Thursday, March 26, 2009

A security Alert You Need To Know About


I have been playing around with some article directory databases as of late and noticed a very scary thing. It is the type of thing we all take for granted on any site that we have to create a username and password with. Most of the time, your username and password are not encoded. In playing around with one of the databases, I had usernames, emails and passwords for all 3000 plus members. Scary isn’t it? If you use article directories or any site for that matter that you have to provide a username and password for, you better be unique to that site. If you use the same username and password for several sites, you need to change them. People buy and sell these databases all the time for hackers to get their hands on. For sites that you get paid on, such as Pay Pal, EPN, Pepperjam or one of the many other affiliate programs out three, every username and password better be unique. Sure it is a pain in rear, but identity theft and fraud are higher than ever in a down economy. The article directory and link directory scripts are the worst of these. You may think no one can see this info, but I am here to tell you, anyone who knows how to use phpmyadmin for database administration can get this info in 5 minutes flat. There were a ton of EPN account hijacks a few months ago and this very well could of been how the emails and passwords were attained. Several EPN members use the article directories and if they used the same email and password for their EPN account, they were a sitting duck. EPN has included a bit more security now for any account changes, but that does not mean you shouldn't be any less cautious.

Keep a notebook or spreadsheet if you must for ever login. Once again it is a pain, but can help more than you think. Also use a junk email address for the less important signups. A great deal of sites use the email address as the username, so having an email address for just article and link directory sites will help a great deal. This is a serious matter and I hope you head my advice and change ALL of your very important passwords right this second.

Related Posts by Categories



3 comments:

plin on March 26, 2009 at 11:16 PM said...

This is a very good reminder that we must use different user name and password for different accounts.

One suggestion I have is to encrypt the spreadsheet that contains the passwords. Inside the spreadsheet, instead of writing out the entire password, just write reminders and hints that are obvious to you but not obvious to others.

BF on March 27, 2009 at 8:07 AM said...

I use an open-source program called KeePass to store all my log in info. There is just one master password to get to all the rest. It also has an auto fill feature for those times I don't want to type every name/password on a site.

Anonymous said...

BF has the right idea.

I use Password Safe: http://passwordsafe.sourceforge.net/

I must have close to 60 sets of credentials and other useful information stored in it.

-Anonymous Coward

Followers

Twitter Updates

    follow me on Twitter
     

    Build A Niche Store Blog. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted by Bloganol dot com Privacy Policy