First up, for those of you who know what’s going on and happen to like Xiaxue, this is not a Xiaxue bashing post. For those of you who don’t like Xiaxue, I say again…this is not a Xiaxue bashing post. For those of you who think this is about Xiaxue not knowing techno dance music…I have no idea what else to say about that one except…no, it’s definitely not about that either.
That being said, let’s get on with the post.
A lot of my life revolves data, information and secrets. So naturally…a lot of my life revolves around the net, people in it and the ways to protect information from those people. Now…I’m not THE best hacker around. All I do is your basic low key stuff like packet sniffing and SAM cracking from time to time when people need it. But what’s important here in regards to Xiaxue is the fact that both of her Blogger and Gmail accounts got broken into…which begs two questions.
- How simple was the password?
- How much time did the person spend to break the password?
That ladies and gentlemen, is what it is all about. Time. How long it takes for us to break your passwords depends entirely on how simple your passwords are. Those of us who just spend time to put in the minimum letters for a password aren’t really going to be very safe considering it can take a pretty short time to run through all the probabilities that those letters have. It takes an even shorter time if that password can be found in a dictionary.
So it comes to the first lesson of all this.
Use long passwords you can’t find in the dictionary.
Of course, the simplest ones you can remember would simply go like:
“bEtChaAintgOnNAdiGtiS1” or “br34kth15n0wY0u455h0Le5”
Just remember the rule of the thumb. If it’s more than 10 words. You’re pretty much safe. If it’s got numbers, then you’re even safer. If you back it up with upper and lower case keys then change it every 60 days, judgement day would arrive sooner than it would take for anyone to break that password of yours. It just follows a simple equation that’s all.
Complexity = headache.
It works for my blog, it can work for you too.
Of course, breaking into a blog or an email is a sad thing. Having three years worth of posts deleted because of that break-in is a sheer blogocidal attrocity. Ironically enough…there is a solution to all that…and I blogged about it yesterday here in this post.
That’s right, as long as we all backup our data in a safe place, come hell or black-hats, whatever you saved up for so long would still be there for you to put it back up.
As far as I know, fans of Xiaxue are at this very moment scouring google-cache for the rest of her posts which are floating around there in C-space. Not the best form of backup…but if they pull it all the together in the end, the best scenario is that you should be able to recover at least 95% of all her posts that have been deleted.
All I do is delete the oldest backup in my mailbox and download the newest backup onto my computer as my blog emails them to seperate unknown email account.
Double redundancy and double the safety.
My best recommendation to anyone who doesn’t want the same thing that happened to Xiaxue happen to them. Get yourself a webhost and at least publish your blogs there. You have a backup redundancy on both blogger and the webhost in case something goes wrong with one of them. Given that you would have a complex passwod with you at all times, I highly doubt someone is going to break in and erase everything.
Or…you can do what I did and use this instead.
No harm no fowl.
So what are you waiting for?
Don’t you think it’s time you upped your blog security a little bit more?
Wouldn’t want the worse to happen to you now won’t we?