127 Embarrassing Characters Coming to Your Twitter Feed Soon

It’s happened again. Another social media site is in the news being accused of a network breach. The user names and passwords of well over 32 million Twitter users have been found for sale on the dark web as happened to LinkedIn and MySpace users recently. Some analysts confirmed they were Twitter account credentials. It is uncertain how the information was obtained, but being blamed are both malware and password reuse. Twitter is confident that there has not been a breach of its network.

Be sure to never use the same log on credentials for multiple sites. It’s just a bad idea all around. The reason the credentials get sold are not necessarily because someone wants to mess with your Twitter account, but so many people use the same password for multiple sites that hackers are very often successful at getting into financial accounts with them.

It can be complicated with so many of them that we have to remember, but it is really to your benefit to do it.

Jim Stickley of Stickley on Security recommends creating a single “default” password and adding to it for each site, using the name of the site. For example, if your base passwords is “PASSWORD” and you are going to Yahoo!, your password for that site could become “PASYSWORD” by inserting the first letter of the site into the same spot in your default password. In this case, it’s in the fourth position. However, you could use two of the letters to bookend it as well, such as “YPASSWORDO.”

Stickley is sure to emphasize that “PASSWORD” would be a terrible default password, but it’s merely an example.

If you have to write your passwords down, make sure to keep that list in a separate location from your computer. Either put a paper list in a secured cabinet or drawer or a digital list on a removable drive of some type. If someone does manage to get access to your computer, they could find that file and have access to all of your online accounts as well.

Since Twitter says it has not had a breach, the theory of how the passwords were obtained with malware is from users’ browsers. There is this option to have the browser remember passwords when you type them in. It is suspected that malware somehow made it onto the users’ systems and found those passwords from the browsers. However, this has not been determined as the culprit either.

In any case, Stickley believes saving passwords in the browser is a bad idea and he does not recommend it. Instead, just take the few extra seconds to retype the password into the site each time. It could save you a big headache later and it certainly lowers your risk of becoming a victim and having something embarrassing tweeted to all your followers.

© Copyright 2016 Stickley on Security