Mark Zuckerberg was hacked. How can any of us stay safe?
Tech billionaires: they forget their passwords, just like us.
A group of hackers broke into Mark Zuckerberg's Twitter and Pinterest accounts over the weekend, revealing the Facebook CEO had across several sites.
The hacking group that claimed responsibility, known as OurMine Team, said it obtained Mr. Zuckerberg's password, identified as "dadada," through a large-scale hack of passwords from LinkedIn.
Zuckerberg had last used his account on social media rival Twitter in 2012, but the hackers also claimed to have broken into his account on Instagram, which is owned by Facebook, .
While the hack wasn't seriously damaging, it does illustrate a number of problems with passwords made up of letters and numbers.
People often reuse passwords or continue to use "123456" or a variety of passwords that reference "Star Wars,"聽according to one annual "worst passwords" list. But there's also the issue that even passwords that are technically strong are easy for computers to guess.
That's because of increasingly sophisticated software that can use "brute force"聽鈥 many attempts over and over again 鈥撀爐o crack a password. Typically, experts advise using passwords that are 12 characters or longer. Variations in spelling, capitalization, numbers and punctuation also make passwords stronger.
To combat password-cracking software, 聽recommends taking a sentence that's personally memorable and turning it into a password.
贰虫补尘辫濒别蝉听听颈苍肠濒耻诲别:
WOO!TPwontSB = Woohoo! The Packers won the Super Bowl!
PPupmoarT@O@tgs = Please pick up more Toasty O's at the grocery store.
Security experts say to keep track of different passwords for a range of sites is also important. They advise enrolling in so-called two-step verification, offered by services such as Gmail and LinkedIn, which sends users a code on their phone each time they want to open their account.
Another important tip is to to sources you can't verify, such as the email saying you need to change your Twitter password that appears to come from a strange domain.
It's not clear why OurMine Team decided to hack Zuckerberg's accounts, though the hackers or malicious attacks, such as on educational game Minecraft and the website WikiLeaks.
Zuckerberg's position at Facebook 鈥 one of the world's largest holders of online data 鈥 coupled with comments he once 聽for sharing so much information, may have made him an attractive target.
But more troubling, some consumer advocates say, are that can offer up millions of users' information for a price.
"It's great that some companies, like Google and Facebook, have very public privacy information, but there are layers and layers of companies who are buying and selling this information whose names you've never heard of using algorithms in ways you could never even imagine," Persis Yu, an attorney at the National Consumer Law Center, said during a panel discussion at the Massachusetts Institute of Technology in March.
Those concerns have fueled the use of alternatives to traditional passwords, such as fingerprints to verify a customer's identity.聽 Google and Amazon have also been testing technology that lets people verify a payment by taking a selfie.
But until better technology becomes commonplace, taking security precautions is still important, many say.
"In will be just one part of a larger continuum of security measures that include chip-and-PIN tools on your credit card, iris scans, facial recognition, and much more," notes Uproxx's Dan Seitz. "Until then, the responsibility of protecting our data falls to us."
