Zappos Hacked – What We Can Learn About Password Strategy

January 18, 2012

Share this post

Time To Review Your Password Strategy To Ensure Account Safety

Over the Weekend, Zappos, the popular online shoe retailer owned by Amazon, alerted it’s 24 million customers and employees that their database had been compromised.

The hackers gained access to Zappos internal network acquiring their customers sensitive data including: name, e-mail address, billing and shipping addresses, phone number, the last four digits the credit card number and and/or the cryptographically scrambled password (but not the actual password).

If you were one of the 24 million Zappos customers whose information was stolen, you were urged by Zappos to change your password.

Passwords however, are not an easy thing to change. They are more of a habit of keystroke. Ingrained in our memory. Maintaining one password different from the other hundreds of passords you have is very challenging. You need a password strategy that makes sense and is secure. You need to learn more about passwords to maintain your account safety everywhere.

What Is A Secure Password?

Like all websites, your security is only as good as your password. Its easy to create a very strong password if you know “when a password is secure.”

A secure password has more to do with the length of characters and number of words (3 words strung together is more secure than 2, 4 words is exponentially more secure than 3) than symbols or numbers mixed in that only cause confusion and lead us to forget the most important phrase we have to remember. Who can remember: R4me[]r0). No One!

Here are two excellent articles on passwords I strongly recommend reading. Neither are technical and are easy to understand:

First: creating long, easy to remember passwords using a random word generator.

Second: For a bit more understanding why using 3 or 4 random words together is the best method, have a look at the usability of passwords. You will get a kick out of the chart that says: “This is Fun” will be secure for 2,537 years!

In light of the Zappos security breach and our reliance on strong passwords everywhere everyday, these articles are worth the read.

I would also highly recommend a password manager like 1password or Lastpass – each have their merits and integrate with most, if not all smartphones.

New Password Strategy Conclusion

Zappos should be a reminder to us all that even the best online companies are under cyber attack all the time.

Adopting a new password strategy is not easy, but it is critical. It is up to each of us individually to protect our sensitive and private information. It all starts with a great password.

Leave a Reply

1214 West Boston Post Rd.
Mamaroneck, NY 10543
914-472-5731 — Phone
914-381-1831 — Fax

Davis Investigations, Inc., a professional private investigation company specializing exclusively in video surveillance is licensed in New York & Connecticut. Since 1989 their expert private investigators have been obtaining surveillance video in Insurance, Medical Malpractice, Personal Injury Fraud, Child Custody Investigations, Child Support Investigations, Divorce cases and Catching Cheating Spouses, Catching Cheating Husbands and Catching a Cheating Wife, etc.

Davis Investigations, Inc. have the best private detectives providing legal support to law firms / attorneys as expert witnesses in New York City, Brooklyn, Queens, Staten Island, Bronx, NYC, Long Island, White Plains, Mamaroneck, Westchester, Manhattan, Albany, Putnam, Dutchess Counties, New York, etc. and to insurance carriers in Connecticut, Hartford, New Haven, CT, Stamford, CT. Further, we run background checks, skiptraces, locate a witness, and more!

Also Serviced by Web Solutions2 logo