Or: How I learned to start worrying and realize how much trouble I'm really in!
This is entry one in a security diary I'm starting here. A series that shows the exact steps I'm taking to secure my online identity. Hopefully, these steps are ones anyone can follow in order to secure their own online (and in some cases offline) lives.
So, a lot of news nowadays is talking about online security. Not just nowadays, but the past year has had headlines dominated by websites being breached and passwords being leaked at an alarming rate. And like everyone else, everytime I got the news and was told to update my password, I thought "How bad could it really be?"
Bad. This guy loses his entire online life, and even a year's worth of files on his own home computer. And he isn't some random guy with no computer background, this is an editor at one of the more respected names in technology news.
Add to it this bit of news. Everyone figures that even if a website is hacked, their information must be secure, right? Wrong. Well, not really wrong, but it doesn't matter. Password crackers are so good at what they do right now that the majority of passwords people use get cracked within hours, which leads to the rest of their information being free for the taking.
If you combine the top two pieces of news, with all of the high profile breaches, and you get a bad concoction for your Email and Facebook accounts. So I decided to do an audit on my online security to see how badly I'd be effected if things went south.
My first step was LastPass. I've been using LastPass to sync passwords across computers for awhile now, and it's been pretty handy. One tool they had that seemed perfect for my use was the LastPass Security Challenge. If you're a LastPass user (and you should be, it's free for the most part and awesome), it will do an audit of your passwords and give you a score. So I ran it, and figured that, being a generally aware IT security guy (it is my real world job after all), I'd come out great.
Crap.
I guess I need to fix this. But, where to start? Well this post is long enough so I'll start covering that in part two of this series.
~Jones Out