In 2011, hacking groups like Lulzsec and Anonymous provoked an Internet firestorm by hacking major Web sites like Fox.com and online services like Sony's PlayStation Network. Millions of user accounts were compromised. Usernames, passwords, home addresses and credit card information -- lax Web site security often allows hackers easy access to boatloads of personal information. We can blame corporations for poor security and hackers for maliciously attacking Web sites, but there's a third party often at fault in these attacks: ourselves, the users.
No, it's not our fault Web sites get hacked. But poor Web safety habits put us at risk when we shouldn't be. How often do you use the same username and password? Every time you create a new profile? If someone hacked your Facebook account, could they just as easily get into your e-mail inbox? Reusing passwords -- or using weak passwords -- makes you an easy target for identity theft. Remembering multiple passwords can be a pain, but there are Web services that can help. We'll talk about one of the most popular options later in this article.
Internet cloud services -- services that store your data on a server rather than on your hard drive so you can access it from any Internet-enabled device -- are more powerful than ever before. Backing up photographs and important documents has never been easier. Google Docs and Gmail can take the place of Microsoft Word and Outlook Express. Banking sites take the place of expensive finance applications. All we have to do is be safe while we use them. Here are some simple safety tips for keeping your data secure in the cloud. First up: making your passwords as tough to crack as Fort Knox.
Play Smart with Passwords
Passwords are designed to keep our information safe from prying eyes. They're like locks. A hacker may force the door and break your lock, but most of the time a strong lock keeps people out. But let's be honest: Passwords are annoying. Remembering them is a pain, so we often take the easy way out and use simple passwords that we won't forget. But if they're easy to remember, they're also easy to guess.
When the site RockYou.com was hacked in 2009, a security firm examined the 32 million compromised passwords and found that thousands upon thousands of users relied on the same basic phrases. The password "123456" took first place with 290,731 hits; "12345," "123456789," "Password" and "iloveyou" rounded out the top five most-used passwords [source: Tom'sHardware]. If you use one of those passwords, change it. The more complicated your password is, the safer your data will be. It's true, complex passwords won't be as easy to recall. Find a safe place to record your passwords if you can't remember them.
The best passwords combine letters, numbers and symbols into an unusual configuration. Don't take the easy route and capitalize the first letter of the word or use the numeral "1" in place of the letter "l" or a zero in place of the letter "O." Throw in a few random numbers or characters like a plus sign (+) or underscore (_) and you'll be far better off than anyone relying on "password123" or "qwerty" to keep them safe. Once you have a good password, what you do next is just as important: Don't spread it around.
Don't Reuse or Share Passwords
The annoyance of remembering passwords strikes again. It's bad enough that we tend to use simple, easy-to-remember passwords for our Web logins -- we also tend to pick one or two passwords and use them again and again for our e-mail, banking, Facebook and everything else. That's bad. In fact, that's really bad. If your password is compromised, someone could easily gain access to your e-mail account. And change that password. And then go to every site you're registered on and change those passwords -- the replacement passwords are always sent to your e-mail address.
Use different passwords for different sites. At the very least, change up letters, symbols and capitalization if you plan to use the same word or phrase across multiple sites. Make absolutely sure you don't repeat a password across sites that have your credit card information or social security number. Your e-mail password is the most important. Keep it secure and don't use it for any other sites.
One last password tip: Don't tell other people your passwords. Even if you trust them, it's not a particularly good idea. The more people who know your passwords, the greater the chances that those passwords could be accidentally compromised. All these password rules make our online lives more secure, but they don't make them easier. Next up: a tool for taking some of the inconvenience out of password management.
Manage Passwords with LastPass
LastPass is a password management utility that locks all of your unique passwords behind one master password. That means you can create separate logins for e-mail, Facebook, Twitter, cloud storage and everything else you do online, but still access those accounts by memorizing one single password. Web browsers will remember passwords for you, but LastPass can synchronize your information across multiple browsers and devices and fill in forms with a single click.
LastPass will even help you create randomized passwords that no one will ever crack. The service is free, but for a $1 per month premium account you gain access to the mobile version of LastPass for iOS, Android and most other mobile operating systems. What if LastPass gets hacked? That's possible, but LastPasshasprotocolsinplace to encourage users to change their master passwords in the event of a breach. More importantly, validation tools like IP and e-mail address verification make it difficult for an impostor to log in to your LastPass account.
LastPass is just one example of a cloud-based service that makes managing data on the Web easier. When it comes to preserving your important pictures and files, finding the right backup services is key.
Back Up Your Data
If there's one piece of advice the tech savvy have been espousing for years and years, it's this: Back up your data. A power surge, faulty hard drive platter, robbery or other unexpected system failure could happen when you least expect it, and if your data isn't backed up you'll beat yourself up over it for weeks. Years ago, backing up data was an arduous task. Hard drive storage was costly, but floppy disks only held a paltry amount of data. Eventually, ZIP disks and CD burners offered enough space to facilitate backups, and DVDs and cheap hard drives made them easier still. But now we have something even better: the cloud.
Cloud storage solutions come in all shapes and sizes. Dropbox offers only a couple gigabytes of free storage, but its interface is incredibly simple to use. It creates a folder on your hard drive that's linked to the Web -- all you have to do to upload files is drag them into the folder. WindowsLiveSkydrive is designed to make it easy to view and edit Office documents in the cloud. Amazon's Cloud Drive offers 5 gigabytes of free storage and a Web interface for uploading your files. Other services, like SugarSync and Mozy, focus more on automatically backing up your important data and storing it, rather than making it easily accessible online.
Here's the smartest way to backup your data: Don't rely on one service. Store files you access frequently in Dropbox and back up more in a free service like Amazon Cloud Drive. Keep a local backup on a secondary hard drive or on an automated backup drive like Apple'sTimeCapsule. With your data securely backed up and your passwords uncrackable, there's only one thing left to be concerned about: your browsing habits.
Be Alert and Play It Safe
Internet hazards like viruses are, for the most part, easy to avoid. Shady Web sites usually look shady; e-mail attachments from spam addresses are never worth opening. Antivirus software is always a smart precaution, but smart browsing is an even greater ally. What does this have to do with protecting your data in the cloud? The same rules apply when it comes to buying online or creating accounts on new Web sites: Make sure the site is trustworthy.
If you're buying from a retailer you've never heard of, do a little research on them first. They could have notoriously lax security and have a history of losing customer credit card information to hacking breaches.
Finally, be aware of what computers you're logged into. Browsers will often ask to save your login information and keep a login session alive as long as the browser is open. If you log in to Facebook or your e-mail account on a friend's laptop and then leave, you'll likely still be logged in to those sites. If they're trustworthy, that may not be a problem. But what if you're using a public computer? Stay logged in to one of those and anyone could gain access to your account. Yep, that would be bad. Unless you're using your own computer, remember to log out and never save your password and user information. Browse safe, and with a little luck, you'll never have to worry about anyone finding a single one of your online passwords.
Behind cloud storage is a complicated system for storing your data on countless hard drives and magnetic tapes. Learn more at HowStuffWorks.
Lots More Information
- LastPass.com. "LastPass Security Notification." May 16, 2011. (Aug. 23, 2011) http://blog.lastpass.com/2011/05/lastpass-security-notification.html
- Yam, Marcus. "Your Top 20 Most Common Passwords. 22 January, 2010. (Aug. 22, 2011) http://www.tomshardware.com/news/imperva-rockyou-most-common-passwords,9486.html