Not to be Gawked at

The internet ran with the news today that 1.25 million accounts on the Gawker Network, one the internet’s top blog networks, had been stolen and leaked by hackers. I’ve been reading Gawker blogs for at least 3 years, but have rarely logged in because I had always found the commenting and member system to be a bit “loose”. I hadn’t actually considered the security behind it, but the user experience just felt extremely shoddy, like some of the setups I tried for my mini social networks designed for no more than a few dozen users. It was a surprise to me then (though not quite a surprise having seen how unprofessional their member systems are), that my email and password actually were registered on Gawker’s lists and are now leaked. And worse, it was the same password that I had been using since my beginnings on the internet.

Fortunately, about a year ago I started switching my passwords around the web to “one password per service” due to my increased dependence on keeping important things in the cloud. All of my most-used web services have long been switched to this improved system, and all of the services I joined after my password renaissance are also safe. To be extra safe following the Gawker incident, I again changed my most important passwords and will be monitoring those accounts though I doubt there will actually be a breach. I have noticed IMAP access to my email coming from New York and Hawaii IP addresses, which for the moment I can’t figure out, but I’m hoping it’s just one of my email notification systems doing its job. To those of you still unwise to the risky “one password for all” scheme (I know at my age most are just too lazy to worry about security), let this be yet another reminder.

blog comments powered by Disqus
Where there's a way, I'll find it.