READ THIS: It's Important.
Wednesday, April 14, 2010 at 11:24AM Good Morning;
I'm writing this to you to warn you about a new trend that's appearing.
Within the last week, I've found out about four different people (including myself) who have had hotmail or gmail accounts hacked. My spam catcher email account was hacked, and according to the gmail logs, it was accessed by an IP address originating from somewhere in China.
When these accounts are compromised, they use it to mass mail a spam message ( I've seen them for electronics and pharmaceuticals so far) to everybody in the user's address book.
At this point, they are not doing anything malicious to the users account, but that could change. There's nothing stopping them from using a compromised email account to gain access to your paypal account, your online banking or other sensitive information. Just think, what happens when you click the "I forgot my password" link on your online banking? THEY EMAIL IT TO YOU. If they're in your email, they could change the password and use it to get into far too many other aspects of your life.
That's why it's incredibly important to have a STRONG password. Pay particular attention to the difference between using only lowercase characters and using all possible characters (uppercase, lowercase, and special characters – like @#$%^&*). Adding just one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.
The following table demonstrates how long a standard dictionary based password cracker takes to crack a password. I strongly urge you to chose a password that's at least 8 characters long, and contains at least one upper case letter and a special character.
| Password Length | All Characters | Only Lowercase |
|---|---|---|
| 3 characters 4 characters 5 characters 6 characters 7 characters 8 characters 9 characters 10 characters 11 characters 12 characters 13 characters 14 characters |
0.86 seconds 1.36 minutes 2.15 hours 8.51 days 2.21 years 2.10 centuries 20 millennia 1,899 millennia 180,365 millennia 17,184,705 millennia 1,627,797,068 millennia 154,640,721,434 millennia |
0.02 seconds .046 seconds 11.9 seconds 5.15 minutes 2.23 hours 2.42 days 2.07 months 4.48 years 1.16 centuries 3.03 millennia 78.7 millennia 2,046 millennia |
While we're at it, Here's a list of the top 10 most commonly used passwords. Don't be an idiot and use them (and don't get cute and just use a variation of them either.)
- Your partner, child, or pet’s name, possibly followed by a 0 or 1 (because they’re always making you use a number, aren’t they?)
- The last 4 digits of your social security number.
- 123 or 1234 or 123456.
- “password”
- Your city, or college, sports team name.
- Date of birth – yours, your partner’s or your child’s.
- “god”
- “letmein”
- “money”
- “love”
I've included links at the bottom of this email if you want more information, or instructions on how to change your email password. Feel free to forward this to your friends.
Please take this seriously. These spammers are only going to be the first ones doing this, and if four people ( that I know of) in a tiny little town in northern Manitoba got hit within three days, you're not as safe as you think you are. I hope you take this warning seriously and beef up your email security before it's too late.
http://onemansblog.com/passwords
http://ask-leo.com/how_do_i_change_my_windows_live_hotmail_password.html
http://email.about.com/od/gmailtips/ss/wt091404.htm
http://help.yahoo.com/l/us/yahoo/edit/id_password/edit-13.html
;)
