Wired’s Mat Honan got his password hacked. He then lost almost all of his digital life in a matter of minutes. His original article was a fascinating if somewhat alarming reminder to choose proper passwords and enable two step verification where possible. His follow up article on how he recovered all that lost data was just as exciting a read but at least it had a somewhat happy ending.
His latest article (an aptly named “Kill the Password”) is a somewhat brutal analysis on how meaningless password protection is nowadays. I’d recommend that everyone go read it:
You have a secret that can ruin your life.
It’s not a well-kept secret, either. Just a simple string of characters-maybe six of them if you’re careless, 16 if you’re cautious-that can reveal everything about you.
Your email. Your bank account. Your address and credit card number. Photos of your kids or, worse, of yourself, naked. The precise location where you’re sitting right now as you read these words. Since the dawn of the information age, we’ve bought into the idea that a password, so long as it’s elaborate enough, is an adequate means of protecting all this precious data. But in 2012 that’s a fallacy, a fantasy, an outdated sales pitch. And anyone who still mouths it is a sucker-or someone who takes you for one.
No matter how complex, no matter how unique, your passwords can no longer protect you.
I tend to trust technology more than I shoulda e have enabled cloud backups for most of my stuff. Like Mat I too have a somewhat blind faith that my passwords are sufficiently strong and complicated enough to prevent them from being guessed. Unlike him I have more than one unique password depending on the service I’m using. Unfortunately as pointed out, often an email address is all that someone needs to get access to your online stash and wreck havoc thereafter.
My wife on the other hand is a hard copy person. Photos she loves are printed and stuck in photo albums. She prefers getting hand written letters from me instead of email and her organizer of choice is still the humble Filofax.
With all this mindless hacking going around (perpetrated by kids no less!) maybe it’s time for me to stay less on the cloud but rather back on solid ground?