Here is a list of the top 5 passwords from the year 2011:
Know what 2012’s list looks like? Swap fourth and fifth place. Guess what the most common password was from the 2013 theft of Adobe’s user database. Wrong! It’s 123456. Password (without the capital letter) was actually in third place. Way to improve. And to that “smart” guy in the back snickering: trustno1 was number 12. One more common that 1234567 at thirteenth place.
But passwords are just the tip of a very large iceberg. Now that algorithms can crack even so-called strong passwords in mere seconds after identifying a hash, this issue is more symptomatic of a general laziness than the real problem. The past decade has brought nearly everyone onto the Information Superhighway with no need for a driver’s test and, much like teens with their first taste of the open road, we just keep asking for more without giving any thought to taking care of what we already have.
Do you use the same email, user ID, and/or password for your online banking as you do for your email account or product registrations? Are you actually giving your real name, address, phone number, birthdate, and email address to any site on the ‘Net that asks for it? Do you encrypt your Web traffic when using public WiFi? When was the last time you checked your Facebook privacy settings? Have you enabled your browser’s Do Not Track feature? Are you using an ad blocker? What about on your phone? Do you read what access rights your giving a mobile app or just click ‘Allow’? Have you disabled WiFi or, perish the thought, turned your phone off in a large, connected public area like the mall? Are you using your credit or debit card number online rather than a third-party service (PayPal, Google, Amazon), prepaid credit card, or bank issued temporary card number? Do you still check your bank statement now that it’s just another email in the list? Do you know how to spot a fake antivirus warning or phishing scam? Have you taught your kids, or parents in some cases, how to properly protect themselves?
And that list is just off the top of my head. I’m ‘in the know’ and must admit to not properly taking care of my Internet security all the time. Why? Simple laziness. It’s inconvenient. You know, like putting on a helmet before getting on a motorcycle.
Have you considered ryte2byte’s system for online security?
Before making excuses like “How was I to know?” or “I don’t know how to do that,” let me remind you that we have access to nearly limitless information about the world right under our fingertips at this very second. We’ve just chosen to use it to read gossip rather than educate ourselves on how to secure our digital lifestyles. Here, let's Google it together. Oh, look, the very first item is a list of topics from the United States Computer Emergency Readiness Team offering “advice about common security issues for non-technical computer users.” I must admit that I never knew the US Department of Homeland Security had such a resource online. Why? Because I never cared enough to look.
No, securing your online life won’t guarantee your identity won’t be stolen. Locking your door doesn’t guarantee you won’t be robbed either. It does, however, attempt to mitigate the chances of it happening. And sometimes it works.
And now we have the NSA to deal with.
Frankly, anyone still doing business or storing important documents online without a second thought is a special kind of crazy, present company included. I know, I’ve heard it before: “But I don’t have anything to hide.” Good for you, but guess what? Everything collected can be stolen. What if Edward Snowden had walked away with the NSA’s database of America’s personal information, public and private, and sold it to the Russian mafia. Don’t laugh. It is estimated that Russian cybercriminals pulled in $4.4 billion in 2011. Identity theft has increased about 30 to 50% each year since then. Heck, identity theft now costs victims more than all property based crimes combined. And Russian mobsters are not the only organized crime group to recognize this profitable new outlet. Also consider that if the US is pulling off crazy schemes as tapping underwater communications cables, other nations and powerful syndicates are as well.
And yet, here we are. Still posting personal information online. Still surfing the Web without even the most basic encryption. Government contractors are still using cloud based email and document storage. Years of being warned about identity theft and six months after discovering an international eavesdropping system beyond comprehension and the most common password is 123456. Congratulations. GUO is ashamed to name us all the biggest turkey in the world of technology for 2013.
By the way, have you backed up your important data lately? Yeah… Me neither. Gobble Gobble.