Keep your e-mail account safe from hackers
— -- What would you lose if your e-mail were hacked? Your personal messages and contacts would be compromised. And your messages could include personal photos or financial details.
Recently, vice presidential candidate Sarah Palin's e-mail account was hacked. The contents were posted on the Internet for the world to see.
Apparently, a complete stranger did the hacking. That's how easy it is to hack an e-mail account.
The problem with Web mail
With Web mail, your user ID is generally a part of your e-mail address. Anyone who receives e-mail from you knows your user ID. An investigation into Palin's e-mail usage made her e-mail address public knowledge. So, the hacker only needed her password.
Did the hacker guess her password? No. The hacker created a new one using Yahoo's password reset feature. It's actually pretty easy to do.
To reset the password, the hacker answered a security question. That, too, was gleaned from public information.
Dealing with password reset
Your personal information may not be on the Web, but you could still be hacked. Odds are, you specified a security question and answer when you created your account. Friends and family probably know the answer to the question. Or, it could be found with a Google search.
The password reset is critical. If you answer it truthfully when setting up your account, you're at risk. So don't. Use a nonsensical answer that only you know.
For example, select "What is your father's middle name?" Answer it "my@name@is@kim." Or, use "my+dog's+name+is+Boo-Boo."
It is unlikely that a hacker could supply the correct response. The system doesn't care that your response makes no sense.
Protecting existing accounts
You probably want to keep your existing e-mail account. You probably also supplied correct information when you created it.
Depending on your provider, you can change the answers to your security questions. Yahoo users are out of luck. But Hotmail and Gmail users aren't.
In Hotmail, click your account name and select "View your account." Under Password reset information, click "Change" beside "Question." Change your security question and answer.
Gmail is more difficult to hack. Your account must be inactive for five days before you can reset the password. You can also select your own security question.
Click Settings and open the Accounts tab. Select "Google Account settings." Click "Change security question." Alter your security question and response.
Use a strong password
You still need a strong password. Your password may be easier to guess than you think. Your dog's name or phone number are easily guessed.
Maybe you thought about this and picked a random word instead. If so, be aware that hackers can crack it easily with a dictionary attack, which uses software that tries every word in the dictionary as the password.
You need to use a complex password containing both letters and numbers. If your provider allows it, add a symbol. Use at least eight characters.
I recommend creating a sentence that is easy to remember. For example, "My daughter was born in 2005" is relatively simple. Then take the first letter from each word and keep the year. In this example, you get "mdwbi2005." Such a password is easily remembered, but difficult to guess.
Remembering your passwords
You'll have trouble if you forget your password, but don't write it on a slip of paper. This defeats the purpose of securing your account. Co-workers or family members could find the paper.
Instead, use a password-management program such as KeePass or LastPass. These programs encrypt your passwords; a master password opens the database.
Or, try Pageonce. It is a Web-based password-management tool. You'll find links to these tools at www.komando.com/news.
You should also change your password and clean out your browser's saved data regularly. This includes the cache, saved forms, cookies and passwords.
Finally, don't check "Remember Me" on the sign-in page. That's an open invitation to snoop. Sign out from your account once you've read your e-mail.
—
Kim Komando hosts the nation's largest talk radio show about computers and the Internet. To get the podcast or find the station nearest you, visit: www.komando.com/listen. To subscribe to Kim's free e-mail newsletters, sign up at: www.komando.com/newsletters. Contact her at gnstech@gns.gannett.com.