Unfortunately many of us are still not practicing safe security habits when online. This week’s example of how Naoki Hiroshima’s coveted one-letter twitter handle got stolen teaches us that it is indeed hard to protect ourselves. Long story short, basically some businesses out there apparently will authorize access to your account just by providing the last four digits of a credit card. What can you do to protect yourself? Protecting yourself against these types of social engineering attacks is indeed difficult. But here are some basic tips. When making purchases online, provide only the information which is necessary. Try your best not to use the same password on multiple accounts. Use services like Lastpass to help manage multiple passwords. If that is too much to ask, at least keep a higher level of security on your banking and email accounts. Remember that your email account is how most services authenticate you and where they send password reset instructions. Use the most complex and unique passwords you can think of for your email. If a hacker steals your email, they have open access to most of your digital life. Also remember that stealing passwords in bulk is becoming all too common. Although most services may store your email encrypted, there are many tools out there that can break into common passwords within a matter of hours or minutes. The longer and more random your password is, the more protected you are. Finally, any time a service you use announces a possible data breach, change your password and never use that password again on any other service.
— David Karim (@davidkarim) January 29, 2014