The incidence of email hijacking is on the rise – spammers have discovered that many email accounts are child’s play to get into. Once done, the victim’s entire address book is scarfed up and used to send out spam, phishing solicitations or malware.
First of all, I hope these wastes of human cytoplasm find themselves buried beneath 7 kilometers of burning camel ejecta in Bolgia 11 of the Eighth Circle of Hell (also called Malebolge, reserved for those who perpetrate fraud.) Students of Dante will remind me that there are only 10 Bolgias. I just created a new one for cybercriminals, so there.
Now that I have that off my chest…
Use strong passwords!
Eset.com published a list of the 25 most common passwords, which I reproduce below:
I won’t go into a Freudian analysis of this list, although that topic would be rife with opportunities for sarcasm; however, each of these passwords would be cracked instantly by the average scammer.
Simply adding a few numbers or special characters changes the landscape radically; below is a table of variations on “password”, along with the time required for the average desktop PC to crack it1:
||26 million years
| Password 1234
||51 million years
|| 465 million years
| This Password Is Mine
|| 5 sextillion years
So here are some simple rules about creating passwords that you can use to keep your private accounts safe from hackers:
- Never use a dictionary word
- Capital letters are good
- Special characters are good2.
- Combinations of capital letters are even better
- Adding spaces is best of all (see footnote). A sequence of random words, such as “wolf aardvark tapioca wellsfargo” would take 633 decillion years to crack (that’s 633,000,000,000,000,000,000,000,000,000,000,000.)
So use some common sense with passwords. Try the most secure option within the limitations of whatever website or application you are using, and you’ll most likely be safe from even the most determined of hackers.
The Old Wolf has spoken.
Edit: Related article – 10,000 Top Passwords
1 These figures are calculated over at “How Secure is my Password“. Check it out – it will tell you instantly how strong your password is.
2 If allowed – some system administrators – even financial institutions, if you can believe it – only allow letters and numbers, which insanity irritates me beyond measure.