I even received a few tweets like this from some of my followers, and those I follow.
Even though this may not be evidence my account was in fact hacked, it did create a profound awareness that I should be more diligent with my passwords on sites that I consider to be "trivial". We work on many projects for high profile companies, and take our internal password and security very seriously. We use complex passwords like this "6 OM-mzt 9_S$YA%xi6" and manage, protect and rotate these with incredible care.
But like many people, with my personal/recreational sites, I am just not as serious or cautious (call me lazy) with passwords I use or frequency with which I change them. (personal financial accounts aside).
So, putting into practice our Flawless Execution Methodology, we use in our client projects. I debriefed this event, and captured lessons learned that I am now putting into "Action".
- Change all Personal Passwords Immediately
- Use Harder Passwords
- Leverage a Password Manager so I can stay "Lazy" but Secure
My company NovoLogic, is all about making the lives of people we come into contact with better not worse. So after apologizing to those I may have caused stress with the potentially hacked twitter account @novologic, I decided to write this post and share some of the information I have found around Personal Password Managers.
I found 3 Personal Password Managers which are free. 2 of which are rated very highly by PC Magazine.
These Products allow you to have different and complex passwords for your different sites, but access them from one secure password. So if one of your on-line accounts get hacked your other accounts are safe, since they all have different passwords. something most of us are guilty of not doing.
- Dashlane - is a newer personal password manager but get very high ratings from PC Magazine. It is a little more limited in the number of Operating systems and Browsers it supports, but they seem to be working hard to expand this. It is available for Mac OS X and Windows and has an App for iOS devices.
- Norton has recently released Norton™ Identity Safe which it is offering for Free until October 1, 2012. If you download it before then it will be free of charge forever. No strings attached. this might be a great option for those who use Norton Antivirus.
- LastPass 2.0 - is a new version of a Password Manager that has been around for a while. We actually leverage this for our client and work protected systems, and like Dashlane gets very good marks from PC Magazine. LastPass gets a leg up for me as it works with a very broad range of operating systems and browsers.
The Real Lesson Learned here is that while someone hacking into my recreational/social account does not cause me any direct personal or financial harm, it could do something worse, it could cause serious damage to my credibility and reputation. The perception from others who I have never met but who may have received a less than flattering tweet from me could do damage that could be very hard to repair.
So learn from my mistake and leverage a Password Manager to help reduce the possibility of your account and your reputation from being compromised.