Stolen passwords and PINs can easily result in unauthorized purchases or fraudulent credit accounts. Debtors unable to undo the damage might face serious consequences, including New York bankruptcy. The issue of password security is also salient because stories of Democratic Party officials’ hacked emails made the news before the November election. It’s a good opportunity to discuss why it’s so important to use secure passwords to protect personal information—and to secure the passwords as well.
Portrayals of computer hacking usually dramatize the hackers’ genius rather than illustrate reality. In fact, most hacking is accomplished by just password theft, which can be accomplished in several ways. So lesson one to protecting personal information is to ensure that your passwords, whether to email accounts, banking Web sites, medical sites, or others, are not guessable.
In recent years, researchers have analyzed large numbers of users’ passwords for various organizations, often featuring lists of common choices. One example comes from SplashData, which compiles lists based on leaked passwords. The most common password found among these studies is, depressingly, “123456.” Those that follow are likewise uninspired: “password,” “qwerty” (the top row of the keyboard), “football,” “dragon,” “master,” and “princess.” Guessable passwords like these are worthless in nearly all circumstances. However, for an account on a trivial site there may be no point to using a hard-to-crack password.
On the other hand, efforts to create tough, random passwords littered with unusual characters and numbers are very difficult to remember, even if they would take a computer billions of years to crack. To that end, one piece of advice is to sacrifice some of the security for certainly: Writing hard passwords down but keeping them away from computers. Memorizing a bunch of uncrackable passwords—and then replacing them regularly—isn’t practical. Although, there is a risk that the password sheet itself is stolen. Alternatively, users can try to generate passwords made up of random, memorable words, like a poem.
As important as a complex password is, it’s also important to keep passwords secure. Allegedly, the Democrats’ passwords weren’t hacked by geniuses, stolen in break-ins, or even guessed because they were too easy. Rather, the hackers “spear-phished” the accounts. (“Phishing” generally is a 21st century scam I’ve written about before.) In spear-phishing a hacker targets a specific account with an email that contains a malicious link to a fake page asking for the account’s credentials. In other words, the hackers tricked the Democrats into giving them their passwords.
Because phishing is the most common type of hacking, it’s the most important to guard against. Be very careful when clicking on a link in an email you are unfamiliar with or claims to belong to the account manager. What looks official might not be. Also, do not install software or apps you do not trust. They can access the system’s information and transmit it back to hackers. No amount of password cleverness can protect against a Trojan horse attack.
An article on the SplashData findings can be found here.
A Washington Post article on passwords as poetry is here.
If a data breach has led you to financial difficulties, then you should talk to an experienced New York bankruptcy lawyer.
For answers to more questions about bankruptcy, the automatic stay, effective strategies for dealing with foreclosure, and protecting your assets in bankruptcy please feel free to contact experienced Brooklyn bankruptcy attorney Bruce Weiner for a free initial consultation.
