How to Protect Yourself From Identity Theft & Corporate Hacking

During the month of June, the professional networking site LinkedIn got hacked. The website has over 161 million users, and a hacker published over six million passwords without usernames to prove his technological prowess. And what were the most common passwords? Confounding, obscure words such as “link,” “1234,” “princess,” and… “monkey.” Obviously, some LinkedIn users are not NSA-level security experts.

But it’s a problem that trickles up to the executive level. Less than a year ago, the hacker group Anonymous broke into the data of “global-security consulting firm Stratfor” and a follow-up investigation revealed that even the top leaders of a global intelligence company used weak passwords! Anonymous got a hold of information like credit card details and private email addresses from Statfor’s clients including Bank of America, Wells-Fargo, Sony, Google, the United Nations, and the U.S. military.

Nowadays, it doesn’t take much to be a “hacker.” Usually, just a bit of persistence and access to a password-breaking program are sufficient because many of us get lazy about our one line of defense against security breaches: the password. A hacker will simply attempt logins with variations of “123456” and “password,” including “123password,” or “password12345”—as well as other commonly used words such as “admin” or “love.”

Yes, we all have numerous accounts that require passwords, and it’s difficult to remember multiple random sequences of numbers and letters. However, if your account contains information like credit card numbers, bank accounts, personal photos or communications, or if it is one of your online identities, you will want to protect yourself against identity thieves and corporate security threats.

Here are three ways to create a strong, memorable password:

1. Use a phrase that is only meaningful to you as the basis of your password. For example, “Remember, remember, the fifth of November, the gunpowder treason and plot!” becomes: Rrt5oNtgt&p. It is a seemingly random, 11-character passcode but it’s memorable because you came up with it. Using this method, I’ve never had to write down a password or suffer from login attempt failures. Credit goes to this Slate article for this great tip. 
2. Make the password longer than six characters. The longer, the better. 
3. Avoid duplicate passwords. Do not use the same password for multiple accounts. That’s the easiest way for hackers to wipe you out across the board. 

Don’t feel right about the random phrase method? Here are some safe online password generators.

Finally, on the subject of writing down passwords: some say it might be OK to write down non-work-related passwords because most security breaches happen online rather than from home break-ins. As tempting as that is, I would rather use a password management software program (links to free and paid products at the end of the article), which holds all of your passwords in a safe place. This way, you only need to remember one password for all of your private accounts.

--Joanna Kim

Joanna Kim is a writer/content strategist for HRI. She would love to use "monkey" for every one of her passwords.