Twitter admits to password storage blunder – change your password now!

Today Twitter admitted that the company had made a serious security blunder: it had been storing unencrypted copies of passwords.

Twitter claims that it has now “fixed the bug” and that its investigation “shows no indication of breach or misuse by anyone”.

Twitter therefore suggests merely that you “consider changing your password”.

Please do change your password(s) as soon as possible. There is no information about how long passwords have been out there in plain text or whether hackers managed to harvest any of them.

Check It Out: 25 Worst Passwords of 2014 (Not Still Using 123456, Are You?)

SplashData has announced its annual list of the 25 most common passwords found on the Internet which makes them the worst passwords that will expose anybody to being hacked or even identity theft.

“Passwords based on simple patterns on your keyboard remain popular despite how weak they are. Any password using numbers alone should be avoided, especially sequences. As more websites require stronger passwords or combinations of letters and numbers, longer keyboard patterns are becoming common passwords, and they are still not secure.” ~ Morgan Slain, CEO of SplashData

Read the full article for more details and tips on keeping your data secure with good passwords.

Passwords, it’s as easy as 123

Simple passwords are easy to remember, and they are equally easy for hackers to crack. Many of those easy passwords are on default hackers’ lists. Like the word “password” that is still the most common password in use today.

Switching to a more complex password can be unsettling (what if you forget it?), but a hard to crack password does not have to be impossible to remember. Bob Russo shows examples of reasonably memorable passwords that will keep your site and online accounts with sensitive information safe.

Lessons I Learned When My Blog Got Hacked

This is one artist’s story of getting hacked, cleaning her blog after the hack, and what she learned in the process: Lessons I Learned When My Blog Got Hacked. Although Lori’s site is powered by WordPress, most of her article can be applied to any web site.

Defying Brute Force Attacks on WordPress Logins

There is a technique known as brute-force attack. Like the name implies, access is gained to your environment through brute force. Often conducted by bots, these attacks will run through a compiled list of common passwords and their variations. Using this method the attackers are gaining access to your admin to send spam from your web site, deface your pages, or inject malicious code into your WordPress installation.

Your first line of defence against these attacks is changing the admin username to something other than the default “admin” and creating a strong password that is hard to guess even for a bot.

Lorelle VanFossen explains how to create a strong password that is not terribly long and is easy to remember. Her technique is a little unconventional, but stick with her through the article and you will end up with multiple passwords based on the same word