This morning there was a rather large break-in of a couple of sites related to online sales of clothing and shoes, Zappos and “6pm” amongst them, and one theme sticks out as a beacon to us as far as how users can avoid being smashed by this situation: password safety. Ironically it’s not that you need to change your personal details, not your credit card numbers, your phone numbers, any sort of address information at all, but your password itself, and not necessarily on the site that got hacked. The simplest way to keep yourself secure on the internet is to use different passwords on each “secure” site you interact with.
Zappos users here are the subject matter simply because it’s the most recent attack, but it’s true for whatever set of services you use on the daily. If you’ve got an eBay account, an account for your online bank account, and an account for Zappos, you need, need, NEED to have a different password for each of them. What you do when you keep the same password for each of these sites is to open yourself up to a MUCH wider array of hackers than if you change your password for each.
For those of you that live in a house, here’s a good example of what this is like: You’ve got a door that needs a key to open it. You keep that key on your person, but you also have a key hidden in the yard just incase you’ve lost your own key.
This is what it’s like to have one password for one site – someone could figure out where that key is, but they’ve only got one door they could open with it. What having the same password for all of your sites is like would be if that key was not only duplicated several times to be hidden in different areas of your yard, but also opened up your house, your garage, your shed, and your car.
Make yourself a different key for each of your buildings and vehicles. Make yourself a different password for each of the sites you access. It’s as simple as that.
BONUS: for those of you that have a difficult time remembering a ton of passwords, there’s always an app for that. Check out 1Password for desktop and mobile including iPhone and Android, LastPass 1.72 Premium as found at LastPass.com has the same benefits but also works on such platforms at Linux, symbian, BlackBerry, and more, and KeePass is your open-source free alternative, if you know how to make it work, that is.
UPDATE: Since this article was originally published, 1Password has expanded significantly. You can now download their expanded app for Android and push passwords in 1Password for Windows, as well.