This summer, hackers destroyed my entire digital life in the span of an hour. My Apple,Twitter, and Gmail passwords were all robust—seven, 10, and 19 characters, respectively, all alphanumeric, some with symbols thrown in as well—but the three accounts were linked, so once the hackers had conned their way into one, they had them all. They really just wanted my Twitter handle: @mat. As a three-letter username, it’s considered prestigious. And to delay me from getting it back, they used my Apple account to wipe every one of my devices, my iPhone and iPad and MacBook, deleting all my messages and documents and every picture I’d ever taken of my 18-month-old daughter.
He concludes, not incorrectly, that the current infrastructure is unsustainably insecure. Meanwhile, this is the state of play—and we have to live with it. Another piece by Nicole Perlroth in The New York Times gives the latest advice on password protections from the obvious (never use the same password twice) to the not-so (ignore security what’s-your-favorite color questions).
Hoan has some good advice as well. Since a little research or guesswork can break a security question, give a funky answer. For example, is you are asked what was your first car, instead of “Toyota,” write “Camper Van Beethoven Freaking Rules.”