We harp on password security a lot around here and for a good reason. Security breaches are frequent and the best defense is a set of strong and varied passwords. Read on for a password refresher.
If you’re a Zappos.com or affiliate 6pm.com customer you likely received an email late last night explaining that:
We are writing to let you know that there may have been illegal and unauthorized access to some of your customer account information on 6pm.com, including one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password).
Now, if you practice good password hygiene, you have nothing to worry about. You were using a single unique password for the site and even if the password file gets compromised the group responsible will find a only-for-Zappos password like “C&6!s6usWf#KvnT5”. If you’re not so good with password hygiene, the password might look more like “ThisIsTheOnlyPasswordIUseAnywhere” or, more accurately, like “balloon” or some other equally poor password.
If that’s the case, whether or not you’re using the poor passwords on a site that has been compromised or not, it’s time to start practicing good password hygiene. To that end you can get started by checking out our guide to recovering from an email password compromise (the mother of all password breaches and, even if it hasn’t happened to you, a great place to start) and our guide to getting started with LastPass password manager.