Blog 4 Jordan Day

Visitor of the day


  • You
    from

Brag Stats

  • Comments:25,004
  • Articles:2,000
  • Article Hits:12,459,805
  • Unique Visitors:2,000,438
  • Rss Subscribers:3,052
  • Comment Subscribers:2,530
  • Spammers:136,315
  • Generated :757,671 spams
  • Monitoring:3,942,477 spam IPs
Powered by Qwaider Shield

Recent Comments

Check out the latest pictures on Sweetestmemories

« ChemistryMellow weekend, two movies and a book! »

You must change your password!

  • By: Qwaider

  • On:Sunday, March 11, 2007 5:16:57 PM
  • In:Thoughts
  • Viewed: (5333) times

    • Currently 4.4/5 Stars.
    • 1
    • 2
    • 3
    • 4
    • 5

    Rated 4.4/5 stars (175 votes cast)

    The recent events that happened to Izzi's blog. Where her account was hacked and her blog got deleted. Some have speculated that there was a zionist plan to get this done, I personally can't remove Izzi herself from the blame list. And I can't stress enough to you people the need to have secure passwords. And to have a policy concerning your passwords.

    We all struggle with passwords. I'm sure everyone has a bunch of them and memorizing all of these is ... well very difficult once the number of passwords get more than 5

    So what do people do? They just use the same password for everything. From their bank accounts to their email and blogs. And this proves to be a grave mistake as in the case of Izzi

    Password Guidelines:

    1. The passwords need to be strong, containing Letters, numbers and special letters (like ,.-!@#$%^&*())... etc If possible (many services do not allow such complex passwords, so at least letters and numbers), capital an small letters
    2. The passwords, must be something easy for you to remember and difficult for others to guess, stay away from your name, family member names, your pet names, date of birth ..etc
    3. The passwords shouldn't be too short, anything less than 15 letters can be brute forced (try all combinations) in less than 30 minutes. (I don't want to alarming here, but consider longer passwords always) For most of the online services, mail, blog ... etc nothing less than 6 letters
    4. Do not share your password with anyone. If you were forced to share it for some event or another. Make sure you change it right after it's done.
    5. Keep a separate different password for each account you have.

    I do realize that maintaining a separate password for each account might be difficult thing to do, therefore, I think It's time for some password policies

    1. If you don't want to memorise passwords for everything, organize them in tiers. a) Most secure, b) secure, and c) I don't care
      1. In the most secure category. You try to maintain a list of very secure passwords, that you would NEVER give to anyone (example, work password, bank account password, and your primary email account password)
      2. The Secure passwords, are for your blog, regular email accounts, lock and unlock your PC ... etc. Things that need to be secure, but not necessarily ultra secure
      3. And finally, the "I don't care" list. And this one includes (and read carefully) Forum accounts, online services accounts and secondary email accounts
    2. Be EXTRA careful from anything online that's not a reputable software company. ESPECIALLY forums. Forum admins and Database administrators have access to user passwords, and to ALL their private Email!
    3. Don't share or give your password to anyone who asks for it by mail
    4. Don't EVER send passwords it by email
    5. If you get emails in your email account asking you to confirm your password. DO NOT RESPOND. Instead, go to the website directly and do your work on it directly. (In other words, be careful of Phishing)
    6. If you know, or even remotely suspect that your account might have been hacked, CHANGE  YOUR PASSWORD IMMIDIATELY! In fact, when in doubt, change your password

    Finally, there's no policy better than using common sense! You have a brain, use it!

    Other Memories Documented on March 11
    « ChemistryMellow weekend, two movies and a book! »

    Memories....

    I can't agree with you more but I think that Izzi's blog and email accounts got hacked into in a different way. She does has different passwords for different account but what the hackers did was send her a file that can download it self into her PC and open a window that will give the hacker full access to her PC. Meaniningm everytime Izzi tried to log into her email account, blog, etc, someone was watching and recorded every single key stroke.\

    So here's a nother lesson for everyone that should already be common knowledge: Never, Never, open attachements from untrusted sources and always scan any attachments recieved with an up to date anti virus and anti spy software!
    • #2
    • laila
    • Windows Internet Explorer
    • Said
    • On: 3/11/2007 7:21:42 PM
    EEK!

    Just changed my PW, was a trivial one before!
    I can relate to that, I lost 2 emails in my life because of the password thing, I was lucky and I was able to get one of them back, but the other one is just gone… (well. That was 8 years ago though, that doesn’t happen any more thank god).
    I totally agree with you, if those guidelines were followed; I guess hackers will never get in to your accounts and PC’s.. Thanks Q… very useful post :)
    Excellent post... It felt like school at 6th Grade with a really tough teacher... ;)
    • #5
    • Palestinian Pride
    • Windows Internet Explorer
    • Said
    • On: 3/12/2007 1:29:42 AM
    Am sorry bas ur guidelines befedosh bshelen law 7da ba3atlak spyware :s .. aham she lazem ykon 3ndk anti virus updated .. l2no el spyware bejeblak el password sho ma kanat 7ta law kanat kolha !@#$#@!@# .
    LOOOOOL

    if ppl keep save there PW on the Pc , it can be  hacked in way or other , alot Do and save there password to make it easy to access , specially messengers ..

    ist simple rule

    Man make it man Crack it ..  
    Duraid,
    That's a good point, You must ABSOLUTELY NOT open ANY Attachment that you get in the mail, it doesn't matter if you know the person or not(because they themselves might have been compromised). It doesn't matter if you have an Anti-virus or not(because it might be a new kind of spyware, not previously known)
    I would categorize this as "Pilot error" or the user got "fooled" into Installing spyware, that did all of that

    Laila:
    Good thing, I'm glad I reminded you to do this

    Maioush:
    Thanks, but we should really be skeptic as well, as I said, the rule is, when in doubt, change the password (and I might add also, FROM A CLEAN MACHINE)

    Kilany:
    :) LOL someone needs to squeeze your ear :)

    Palistinian Pride:
    I'm sorry but that's a WHOLE other problem on it's own. Password policy is not related to your system security policy. Getting fooled into running spyware, or through Phishing is the user's fault. So is weak passwords. Each one of these is considered an attack "victor" and they should ALL be addressed.
    An Anti-virus, Anti-Spyware, Anti-Malware is ESSENTIAL to have on ANY PC you've got. In addition to that, a good strong password



    By the way, if you noticed, I was talking about "Brute Force" attacks, and not user error
    Duried, very valid point, it happened with a relative as well. i never open any anonymous emails, and i reckon noone shud, even if the name sounds a bit familiar dont open any attachment unless ur very positive its someone u know.

    i agree Q, one shud change their passwords frequently and have them in codes, like initials and numbers that mean something to them or a combination of characters and letters. it shud do the trick. but then again, technology (in addition to evil minds) has its sharp fangs that bite us even when we r too careful.

    Bless u all!
    Verbal Alchemy, Even people you know might have compromised machines that is resending a virus on behalf of the person you know. And they're not even aware of the infection.

    As a good rule, NEVER open attachments from ANYONE!
    • #10
    • Rebellious Arab Girl
    • Windows Internet Explorer
    • Said
    • On: 3/13/2007 7:29:32 AM
    did Izzi make a new blog? I liked reading hers.. :(
    You too can have your Memories Documented

    Country:

    HTML has been disabled but if you wish to add any hyprlinks or text formating you can use any of the following codes: [B]bold text[/B], [I]italic text[/I], [U]underlined text[/U], [S]strike through text[/S], [URL]http://www.yourlink.com[/URL], [URL=http//www.yourlink.com]your text[/URL]

    Whisper (your comment will not be displayed)

    Please refer to Commenting policy


    Notify me of follow-up comments by email
    « ChemistryMellow weekend, two movies and a book! »
    Read by:
  • Guests(2)-
  • |
  • s.n.-
  • |
  • Verbal Alchemy-
  • |
  • Guest-
  • |
  • Guest-
  • |
  • Guests(2)-
  • |
  • Guests(2)-
  • |
  • Guests(2)-
  • |
  • 7aki Fadi-
  • |
  • Dandoon-
  • |
  • Guests(38)-
  • |
  • Rebellious Arab Girl-
  • |
  • Guest-
  • |
  • Guests(170)-
  • |
  • Guests(26)-
  • |
  • Guests(280)-
  • |
  • Guest-
  • |
  • Guest-
  • |
  • 7usam-
  • |
  • Caller-
  • |
  • Guest-
  • |
  • Roba-
  • |
  • Guests(5)-
  • |
  • ABOUD-
  • |
  • Guests(10)-
  • |
  • Guest-
  • |
  • Guests(80)-
  • |
  • Guests(41)-
  • |
  • laila-
  • |
  • Guests(14)-
  • |
  • Guest-
  • |
  • Guests(5)-
  • |
  • Guest-
  • |
  • Guests(2)-
  • |
  • Guests(3)-
  • |
  • Guest-
  • |
  • Guests(14)-
  • |
  • Abed Hamdan-
  • |
  • aya-
  • |
  • bakkouz-
  • |
  • Dima-
  • |
  • Dima (an oriental blog)-
  • |
  • Duried-
  • |
  • Firas-
  • |
  • Guests(2)-
  • |
  • Hope-
  • |
  • Khalidah-
  • |
  • Lost Within-
  • |
  • M Kilany-
  • |
  • mala2e6-
  • |
  • Mazz-
  • |
  • Naryat-
  • |
  • Ola-
  • |
  • OmAr-
  • |
  • Palestinian Pride-
  • |
  • Qabbani-
  • |
  • rare-
  • |
  • Red Rose-
  • |
  • Tamara-
  • |
  • Guests(9)-
  • |
  • Guests(3)-
  • |
  • Guest-
  • |
  • Guests(7)-
  • |
  • Guests(9)-
  • |
  • Guests(2)-
  • |
  • Guests(3)-
  • |
  • Guest-
  • |
  • Guests(119)-
  • |
  • Guests(10)-
  • |
  • Guests(11)-
  • |
  • Guest-
  • |
  • Guests(10)-
  • |
  • Guests(122)-
  • |
  • Guests(18)-
  • |
  • Jumana-
  • |
  • Guests(70)-
  • |
  • Beti-
  • |
  • Guests(2)-
  • |
  • Guests(2)-
  • |
  • Guests(9)-
  • |
  • Guests(472)-
  • |
  • afaf-
  • |
  • Amal A-
  • |
  • Guests(3603)-
  • |
  • hamede-
  • |
  • Maioush-
  • |
  • Muhammad Arrabi-
  • |
  • Noura-
  • |
  • secratea-
  • |
  • Guest-
  • |
  • Guest-
  • |
  • Guests(11)-