All Tech Considered
Thu August 9, 2012
Simple Ways To Avoid Being Hacked
Originally published on Fri August 10, 2012 11:02 am
Hacking. We often think of it happening to companies or governments. But it also happens to ordinary people. Mat Honan is a technology writer for Wired magazine whose computer and Internet accounts were hacked.
"I lost a year and a half of pictures of my daughter, pictures of her with her great-grandparents who are now deceased. You know, wonderful precious memories that I'm hoping to get back," Honan told NPR's Morning Edition. The hackers used loopholes in the security at Amazon and Apple to obtain personal information about Honan. Both companies say they are addressing security problems.
Some of what happened to Honan was avoidable. What's scary about his situation is that almost all of us are vulnerable. But we can take steps to stop it.
Step 1: Tough passwords
You need to have a separate password for each account, so that if one account gets hacked, all of your vital information is not vulnerable. The problem is that it's tough to remember dozens of passwords. The answer: a password manager. There are a variety of third-party software programs that will create and store passwords for you.
"It's just ridiculous that people are still creating their own passwords," says Lance Ulanoff, chief editor at Mashable.com. This is the first and simplest thing you can do. Ulanoff says it also takes away the anxiety that comes along with password management.
Step 2: Two-Part Authentication
When you log on to many different computers — especially shared computers — to access your email account, you are especially vulnerable to hackers.
Many websites are moving toward two-step verification. Google is one. Essentially, it means that you need more than a password to log into a new account. If you use the service, you have to remember a password but also remember a special key that gets sent to you as a text.
Step 3: Change Your Behavior
"I hate to say it, but the reality is they need to share a little bit less," says Ulanoff.
Ulanoff says we probably don't want to go back to the pre-social media days, but oversharing may not be just embarrassing, it may cause harm. Things like birth dates and graduation years can be used to access your information. That doesn't mean you need to shut down your online presence, but be careful what details you put out there.
Step 4: Consolidation
Remember Friendster? Or MySpace? Whitson Gordon, senior editor of Lifehacker.com, says that back in the early days of the Internet, it would have been hard to imagine "10, 20 years down the road when we would have so many services we're grappling with."
So sit down and think about the last 10 years of your online life. And then delete the accounts for the services you signed up for and no longer use.
Step 5: Back It Up
"If there's one thing I have to hammer home with everybody, it's back up your data," Gordon says. You can either use an external hard drive or an online service. As more of the things we care about get stored electronically, the more vulnerable they are to get lost. If your smartphone gets stolen with wedding photos on it, there won't be as much heartbreak.
Doing all of this takes time, energy and money. But being hacked can be the gateway to identity theft or worse.
Both Gordon and Ulanoff say it's worth the effort for the security.
For other tips on protecting yourself online, you can visit a special FBI website.
AUDIE CORNISH, HOST:
From NPR News, this is ALL THINGS CONSIDERED. I'm Audie Cornish.
MELISSA BLOCK, HOST:
And I'm Melissa Block. Hacking - we often think of it happening to companies or governments, but individuals can also be the targets; people like Matt Honan, a technology writer whose computer and Internet accounts were hacked. He told his story on MORNING EDITION, earlier today.
MATT HONAN: You know, I lost a year and a half of pictures of my daughter; pictures of her with her great-grandparents, who are now deceased, and just really - you know, wonderful, precious memories that I'm really hoping I'll be able to get back.
BLOCK: The hackers used security loopholes at Amazon and Apple, to obtain personal information about Honan. Both companies say they're addressing the problems. NPR's Sonari Glinton looks at some things you can do, to protect yourself.
SONARI GLINTON, BYLINE: I'm sitting here at my desk and, like most of you, I've got a ton of stuff - a work cellphone, personal cellphone; I have a tablet; I've got a laptop computer. And if I just count NPR's logins - and things like that - I have a login for the network; I have a login for the travel website; I have a login for my annual performance review. And each of these devices, or logins, contain really vital pieces of information that if you got a hold of, I'd be in big trouble.
LANCE ULANOFF: Essentially, what's happening here is, you're leaving yourself open - your whole life open - to what I call triangulation.
GLINTON: Lance Ulanoff is editor of Mashable.com, a technology website. He says the first way to protect yourself, is to use good passwords. Thing is, most of us are simply not doing that.
ULANOFF: It's just ridiculous that people are still creating their own passwords. They all - to a person, I think they will admit, they're terrible at it. And they don't even really expend any effort on it.
GLINTON: Ulanoff says the best way to deal with the password tangle is to use a software that creates and stores passwords for you. Then you only need one, super-secure password. It's not just enough to get strong passwords. Ulanoff says you have to change your behavior.
ULANOFF: I hate to say it but the reality is, they need to share a little less. They need to put a little bit less information out there. You know, their Facebook pages, their MySpace pages, their Twitter accounts - they're constantly sharing information, details.
GLINTON: It's the details that get you into trouble - your birthday and date; where you went to grade school; posting photos of your vacation while you're on vacation. Not a good idea. IT professionals have been saying it for years but back up your data, back up your data, back up your data. Ulanoff says, think about consolidating your online presence.
ULANOFF: Oh, I'm still on Friendster. Wait a minute, no one's still on Friendster. Well, I have an account out there - you know. They say oh, I'm still on MySpace. Really? You know - when was the last time you visited? Five years ago. OK, it might be time to shut it down.
GLINTON: You know what's funny about that? I don't even know.
ULANOFF: (LAUGHTER) Yeah. I mean, that's the big problem. There's digital debris everywhere. We are leaving trails that go back years, now.
GLINTON: The final thing is to use two-part authentication - something that you know, like a password; and something that you have, like a thumbprint. Here's the thing about doing all of this: It takes time.
Whitson Gordon is senior editor at LifeHacker.com. The site gives tips on using technology to ease daily life.
WHITSON GORDON: Well, unfortunately - you know - I can tell all of my friends to use separate passwords, and use a password manager; enable two-factor authentication; but it's really not convenient.
GLINTON: Gordon says until now, most companies have been more inclined to make things easier, not necessarily safer.
GORDON: And I think that a lot of them are realizing that security comes first, convenience comes second, in this day and age; with people getting hacked, and identity theft being so rampant. And I think we're at the point where we're starting to realize how to be more secure; and now, we need to figure out how to make that more convenient for us, the average user.
GLINTON: Gordon says it's going to take a long time for the companies to figure out simple and safe solutions, so don't hold your breath. Until then, back up your data.
Sonari Glinton, NPR News. Transcript provided by NPR, Copyright National Public Radio.