With the recent revelations that Chinese hackers infiltrated both The New York Times and The Wall Street Journal, I thought it was time to look into password security again. The hackers were monitoring the newspaper’s China coverage and wanted to know what reporters were involved.
The hackers were after employee passwords so they could access email accounts and other resources. Both organizations claimed they only accessed emails and there was no further damage, but only time will tell.
I haven’t seen any reports on how simple or complex the passwords were, but if the reporters are like most of us, they probably had something that could be cracked with a simple dictionary attack. Last month I wrote about reviewing passwords and making sure you have a bit of complexity in them. The key thing is the length of your password and using characters that aren’t in a dictionary.
Using “MyNameIsRon————–” is better than “$3d(u7”. It’s a lot easier to remember the first one than the second one.
Now this is a very secure password. It’s a bit tongue in cheek, but you get the idea. Of course not all of us are androids.
Photo credit Bruce Clay, Inc.