Mark Zuckerberg’s Twitter and Pinterest accounts were recently breached by hackers going by the name of OurMine Team. Yes, we are talking about THE Mark Zuckerberg, Chairman and Chief Executive Officer of Facebook, Inc. Ironically enough, Facebook’s first security tip for users is, “Don’t use your Facebook password anywhere else online.” Apparently, “the man” himself didn’t heed his own company’s advice.
It’s unclear as to exactly how OurMine Team pulled off the hacks, but the group is claiming that Zuckerberg’s password was included in the LinkedIn password dump from a few weeks ago. It appears that nothing malicious was posted by the OurMine Team, other than a tweet including Zuckerberg’s password; “dadada.” It’s safe to say that we at WatchPoint are extremely disappointed in @finkd’s (Mark Zuckerberg’s Twitter handle) lack of security savvy with his own passwords.
What is Password Fatigue?
Password fatigue is that feeling you get when you go to type in a password and know you aren’t going to remember it. Password fatigue comes from either being required, or knowing you should, have different passwords for each online and offline login.
In the last two months, over 500 million usernames and passwords have been dumped into the Dark Web by a hacker who goes by the name of “Peace.” Chances are you have or have had a LinkedIn, MySpace, or Tumblr account at some point in time. “Peace” has claimed responsibility for all of these data breaches and if you have ever had one of those accounts, you could be in danger of being hacked. If you haven’t already, you need to change the passwords not only to those accounts but also any other accounts that have that same password.
Most hackers probably don’t care about gaining access to your social media sites, other than to perform phishing scams. However, they will use these usernames and passwords as a means to gain access to your bank accounts or accounts that contain personally identifiable information. You make it especially easy for them if you use the same username and password across multiple accounts. If you are one of those individuals, we strongly advise that you not only have different passwords for each account but stronger ones as well.
What Makes a Good Password?
While data breaches and password dumps are out of your control, it’s still extremely important to create not only passwords that are difficult to crack but ones that are different for each of your accounts. Whether it’s Facebook, Twitter or other forms of social media, for your bank accounts, email or even the password to login to your work computer, every account should have its own password.
According to CNET, each of your passwords should be at least 16 characters and contain a combination of numbers, symbols, uppercase and lowercase letters, and spaces. The password should be free of repetition, dictionary words, usernames, pronouns, IDs, and any other predefined number or letter sequences.
2FA
Aside from making a strong password, enabling two-factor authentication (2FA) (also known as two-step verification), is another great way to protect your accounts. Many services offer 2FA where you will be prompted to enter a code sent via text message or phone call when signing into your account. This would require hackers to not only have access to your password but have access to your text messages as well, making your account much more secure and harder to hack.
While we would all probably like to have Mark Zuckerberg’s financial status, let’s one-up Mr. Zuckerberg in the password security department and take the extra steps to secure our on-line privacy.
