Hack exposes 42m passwords – Worse part, they were kept in open

Cupid Media is an online dating site. Like many other such sites, young and old singles flock to it. Cupid Media operates over 30 niche dating websites based on ethnicity, religion and social preferences. In a recent hack, it exposed over 42 million passwords and other personal details. yeah, it happens. But wait, that is not the whole story. The worst part of the story is that Cupid Media had practically no security in place for protecting the privacy of its users. All User details, including passwords, usernames, and birthdays were kept in plain text. Yes! Plain text ! No encryption, Not even a simple hash. That is a shame.

Read more here.

The sad part is that no amount of creativity on your part in creating a strong password or using any password manager would have helped in this case. It is just a case of stupidity on the part of Cupid Media to have exposed all personal data of its users. It is a lesson for all of us. Whenever you sign-up for new sites, ask a lot of questions and find out what information is really needed by the site and how are they keeping that data. And once you are satisfied that the website is going to keep your data safe, user a reliable password manager (like Strong Pass) to manage your passwords and keep you protected online.

Use browser to save passwords? STOP NOW !

personal-data-digital-worldWe live in a digital society. We watch movies, read, edit, share documents, text and video-chat online. We read our emails online as well as manage our bank accounts online using a browser right from the comforts of our home. And to do all that we all have to have a plethora of accounts with services providing the tools for us to enjoy our digital lives. The reality is that an average individual has well over 20 online accounts and has to keep these accounts safe and secure by picking good passwords and remembering them when needed.

I am sure you are no exception. There is also a very high chance that you use the builtin password manager that comes with most browsers today. The builtin password managers in IE, Chrome, Firefox and Safari make the password management a lot easier by saving your login and other basic information and fill in the login and other forms automatically. But while they make our lives easier, they are not secure at all. In recent times a lot was written about chrome and its lack of security with respect to your password repository (click for more details) it maintains in its password manager. And why just talk about chrome, when none of the browsers can protect their saved passwords from prying eyes (click for more details).

protected

Here is the bottom line – If you want to keep your passwords and other credentials secure and also create strong passwords to all your online accounts, you MUST use a good password manager that it not built in to your browser. A good password manager MUST provide tools for creating strong passwords and help replace the weak passwords in our online accounts. A good password manager MUST ensure that the password it keeps are secure. It MUST also ensure that the user can use the password manager anywhere he/she goes. There are a lot of free password managers available. I do not have anything against free services and tools, but one MUST remember that you have to pay for things in one way or another.

The key question you MUST answer before you sign up for a free service for password management is “are you really willing to depend on a free software to protect the keys to your digital world ?”.

It is time to stop using browsers to save your passwords and get a good password manager NOW !