Regarding Secure Passwords

Post date: Aug 01, 2014 5:30:8 PM

Recently (on the 26th July) I received an email stating that a new email address and a new credit card was added to my paypal account. The only reason to do this could be to use this information to gain access to other financial postal information that is present in that account. And this also means that the password that I used as a generic password has been mined and collected by at least one group of hackers (and not the good kind) There is another person who explained the exact set of things that happened to him (https://medium.com/p/24eb09e026dd ), and after reading it we realized that loosing your password is more about scamming and social engineering than a lone nerd hacking away at some obscure computer screen :):). This was alarming enough to give me motivation enough to move to a password manager to start generating and saving/syncing passwords instead of using one password and using my brain to remember the different permutations and combinations for each of the accounts. I have started using KeePass (free app on ALL platforms (windows/linux/mac and ios/android) ) and following are the points that one should know about it: 1. It can generate and store all the passwords that are stored in an encrypted file/database. 2. One password used to encrypt this database, and the only password that you would need to remember. 3. This encrypted file/database can be stored in your dropbox folder or any other file syncing service, and can be accessed by all your other devices (through the file syncing service). There are several other password management services that one can choose from (http://lifehacker.com/5042616/five-best-password-managers), in case you would like to see the other options available. I would suggest that we all start using that and not wait for some one to hack into our account before we get around to doing it like I did . Regards, Sameer p.s. The hack that is mentioned in the link provided was widely investigated, and generated a lot of interest in the media. Providing the links to the same here: 1. http://techcrunch.com/2014/01/29/why-hasnt-twitter-just-given-n-his-name-back/ 2. https://www.paypal-community.com/t5/PayPal-Forward/PayPal-Takes-Your-Security-Seriously/ba-p/779303 3. http://techcrunch.com/2014/01/29/godaddy-admits-hackers-social-engineering-led-it-to-divulge-info-in-n-twitter-account-hack/