Over the last month, the American people have seen the following online (and these are just the big announcements):
- WikiLeaks unloaded (and still is unloading) tons of information from our government that was deemed classified
- A major media outlet (Gawker) released emails associated passwords for their users (of which I was one… and it’s funny that the first hack attempt they made was my World of Warcraft account. HA!)
- Companys like Deviant Art, and McDonalds informing that their their user databases may have also been compromised… mostly just names and emails… but possibly things like birthdays, etc.
This isn’t the first time any of this has happened, and it surely won’t be the last. But there are two questions I have for you:
1) Do you let it matter?
2) Do you you do your due diligence to protect that which you think you should protect?
#1 I think is key this day in age… Especially if you look at something like Wikileaks. There’s an expression I grew up hearing that went something like “If you can’t say something nice, don’t say anything at all.” I’ve kind of tweaked it be “If you don’t want someone to hear it, don’t say it.” Even growing up, I had this policy that the best way to keep my secrets was to tell no one… And in the event that I did tell someone my secrets, I normally understood that there was always a chance they might share it… I would prefer they didn’t obviously, but still, always a chance. It’s like loaning money to anyone (especially in this economy), if your expecting the money back, don’t, unless you’ve done your due diligence to be able to get your money back in another form should they fail to pay you back. So there are things I simply don’t store online… Heck, I don’t even store them on my PC… I’m not sure what these things are… but I’m pretty I don’t do it.
Which brings me to #2…
Do you do your due diligence to keep what you want protected secured? Do you change your passwords monthly? Do you make them random letters and numbers? Do you use different passwords for every site, or at least break them into “less secure”, “more secure” and “ultra secure” passwords? Do you make use of additional security technology when available (for example, World of Warcraft offers an authenticator device with a rotating numeric key). If you are using the same password for everything, and that password is simple, I would say it’s only a matter of time before all your stuff is compromised.
Regardless, when I heard what had happened with Gawker, I went to see what password I had been using on LifeHacker. I was 99% certain it was my “password for unsecure use”… Which is why I found it funny when I got an email saying someone was trying to access my wow account… I’m sure they were using that un/pw, and failing… Because my WoW account has both my medium security password, as well as a wow authenticator attached…
In any case, I’ve changed my password on the sites that I care about… and I’m guessing that I’ll forget something on a forum somewhere or something like that, and it will be compromised, but I’ll survive. Nothing *That* important is online… (Except maybe money…..)