PITTSBURGH,None — Hackers recently broke into the online retailer Zappos database. While they didn't get credit card numbers, they did get access to user names and passwords. That's a potential problem, because many of use the same password for multiple accounts.
I wanted to know how serious this is, so I turned to Internet Security expert. He told me, if thieves get your user name and password, they could do a lot of damage.
"It could just open Pandora's box," said Rick Wallace, Director of Special Operations at Tiversa.
Most of us aren't very creative when it comes to passwords. We use our pet's name, or our birthday, or worse yet, a series of letters or numbers in a row on the keyboard.
In fact, the most common passwords are: "123456" and "Password."
Since multiple passwords are hard to remember, we use the same password again and again, and cyber criminals know that.
Wallace told me that hackers steal passwords from websites with very little security, and then get to work, logging onto accounts and wiring money overseas.
"We have seen individuals who have had their credentials released online and had damages happen within hours," said Wallace.
Another common mistake is to store passwords on a spreadsheet. Wallace showed me files that had been hacked, that listed bank accounts, the log in information, the passwords, and even the answers to security questions.
He says a better place to keep passwords is on a piece of paper in your office that cyber criminals can't access.
"There's nothing wrong with writing down a password, so long as you keep it in a safe place," said Wallace.
Experts say the best passwords are eight characters or more, with upper and lower case letters, numbers and symbols or punctuation.
They say, don't use your name, your birthday or your driver's license number.
"It should be something that someone who knows you very well, even your spouse, would not be able to figure out," said Wallace.
They also recommend changing your passwords every three months.
If you want to know how secure your password is you can use a password checker. This one is free and is provided by Microsoft.
I checked my passwords and they were weak, so I'm changing them. You may want to do the same thing.
WPXI
/cloudfront-us-east-1.images.arcpublishing.com/cmg/XCUXZC2XYZHCRGNNGKFEX6U3LQ.png)
:quality(70)/d1hfln2sfez66z.cloudfront.net/04-19-2024/t_c091c1951d7141898980ea42c6448bdc_name_t_940de251e54b4db09cf9c3659504987c_name_towtruckcharges11pp041824_transfer_frame_344.jpeg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/W3Q5W65YHVHNLFPJFHHN7P6Y6M.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/Z2PJ5UC33BBZ7FHT26J6A34TDA.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/SEZKPKILFDONH4XVIGIMZD7URI.jpg)
:quality(70)/d1hfln2sfez66z.cloudfront.net/04-16-2024/t_4ef4a6f4730a454fb6fa4c586caa58f4_name_nymanaghcoarrest6pp041624_transfer_frame_404.jpeg)