TigerMail: is a frequently accessed page which requires a password. Students should use a password that is easily remembered, but is also difficult to guess.
Passwords are meant to keep private information secure, but with the increasing availability of spyware and the growing number of fraudulent e-mails, individuals are finding it harder than ever to protect themselves with passwords.
Office of Information Technology specialist Seth Humphrey advises students to carefully select their passwords.
“We recommend having a mixture of upper and lowercase letters and numbers,” Humphrey said. “If your system allows you to use special characters, we recommend that, too. And the longer it is, the stronger it is.”
Humphrey said routinely changing passwords may also prevent strangers from accessing your accounts.
“It is recommended you change your password every now and then just in case someone gets a hold of it,” Humphrey said. “And obviously, don’t share your password with anyone.”
Humphrey said no legitimate e-mail from a reputable source will ever ask for a password or any other personal information. He said e-mails that ask for that kind of information are probably part of a phishing scam to commit identity theft.
Sarah Hodges, a junior in communication disorders, said although her accounts have never been tampered with, she doesn’t feel her accounts are adequately protected by her password.
“My passwords probably aren’t as secure as I would like,” Hodges said. “I should probably think about changing my passwords when I think about how simple mine is.”
Hodges said she uses the same password for all of her accounts, because it’s easy to remember one password for everything and because she doesn’t feel like changing her password for her accounts.
But Hodges still tries to be careful when she’s online.
“I try not to buy from anyone online unless they have a little lock in the address bar to let me know it’s safe to buy from them,” Hodges said.
Andy Bass, a junior in history, said he feels his passwords are secure.
“I take many precautions to ensure the safety of my information,” Bass said. “I change my passwords for each important account I have. Those passwords are all different and all are changed every couple of months. For things that aren’t so important to me I have two passwords and different user names for each. I change those whenever I update software or change something on the site.”
Bass said he has some friends who have had accounts hacked into because a password was taken through a phishing scam and others who have had accounts hacked into without a password being stolen.
“For me, keeping my online accounts secure is about limiting information on those sites,” Bass said. “For example, if a person has a Facebook with their full name, address, phone number, etc., then they run a very high risk of having their identities stolen.”
Bass said even deleted information can often be accessed.
Bass advised not responding to e-mails that ask for a password because banks, businesses and Auburn University will not ask for a password via e-mail.
“There are many ways to steal passwords as well,” Bass said. “Many times your computer has bugs from Web sites or other places that are logging your keystrokes, taking inventory on your hard drives, or capturing your visual data like e-mail or other conversations.”
“Photobucket and Myspace accounts are easily hacked without a password,” Bass said.
May 1, 2008 - 12:35am
I have an idea... Let's have
I have an idea... Let's have COMP-1000 actually teach something relevant for a change -- Personal Computer Security. How many of you know how to check the identity of a website to make sure that what looks like Wachovia or Tigermail really is Wachovia or Tigermail?Also, “Photobucket and Myspace accounts are easily hacked without a password” has either been taken quite out of context or Mr. Bass is quite wrong. If MySpace accounts were "easily hacked without a password," MySpace would be liable for every breach. There aren't any publicly known "myspace exploits" -- you have to either have a users' password or be able to deduce their password. It is possible to breach a website's security without dealing with passwords at all; however, it's not nearly as common as you might think and it is pretty difficulty, and generally, this happens on such a large scale that most or all of the users on the website (or multiple websites) will have their accounts breached at the same time -- something that ends up being very public and very nasty.