One of the big issues in the media and the social web this week was the publication of the user data of thousands of Hotmail accounts. Corresponding list circulated on P2P file sharing networks and other relevant websites. To a lesser extent, users of Gmail and Yahoo Mail were affected. Those affected were there early this week about fake e-mails have been lured to fake sites, where they had to enter a username and password () so-called phishing. Microsoft had responded to the immediate closure of the affected accounts. The incident demonstrates once again that even large companies like Microsoft and Google are no guarantee of safety. The most important lesson is that in most cases, in effect, each user is required. In this blog post I want to give a few tips on how to improve the usability of the - very practical - can protect Web mail offerings.
Tip 1: A strong password
A secure password is elementary. But unfortunately many people ignore this rule, as it also shows an evaluation of the hacked account: Passwords "123456" or "12345678" came very often. In addition, most passwords consisted of only lowercase letters and only the least of all were a combination of letters and numbers. The chosen passwords are also often simply too short.
How then does so in a modern, relatively secure password? It initially consists of at least eight - better ten - and is composed of Ignore case characters, numbers and special characters. Moreover, the importance of the password should not be out of a context guessable - not the first name combined with the vintage.
Such a password is generated, for example, the fact that one constructs an easily-to-remember set of eight or more words and numbers.
Tip 2: Multiple accounts for more security
Create several accounts with several providers and to benefit the individual accounts only for certain purposes, such as on online shopping or to register on websites. This minimizes the risk of spam and in the case of a successful attack of the damage is not so great.
Tip 3: Select the webmail provider wisely
Take your time when selecting suppliers. Pay attention to the exact scope of services especially in the area of security: spam filters, anti-phishing features, you can also log in with a free user name or just with your email address, SSL, etc.
Tip 4: The user name is already half the battle!
Knows their user a criminal, he knows already 50% of your credentials! So, choose the user name carefully and avoid using names / aliases by which you are traveling elsewhere in the network already.
Tip 5: Never store credentials in the browser
Enter your access again and again by hand and save it in the browser never - even if this feature is very convenient. They also want to protect yourself from keyloggers, you can use to input the data is not real but a virtual keyboard.
Tip 6: Be vigilant and take your safety into your own hands!
You now have secure passwords for their carefully selected webmail accounts, which all serve specific purposes only. What you can do to enhance security?
Most important : Change passwords regularly.
Check on all sides, and require a password from you, always up before entering the URL: phishing sites differ in their address increasingly from those of legitimate sites (see) to this blog post about the current case, Hotmail.
Save important emails and those that contain sensitive data is always local and remove it immediately on the webmail server, so burglars can find at least no valuable information.
Be careful who you share the information on which platforms, namely, using Google can easily create profiles, allowing the conclusions on possible passwords (see also social engineering).
Find out more regularly on the issues of data protection and security on the Internet, keep your software up to date and alert you to stay!
If you want to have quite sure or need to use appropriate encryption software such as Pretty Good Privacy PGP "or something similar.
Test Your Password
On the side of the Supervisor of the canton of Zurich, you can test online, as are strong or weak your passwords. But be warned: For security reasons, you should enter here never give out their "sharp" passwords, but similarly structured, but allow no conclusions as to the real.
Bookmarks