Go to the Globe and Mail homepage

Jump to main navigationJump to main content

Technology

QuickSort

Where the Globe divides the high from the
low elements of Internet and digital culture

Entry archive:

Lessons from Gawker's password disaster Add to ...

12345. Password. Baseball. These are just a few of the most popular passwords Gawker users depend on to log in to the company's many content sites, according to a Wall Street Journal article on a massive Internet security breach this weekend that is keeping web surfers on edge. On Sunday evening hackers broke into Gawker's servers, disrupting the publishing schedule on popular blogs such as Gizmodo, Valleywag, and Lifehacker. However, more disturbingly, they also posted hundreds of thousands of Gawker user e-mail addresses and passwords online for anyone to see and share (to find out if your information was compromised, check out Slate's widget.

Some bloggers speculated that an online feud between Gawker and 4chan sparked the attacks, although Hacker group Gnosis (who is taking credit for the hacks) say they reject any affiliation with the image-based forum. Whatever the story, this is yet another blow to safe surfing during a time when hackers are dominating headlines. Gawker is advising all its members, who log in to comment on articles from Silicon Valley gossip to geeky gadget rumours, to change their passwords immediately. Whether you frequent the affected sites or not, there are a few easy things you should do now to take control of your own online security.

1. Use more than one password. While this can be frustrating, it's advantageous for web users to have a few passwords on file for different purposes. For example, use one password for all your electronic newsletters or other non-critical websites (such as Gawker) and another for sensitive online banking accounts. Finally, use another password for your main e-mail account. Sure, this means you will have to remember a few different passwords, but it's better than waking up one morning as a victim of an Internet hack.

2. Use a combination of letters (including upper and lower case), numbers, and symbols. In other words, don't rely on dictionary words for your password or a string of obvious numbers such as 12345. You will want to create a password that is easy to remember, so use a combination of these items that mean something to you (and not obvious to others).

3. Use a lengthy password for more protection. Although this might be hard to believe, within the top 20 most popular Gawker passwords were the number "O" and 1234. Many sites will not allow you to create such a short password, but even if they do stick to a minimum of 8 characters.

To give you some other ideas for creating tough passwords, Microsoft publishes a great little guide. They also have a tool to check your password strength, which will let you know if you need to beef up your password now. This recent Gawker hack is a sign of things to come. With more people depending on web services for everything from content consumption to social networking to financial services, creating a strong password can keep your information safe and your privacy intact.

 

In the know

Most popular video »

Highlights

More from The Globe and Mail

Most Popular Stories