In light of the massive Twitter security breach (yes, we’re still skeptical of the claim that it was just a password reset) earlier this month, some users might be worried about protecting their accounts on social media networks.
Andrew Jaquith, CTO of Perimeter E-Security and former Forrester analyst on password security, posted some great suggestions regarding account security on the Perimeter E-Security blog (where he is a frequent contributor). Consider this one a freebie, social network aficionados! It’s not every day you get expert advice at no charge.
Protip no. 1: Password expiration:
Protip no. 2: Using LDAP, AD, and single sign-onto reduce passwords you need to remember:
Protip no. 3: Password management tools:
“I did not change my LinkedIn password until more than two weeks after LinkedIn disclosed that its password database had been hacked. I have previously used a third-party password management tool called 1Password, which creates an encrypted vault of passwords, all protected by a master password.
“I use it to generate unique, long and complex passwords for every website I join or log into. As a result, none of my website passwords are shared. They are all unique. And they can’t be easily brute-forced.
“Some of my passwords are 36 characters long. If you follow a strategy like this as well, when the next big website gets knocked over, you won’t have to care either.”
You can follow the Perimeter E-Security blog, which contains tons of useful security-related tips and information, here. This isn’t a dig on Twitter. They’re going to do everything they can to protect the security of their service, and they are looking out for their users. It just doesn’t hurt to be a little proactive yourself, and take some of that responsibility into your own hands.