Hacked Enough – Time for a security rethink!


Recently, I’ve had my name, email address and password ‘comprised’ (or, I would say, stolen) from at least three different websites, Evernote, LinkedIn and Jawbone. Technically, LinkedIn didn’t tell me that my information was comprised. I’m just guessing that it was. The other two sites assured me that nothing more nefarious had happened as far as they could tell and that my password was encrypted so it would be a challenge for the thieves to decipher it. Like a lot of people, I reused the same password on my websites and application logins. My recent spate of ‘break ins’ has caused me to rethink that.

splashidI use SplashData’s SplashID Safe for my password management. There are other options out there but I have used it for many years over multiple platforms, going from Palm to BlackBerry to iPhone and from Windows to Mac.  I see no reason to change now.

As I log on to websites and applications, I am changing my password to a randomly generated one. Doing so may be a little drastic and inconvenient but it seems like there have been a spate of compromised websites of late.  Will this prevent me from being hacked in the future?  No, but at least if the bad guys get one of my passwords, it will be just that —- ‘one’ of my passwords for only one site.

 

 

With SplashID Safe, it is very easy to generate a random password.  Actually, it can generate a random value for you for any field — Title, Username, Password, URL and custom fields. Obviously, it makes more sense to use this feature for some information (Username and Password) than for others (Title and URL).
splashid3The generated value can be from three to thirty characters in length. Obviously, the more characters, the stronger it is. You can also specify what character sets to use:
o Lowercase letters (a – z)
o Uppercase letters (A – Z)
o Numbers (0 – 9)
o Special characters (!@#$)
o Greek letters

SplashID Safe will indicate how strong the password is from Weak, Fair, Good to Excellent.  In the desktop version, you can also specify whether it should be pronounceable or not and how strong it should be.


In the desktop version, numerous possibilities are generated and you select the one you want to use. In the mobile version, a possible entry is generated. If you don’t like it, just keep generating them until you find one to your liking.

Remembering random passwords is a little challenging.  I’m usually looking them up.  For a few, I’ve made some crazy sentences that correspond to the password.  For example,  2fws4BsT, could be ‘Two friends went shopping for blue shoes today.’  Nonsensical but helpful.

SplashID Safe costs $9.99 for an iOS device and $19.99 for the Mac OS version and is available in the respective App Store. It comes with a 60-day money back guarantee so there is no risk in trying it out. Supported platforms include iPhone, iPad, Android, BlackBerry, Palm OS, and Windows Mobile as well as Windows XP or later and Mac OS 10.5 (Leopard) or later.

About the Author

Judy Novotny

Judy is a computer veteran with 30 years of experience. She has owned everything from a TRS-80, Apple IIe and various Windows-based PCs. She is currently living in her Apple ecosystem at home consisting of an iPhone, iPad, iMac, MacBook, Apple TV, iPod nano and two Time Capsules. She is a fan of all things mobile since she got her first Palm Pilot in 1999. Check out her iPad app, Number Wizard, in the App Store. Follow her on Twitter @junovotech or at Junovo.com.

2 Comments

  1. Karen,
    Personally, I don’t use public wireless hotspots. I have major concerns security-wise, especially since I had an experience a few years ago of having some information stolen via a hotspot.
    According to SplashData’s website, SplashID Safe has “Unbreakable AES and 256-bit Blowfish encryption provides proven protection for safe password management; secure field masking offers additional protection for sensitive data like passwords; automatic password generator feature creates un-guessable passwords and prevents the security risk of using the same passwords repeatedly”.
    According to TopTenReviews (http://password-management-software-review.toptenreviews.com/splashid-safe-review.html) from Tech Media Network,
    “SplashID Safe utilizes AES and 256-bit BlowFish encryption to secure your personal information and passwords. This is highly adept security that is nearly impossible to decrypt. Other security features include the ability to mask fields so that onlookers cannot see what your passwords and usernames are.”
    So, it looks like it would be very secure. But, like I said, I don’t trust public wireless hotspots.
    Judy