Saturday, August 4, 2012

Cloud storage is scary, and here is why.....PaSsWord

I'm not a huge fan of iCloud or any cloud based anything......slowly but surely, we are headed in this direction.

This morning I came across an unfortunate tweet that solidifies my worries. Click this link to Mat Honan's blog and see inside his NIGHTMARE.  

Someone cracked Mat's iCloud password and literally remotely wiped ALL of his Apple devices and gained access to his email and other linked accounts and locked him out.  Not only can this happen to your iPhone, iPad, or iPod, it can happen to Android, your email accounts, PayPal, eBay, EVERYWHERE YOU USE A PASSWORD....and in a matter of moments, if you read Mat's timeline, EVERYTHING IS GONE and more than likely will not be recovered.  I'm hoping he can recover SOMETHING, there is nothing worse than losing photos and other valuable pieces of data.  And with social networks now linking and apps using "log on using Facebook" options, so much can go wrong if you get cracked.  

Before you read further, I want to state the this can happen to ANYONE, regardless of how strong of a password you create for your accounts.  All you can do is reduce the likelyness of this happening.  Being technical, one can assume that Mat took measures to secure his devices.  That being said, none of us are exempt from being hacked.

Because we all think we are smart, some of our passwords can be hacked in seconds.

Thought you were a genius when you created your password five years ago?  Well head on over to 
http://howsecureismypassword.net and find out just how long it would take ONE PC to crack your password.  It also gives you tips on how to improve the security of the password you are testing.  This is a very useful tool.  The site changes color based on level of security.  When my passwords came up red, I modified all of them until I reached level green.  Twelve character alphanumeric and symbol based passwords will get you into the million year level, 14 will take you to billions of years.  Again, this is theoretical based on the power of ONE PC.  With the power and availability of cloud computing, one can literally crack a simple password in seconds.

Being a nerd, I thought my passwords were really tricky.

Using http://howsecureismypassword.net , my best password would take a million years to crack. After following the tips, it would theoretically now take 157 Billion Years.......My worst password, 11 MINUTES.  Yep, 11 minutes.  A hacker can purchase some cloud computing time, and that 11 minutes becomes a nano second.

As far as iCloud goes, I currently only use iCloud for contacts, reminders, and Find My Phone.  The only other cloud service I use is DropBox for my PKGbackup files for my Jailbroken devices.  And today, we are all pretty much using web based email services and apps on our devices.  Security is very important, we are all connected to the internet 24/7 in many aspects of our lives.

Food for thought:  After reading Mat Hanon's post, you should take this seriously.  Data loss and identity theft can really set you back.  I also want to add that with Find My Phone enabled on your iPhone, iPad or iPod, YOU CAN BE TRACKED ANYWHERE if someone cracks your password. That's right.  So don't share your password, an angry EX, estranged spouse, any wacko can literally track your every move. Not only on an iDevice, Android based devices and laptops can all be tracked.

Here's some tips from Bruce T:
  • Create a password using numbers, letters, capital letters, and symbols.  You can use the tool above.
  • NEVER share a password for any data or financial critical sites.
  • If you are using an iDevice--or any account based OS, make sure that you are the only one that knows the password.
  • Don't use the same password for EVERYTHING
  • Don't use the same password FOREVER, experts recommend changing them every three months.
  • Don't use personal data like your address, date of birth, phone number, etc to create a password.
  • Having trouble remember all of your passwords, use a password database software package like KeePass to store, manage, and encrypt your passwords.  Click here for more info on KeePass. CLICK HERE TO GO TO KeePass WEBSITE
  • Take this seriously.  Click here and check out the FBI's Cyber Crime website.  Scary Stuff.
Now don't panic, just evaluate your passwords and make the necessary changes to better secure your online existence along with your data and devices.

That's how Bruce T does it.

Don't forget to follow @brucetdoesit on Twitter!!!!!


No comments:

Post a Comment