Privacy, security and hackers...oh my

Several weeks ago, LinkedIn had an enormous security fail when 6.5 million user passwords were leaked. Since that incident you can add sites like, Yahoo and, most recently, Formspring to the list.

Some people may be wondering what the big deal is. You change your password and move on.

Not so fast, my friend. Let’s think about this:

1) How many of those people use the same password for every site they sign up for (yes, even their bank)?

2) How many of those people who use the same password everywhere are your friend on Facebook? (The one place you share your kids’ names because it’s “private”.)

I’ve said it before and I’ll say it again: Your information on Facebook is only as secure as the weakest password amongst 300 of your closest, nearest and dearest friends.

How many of your friends’ Facebook accounts have been hacked in some way? Just among my friends, I’ve seen about a dozen friends get hacked over the years. It’s happened to friends who are self-proclaimed luddites and those who are fairly tech savvy in equal measure.

If we connect the dots of the LinkedIn password leak and Facebook friends using the same password for both networks, how many of your friends do you think use the same password for both? Probably a decent number of them.

I used to.

I don’t anymore. In fact, my project for 2012 just got kicked into high gear when I heard about Danny Brown’s Facebook account being hacked over the weekend.

Beefing up online security

 My New Year’s promise to myself was to be more secure with my data. So, I’ve started implementing the use of a password manager (LastPass) and creating unique and randomized passwords for every site. Given the number of sites I have memberships on, the only way I’m willing to do this is with a password manager. 

I think you need to join me in my challenge. Take some time to learn about how passwords are stored online and what makes a strong password (pro tip: complex doesn’t always equal unhackable). Sadly, the five most common passwords are:

  1. password
  2. 123456
  3. 12345678
  4. qwerty
  5. abc123

Number one just boggles the mind.

Knowledge is power

Does it scare you to think that someone might try to access your accounts with malicious intent? It is kind of scary, but here are a few more important points for you to think about:

  • The Internet isn’t private. It IS public, even if you’re in a walled garden like Facebook.
  • Any password is hackable: Strong and long passwords are hackable. Long ones just take longer.
  • If you aren’t 100% fine with seeing it on a billboard in Times Square, it probably doesn’t belong on the Internet.
  • You need to thoroughly review privacy settings on Facebook (read Danny’s post for more info).

You don’t have to fear privacy and security breaches as long as you remember these things and stay true to who you are. Your authenticity will reduce the impact of a malicious attack. 

Have you ever had a web-based account hacked? What did you do?

Buzz and Brilliance - Week of September 19

Last week was a more balanced week for buzz and brilliance. This week has been all buzz about Facebook. Mostly. Sort of - this might be a long post. :) So, let's jump right in.

Facebook's 4th f8 came on the heels of updates to Facebook that left users with very mixed reactions. The updates included the ability to subscribe to other users' public posts, the one move that I admittedly liked but also wondered if it fit the one-to-one relationship building that Facebook was built on. Apparently, I'm not alone in this line of thinking. But that doesn't mean the subscribe button is a bad thing - some like its potential. One update that I think is a great enhancement, but I may not use much is the smart lists. Why? Mostly because I don't do much filtering of content and I'm stingy about the data I enter into Facebook. Therefore, several of the built-in smart lists aren't even available to me. And let's not forget the two most controversial changes - the top stories and the ticker. The top stories I'm going to tolerate for a while without complaint. The ticker...well, I like it. But if you're desperately wishing it would just go away, here's how you can make that happen.

Personally, I didn't find the changes made a huge difference to my user experience; it was comfortable progress. I still knew where to find everything. Was that that all Facebook had up its sleeve this week? Not a chance. Here's the short, sweet story of f8 announcements, but read on if you want a quick overview and more in-depth coverage.

It's hard to know where to begin with the f8 announcements there was so much happening. The keynote started with Andy Samberg "hijacking" the stage and poking a bit of fun at Zuckerberg.

As exciting as these changes are, some believe Facebook still has some work to do. But so do users. Check your privacy settings, think about what you're posting. In amongst all the #f8 tweets, I spotted this tweet that says, "Make no mistake. Your timeline is now your new resume. Don't populate it with stuff you don't want people to see." Wise words that were reinforced by All Facebook. With all this talk of OpenGraph, some are worried that this is the new Beacon.

The biggest disappointment of The Week of Facebook is the lack of change in mobile apps. Despite that, Facebook raised the bar this week, giving Google+ some incentive to bring their A-game.

Speaking of Google+ - it's officially open to everyone. If you want to get started on G+, here are a few tips from Christopher Penn. And while you're at it, keep this in mind. Fortunately for Google, they didn't stop at opening up Google+. They also added 9 new features that are packed with potential. They're still under fire for their stance on names and I'm wondering if they'll ever relent. Finally, you can now link your Google+ profile to Klout!

Another big announcement from Google is the roll out of Wallet. My guess is this is another of those tools that Canada is just going to have to wait to use. Other Google news includes their announcement that AdWords will reward mobile-optimized sites. Just a little something to think about if your site isn't mobile-friendly yet. Google search now has a preview when you hover over search results. I spotted it today before I read about it and it's not too bad - it will save me clicking on the wrong site occasionally, no doubt.

Foursquare achieved the milestone of a billion check-ins this week and made some changes that will protect the exact location of your home. I can guarantee you that I still won't be checking in at my home any time soon (a.k.a. ever). I share a lot online, but that's way beyond my comfort zone.

Fail Whale Winner

The most outrageous story I've seen in a long time is one I clued in to when I saw Peter Shankman tweet about it this morning. He sees it as a lesson about passwords; I see it as a lesson about letting others tweet under your name, as well as some seriously lacking exit procedures. TechCrunch thinks this story is funny. And now it appears that a second ghosttweeter has gone rogue. It's not funny - it's sad that someone who claims to be an "internet sales and marketing professional" could be caught so completely blind by something like this - especially after tweeting quite frequently about how to use social media. Incorporating an exit checklist would probably benefit him if he's going to fire staff in the future. For instigating a most spectacular #fail, he wins the fail whale this week.

Last, but not least, I wanted to share that women are the dominant force in social media, according to a study reported by Mashable.

What is it about social media that is so attractive to women? Anyone have a theory?

And - any thoughts on the news that came out this week? Who's dying to see the new Facebook roll out NOW??
Enhanced by Zemanta