Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Webmaster / Google News

Google News

Google Tips for Stronger Passwords

In the light of recent security breaches, Google has provided several tips for securing your accounts

By Lucian Parfeni, Web News Editor

7th of October 2009, 15:20 GMT

Adjust text size:


In the light of recent security breaches, Google has provided several tips for securing your accounts
Enlarge picture
Online security is always a concern but with information on some 30,000 compromised email accounts from all of the major web mail providers surfacing this week, it's more apparent than ever that users need to do more to protect their online data. The accounts in these cases were stolen using all-to-common phishing schemes and weren't a result of poor security measures from the providers. Google was also hit in this latest wave but the company claims only about 500 Gmail accounts were compromised. Regardless of that, it decided to release several mostly well known and common sense tips on how to create stronger passwords for your accounts.

The first tip is to use unique passwords across different services and products. This really needs no explanation, when using a single password for everything; if one service is compromised, then an attacker can use the data to access all of the other ones the user may have. And, while having a Facebook account infiltrated may not seem like the end of the world, a compromised banking account is much more serious.

The second biggest issue is users relying on weak passwords made up of common words of phrases. In fact, one of the most widely used passwords is “password.” Google suggests using a combination of lowercase and uppercase letters plus numbers and symbols to make it much harder for an automated attack or a determined hacker to guess it.

Another common mistake is using passwords based on identifiable personal information. Using pet names or birthdays is an easy way to remember a password but it also makes it easy for an attacker to get a hold of that information and use it to guess the password. Many users also write down or save their passwords in a file on their computer in case they forget them. Google suggests not leaving the password lying around the office or save it in an obviously named and easy to find file where someone could steal it.

Finally, it is possible that users forget their passwords especially if they are stronger ones for sites they don't visit that often. In this case, most sites offer options for retrieving the passwords either by entering your email address or answering some security questions. But these too could potentially be used to steal the password so a good tip is to use information that isn't likely to easily be known by others.

TAGS:

 Google | Gmail | security
Read by 570 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
Poor (1.0/5) 1 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Security Fixes in Firefox 3.5.3 and 3.0.14

Amazon Web Services Introduces Two-Factor Authentication

WordPress 2.8.4 Fixes a Security Vulnerability

Fortinet Files for $100 Million IPO

Google Docs Goes Public, Will Appear in Search Results

Mozilla Worried About Google Chrome Frame

Yahoo Introduces Support for the OpenID OAuth Hybrid Protocol

Facebook Settles Beacon Class-Action Suit

User opinions:


Comment #1 by: Eric on 07 Oct 2009, 20:23 GMT reply to this comment

I think all this advice is great, but the burden of having a whole lot of hard to remember, secure passwords outweighs the benefit, at least for most users. I'd be willing to bet that there are a variety of security professionals that, while smart enough to avoid "password" as a password, reuse their credentials across multiple sites.

The internet is a place of instant gratification, where waiting isn't really tolerated and people demand instant access to just about everything. These tips are all great, and each passing generation will probably adopt more secure password practices, but I doubt many security professionals really expect the general public to adopt these practices...


Comment #2 by: Parfeni Lucian on 08 Oct 2009, 11:55 GMT reply to this comment

I don't think they expect most people to actually take into account all of these practices but it's surprising how few people take even the most basic steps in protecting their accounts.
Having an unique password for absolutely every site and service is a bit of a stretch but having a different password for an obscure forum and your bank account is somewhat of a no-brainer.


Comment #3 by: John Hilst on 09 Oct 2009, 16:54 GMT reply to this comment

Tip #1 is spot-on here, and there are currently some software programs that can help manage multiple log-in credentials. Tip #2, while good advice, is less relevant to the current hack -- there's no way a breach of this magnitude was accomplished by guessing passwords or purloining credentials from office buddies' pockets. But of course it's good to cover one's bases everywhere.

At Thawte we feel this is further evidence for encrypting sites beyond the obvious banking and ecommerce urls. Both internet users and dev folks have their own side of this to attend to, but if, for example, Facebook and Twitter were encrypted with extended validation ssl, it would cut down on phishing attempts that could compromise log-in credentials across multiple websites (including banks and other financial institutions). Varying passwords will limit what credential hacks can access, but encryption will limit attempts to phish in the first place.

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive