No Time Like The Present To Update Your Passwords; Zappos and Compromised

By Jason Fitzpatrick on January 16th, 2012

We harp on password security a lot around here and for a good reason. Security breaches are frequent and the best defense is a set of strong and varied passwords. Read on for a password refresher.

If you’re a or affiliate customer you likely received an email late last night explaining that:

We are writing to let you know that there may have been illegal and unauthorized access to some of your customer account information on, including one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password).

Now, if you practice good password hygiene, you have nothing to worry about. You were using a single unique password for the site and even if the password file gets compromised the group responsible will find a only-for-Zappos password like “C&6!s6usWf#KvnT5”. If you’re not so good with password hygiene, the password might look more like “ThisIsTheOnlyPasswordIUseAnywhere” or, more accurately, like “balloon” or some other equally poor password.

If that’s the case, whether or not you’re using the poor passwords on a site that has been compromised or not, it’s time to start practicing good password hygiene. To that end you can get started by checking out our guide to recovering from an email password compromise (the mother of all password breaches and, even if it hasn’t happened to you, a great place to start) and our guide to getting started with LastPass password manager.

Jason Fitzpatrick is a warranty-voiding DIYer who spends his days cracking opening cases and wrestling with code so you don't have to. If it can be modded, optimized, repurposed, or torn apart for fun he's interested (and probably already at the workbench taking it apart). You can follow him on if you'd like.

  • Published 01/16/12
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!