What the Adobe hack can teach REALTORS® about password security

Adobe was hacked in November 2013: what REALTORS® can learn from the breach

First things first: If you’re an Adobe customer and haven’t changed your password yet, you need to change it RIGHT NOW. If you use your old Adobe password on other websites, such as Facebook, Gmail, or your banking, you need to change those passwords as well. NOW.

Why? A recent cyber attack resulted in millions of Adobe customers’ passwords being reset, stolen, and sometimes even published on the Internet. Though huge security breaches such as this are rare, it is an important reminder about password security – and especially why you shouldn’t use the same password on multiple websites.

With all of the social media websites, e-mail accounts, and other websites that we are constantly logging into and signing up for to “try out” and “see if it works” for our business (not to mention games on our iPhones), it may seem like an incredibly daunting task to use a different password for all of these. But it is extremely important. Here’s why: say you sign up for this free new website that lets you edit photos (maybe you don’t need Photoshop, but still want to do basic editing on your listing photos). You try it out, maybe use it a lot or not at all. Then, one day, this free website (which is probably a one- or two-man show, and since it’s free and doesn’t collect credit cards, may not be too secure) gets hacked. It isn’t a big company, so you probably won’t even hear about it in the news or on social media. Meanwhile, the hacker has your e-mail address and password – the same e-mail address and password you use for everything. In a matter of minutes, they could be in your Dropbox, on your Facebook, or in your e-mail account and resetting passwords for all of your online banking.

Now, how do you avoid this risk without going crazy trying to remember all of your passwords? Here’s a trick I originally wrote about in the SAAR Journal: have a password “system” that changes slightly for each website. For example, you’ll start with a template such as “Website1234!” where the word “Website” changes depending on what website you’re on. For example, on Twitter, you could use “Tweet1234!” or use “Pony1234!” for Wells Fargo. Just an easy, simple word or phrase (but NOT the name of the website itself) that you’ll remember will do.

Remember, you still want to follow other important password rules, such as not using letters and numbers in simple patterns, and mixing capital and lowercase letters in non-obvious ways. So, your real passwords may be “twEE729t!0” for Twitter and “poN729y!0” for Wells Fargo. It looks complicated, but if you use the same pattern and stick to it, this is a great, easy deterrent for online theft. Even if you think it’s easy to figure out, hackers won’t spend the time trying to “crack your code” when there are millions of other people using the exact same password.

There are lots of other great tips out there. But remember, the most overlooked component to a strong password is using a different password for EVERY website. This is crucial!