How easy is it for a potential hacker
to steal your identity? Easier than you think.
WHEN WIRED NEWS reported Mat Honan had his digital life hacked and virtually wiped
out in August, his significant data loss wasn’t the scariest part. More
terrifying was how easy it was for the hackers to access his accounts, using
publicly available information.
The
hackers to access the accounts, using publicly available information
If a hacker wanted to ruin your life, how
easy would it be? Sadly, a lot easier than you may realize. You may not think
you’re sharing too much data any one sites just a snippet here and there – but
to a hacker, you’re building an easily harvested online profile. Fortunately,
there are several steps you can take to safeguard your security.
Protect yourself the easy way
If you use email, upload photos, frequent
social networks, and shop on the Web, your online profile is likely already out
there. Even if you don’t go online much, bits of your personal data may be
available for viewing via digitized public records: Someone could readily find
out if you have a mortgage, for example, or if you’ve recently gotten married
or divorced.
Search for yourself: To discover just what information is out there, run a search on
yourself. Type your name into a search engine with quotation marks and without
and include keywords such as your address, phone number, email address, job
title, company, and alma mater.
Try to see the resulting information the
way a hacker would. Is there enough data for someone to piece together your
life? If so, follow the steps below to strengthen your security.
Use passphrases instead of passwords: The best passwords are auto-generated mixes of letters, numbers,
and special characters, but these can be hard to remember. However, as most
passwords are hacked using brute force in which hackers use a computer to run
through all possible combinations of characters long passwords are more secure
since they take longer to crack. An Intel Core i7 processor takes just hours to
crack a five-character password, but more than ten days to crack a
seven-character one. Therefore, security experts advise using passphrases
instead of passwords. See this month’s Privacy Watch for pointers on building a
good passphrase.
Use
passphrases instead of passwords
Stay up-to-date: Be sure you’re running the latest version of all your software –
including your antivirus program.
Prioritize accounts: Create unique passwords only for accounts that contain sensitive
information – say, email, online banking, and social networking accounts.
One security expert also suggests creating
a “junk” email address you can use when signing up for message boards, contests,
and newsletters. If one of these accounts is compromised, hackers won’t have
your real email address or password.
Lie: Be
careful about what information you give away to noncritical websites. If you
can’t get past a screen because the website wants you to give up too much
information, just make it up.
Protect yourself offline: According to one expert, offline identity theft is still much more
common than the online variety. The reason? Mailboxes, dumpsters, and lost
wallets don’t have passwords. Lock your mailbox, shred important documents
before pitching them, and never carry your Social Security card.
Use a password manager
Password managers such as Dashlane, 1 Password,
and LastPass store your passwords in an encrypted program that you unlock with
a master password. They also auto0generate secure passwords and store form
data, so you don’t have to store credit card data on the Web.
Bu sure to pick a manager that’s compatible
with all of your devices. Dashlane, 1Password, and LastPass work with Windows, Mac
OS X, iOS, and Android; Last-Pass also works with Linux, Blackberry, Windows
Phone, webOS, and Symbian,
Freeze your credit report
One expert says that freezing your credit
report is the single most effective way to prevent identity theft. To do this,
you must contact all three major credit bureaus (Equifax, TransUnion, and
Experian) and complete an application process. You’ll then receive a PIN or
password that lets you “thaw” your report (temporarily or permanently) if you
need to use it.
Freeze
your credit report
Be tough to breach
Unless you’re a high-profile target, a
hacker will likely give up if you’re too hard to breach. Mat Honan’s hackers
admitted that their attack wasn’t personal they just thought his three character
Twitter handle was cool.
Taking small security steps can make you
just annoying enough that hackers won’t bother with you.
