to a wide range of very personal information and their ability to inflict serious damage is very significant.

To counter this, we now use password managers to automatically create, store and recall passwords. The password manager (we use 1Password from Agilebits) can also be used to check for duplicates and identify weak passwords. I'd strongly suggest that you get a good password manager, install it on all your devices and start to use it's auto-creation function as soon as you can; not doing anything over the weekend in any case, are you?

So do yourself a favour and forget your passwords permanently!