Seriously, folks – how many times do you need to be told to use a secure password? Is this really so difficult a concept to understand? If you aren’t using strong passwords, you can – and WILL – be hacked. Just ask Gawker Media how easy that is to do. Over the weekend, Gawker saw all of their databases compromised. User names and passwords used to comment on the various sites were grabbed. Internal information, conversations and passwords were snatched and publicized. The entire situation was quite an embarassment to the people at Gawker. However, the worst part of this entire mess is finding out how many thousands of you out there use inane passwords on sites such as this.

Nearly 200,000 passwords were leaked from within Gawker’s walls. More than three thousand people used the password 123456 on the site. Oh. My. God. Really? Another two thousand un-savvy people used the word password as their login of choice. *sigh*

I’m willing to bet these same people use these passwords for other sites, as well. I can already hear some person yelling at their screen while reading this: “No one would want to hack me! Why do *I* need to be secure? I have nothing to hide!” Oh how wrong you are, young grasshoppers.

Have you ever bought something online? Bam! Hackers want that information. Do you log into your bank account from your computer? How often do you check your PayPal balance, update your profiles and information on websites or even check in on FourSquare? Criminals do want every scrap of information you have sitting on that purty little hard drive of yours, and you’re handing it to them on a silver platter.

It’s not ME you need to satisfy by making your passwords secure – it’s you. You need to protect yourself. I can’t do it for you. Personally, I advocate using a password generator/manager such as LastPass.

You’ll thank me later.

Can a Monkey Hack Your Password?

On my birthday last Saturday, I received a “present” I wish I never had. Due to some lax security policies that Apple has thankfully since updated, someone was able to use my birth date to obtain my iTunes password, and get into my account. They then managed to use that information to give themselves a nice little gift of $450 worth of iTunes gift cards… courtesy of my PayPal account.

Apple has worked with me to straighten this out on their end. As far as I know, they have since made some changes to their password retrieval process, which is an excellent thing. Of course, that doesn’t get me my money back.

So, I turned to PayPal, and opened a case in their Resolution Center. I followed all of the necessary steps, and provided them with complete information. The wait then began for me, checking my PayPal balance daily to see if my $450.00 was back in my account yet.

Tonight, I received an email from PayPal’s lovely Resolution Center.

We have completed our investigation of your claim and have determined that this is not an instance of unauthorized account activity. At this time, your claim has been denied. Through careful research, it has been determined that the correct course of action would be to cancel the Preapproved Payment Agreement from your Profile. The merchant will be notified of this change and will no longer be able to make charges to your account.

Wait, what??? “This is not an instance of unauthorized account activity”. What the HELL are they thinking? My password was obtained illegally. My money was taken without my consent… again illegally. How exactly can they determine that this was not an instance of unauthorized anything?! This is complete insanity. Apparently, PayPal is so focused on making money for themselves that they cannot be bothered to care when ordinary people like you and I lose ours via illegal means.

Thanks for nothing, PayPal.

PayPal Denies $450 of Unauthorized Charges