4 Easy Ways to Keep your Passwords Safe

The internet is becoming more and more entwined with our daily lives and well-being.  We can bank online, shop online, socialize online, and conduct business online…all of which require us to have accounts that hold sensitive information (credit card and bank numbers, phone numbers, mailing addresses, the identities of our friends and family).  The only thing stopping people from seeing this info is the password we chose to protect each account.  Here are four basic rules (that can’t be mentioned enough) you should follow to make sure your passwords are as safe as they can be.

  1. Have a different password for each account/service you use
    1. If the password for your online banking is the same password you use for your email, then you’re exposing yourself to unecessary risk.
    2. Have separate passwords to make sure that, in the event that one becomes compromised, the others are still safe.
  2. Change your passwords at least three times a year
    1. You can never be too careful, so change up your passwords every four months
    2. (TIP: Don’t write down these passwords anywhere someone can see them)
  3. Make your passwords unique and hard-to-guess
    1. Don’t let your password be something generic (“Password1″)…
    2. or easy-to-guess (like your birthday or child’s name).
  4. Keep your passwords a secret
    1. No one should know your passwords
    2. If you do HAVE to tell someone your password, change it the moment they’re done using whatever account you granted access to
  • If the password for your online banking is the same password you use for your email, then you’re exposing yourself to unecessary risk.
  • Have separate passwords to make sure that, in the event that one becomes compromised, the others are still safe.

LinkedIn Passwords Stolen – What You Should Do

LinkedIn is a popular social network for professionals wanting to promote themselves and their careers, connect with current and former business contacts, and build their businesses. So you may already have joined the site.

If you are a LinkedIn user, please read on.

Yesterday, LinkedIn confirmed that some of their users’ passwords were stolen. While they are investigating the issue further, here is what they recommend that you do:

password security tips

  • If LinkedIn thinks your password was compromised, your account password will be disabled and you should get an email with instructions (but no links) giving you the first steps to resetting a new password.
  • Follow the steps in the first email and you’ll get a second email from LinkedIn with a password reset link.
  • LinkedIn also advises you to review their advice about password security.

Even if you don’t get an email from LinkedIn, you may want to proactively change your password, and use it as an opportunity to create an even stronger password.

As an Internet service provider with 18 years of experience safeguarding our members’ accounts, EarthLink has long promoted the value of creating strong passwords that you keep private and secure.

Want to know more about password security? Read our blog post about protecting your passwords, this post with a system you can use to generate strong passwords without repeating them, and this password help from the EarthLink Support Center.

If you wish to change your EarthLink password, use the Password Reset Tool on our My Account page.

We also had a link to download the free LastPass password manager from our eLink newsletter for Internet access members (scroll down to the Download section).

eHarmony users: Dating site eHarmony also confirmed a password security breach yesterday. You can read about that password security problem here.

LastPass has created tools to help you check if your LinkedIn password or eHarmony password was stolen.

Where Is Your Laptop?

Laptop theft is a common practice. Every day laptops disappear from college libraries, car back seats, coffee shop tables, hotel lobbies and airport waiting areas. In the past, laptops were valuable for their hardware, once stolen they were resold quickly for strictly their monetary value. Today that’s not the case. Your data is the target! There’s probably something on your laptop that you don’t want the whole world to see. It could be proprietary information, documents containing personally identifiable information (birth date, social security number, credit card info) or even someone else’s personal information.

If you travel with your laptop or keep it in a place where others can access it, then you’re vulnerable to theft. A password no longer guarantees denied access to your data. If someone is smart and determined enough they will crack it and have unrestricted access to every piece of data stored on your laptop. So how do you protect it? Encryption. Encryption adds an additional layer of protection. If your password is cracked the data remains encrypted and the information is scrambled so that even advanced security experts can’t read it.

EarthLink provides a Managed Laptop Security solution that encrypts your data and also adds yet another layer of protection with laptop remote wipe capabilities. Should your laptop be lost or stolen, EarthLink’s protection will automatically kick in and wipe (delete) the data by overwriting it until nothing is left.

Passwords simply don’t cut it anymore in today’s technology world. If you laptop is mobile then you must add multiple layers of data protection to minimize the risk of your data getting into the wrong hands. Contact EarthLink Managed Security Services (or download this info sheet) today to learn more!

Facebook Privacy Controversy – Employers Asking Job Applicants for Facebook Logins

Facebook privacy - employers asking for Facebook passwordsBeen looking for a job? Then you know it’s not easy out there, even though there are more online job resources than ever to help you, like the Careers section of My.EarthLink.net.

One more recent complication to the job search? Some employers have started asking job applicants for their Facebook usernames and passwords so they can log in and snoop around. Really.

The ACLU denounced this practice as “an invasion of privacy,” saying it is “out of bounds” to look through a person’s private social media accounts.

Facebook’s Chief Privacy Officer Erin Egan issued a strongly worded denouncement, calling this an “alarming” practice that “might jeopardize the security of your account or violate the privacy of your friends.” She also reminded users that “it is it a violation of Facebook’s Statement of Rights and Responsibilities to share or solicit a Facebook password.”

On the legal and legislative fronts, Senators Charles Schumer of New York and Richard Blumenthal of Connecticut have called for investigations by the U.S. Justice Department and the Equal Employment Opportunity Commission, and said they are writing a bill to fill in any privacy gaps in existing laws.

In the U.S. House of Representatives, Democratic Congressman Ed Perlmutter already proposed a Facebook user protection amendment, but it was voted down yesterday 236 to 184, mostly on party lines (only one Republican voted for it, only two Democrats voted against it).

EarthLink reminds all of our members that sharing online passwords compromises your privacy and is a great security risk. Our members are required to take full responsibility for keeping their EarthLink passwords confidential and reporting any unauthorized use of your account information.

Expect more news about the investigations into this issue and additional attempts at national or state legislation to prevent employers from asking job applicants for personal and private social network logins.