SUBSCRIBE TO OUR FREE NEWSLETTER
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
5
#000000
#FFFFFF
5
#000000
#FFFFFF
'As a public service to Podesta and everyone else on Clinton's staff, here are some email security tips that could have saved you from getting hacked, and might help you in the future.' (Photo: Ethan Miller/Getty Images)
Dear Clinton Team: We Noticed You Might Need Some Email Security Tips
There is probably no one more acutely aware of the importance of good cybersecurity right now than Hillary Clinton's campaign chairman John Podesta, whose emails have been laid bare by Wikileaks, are being mined for news by journalists (including at The Intercept), and are available for anyone with internet access to read.
So as a public service to Podesta and everyone else on Clinton's staff, here are some email security tips that could have saved you from getting hacked, and might help you in the future.
Oct 13, 2016
There is probably no one more acutely aware of the importance of good cybersecurity right now than Hillary Clinton's campaign chairman John Podesta, whose emails have been laid bare by Wikileaks, are being mined for news by journalists (including at The Intercept), and are available for anyone with internet access to read.
So as a public service to Podesta and everyone else on Clinton's staff, here are some email security tips that could have saved you from getting hacked, and might help you in the future.
Use a strong password
There's a method for coming up with passwords that are mathematically unfeasible for anyone to ever guess by brute force, but that are still possible for you to memorize. I've written about it before, in detail, including an explanation of the math behind it.
But in short: You start with a long list of words and then randomly select one (by rolling dice), then another, and so on, until you end up with something like: "slinging gusty bunny chill gift." Using this method, called Diceware, there is a one in 28 quintillion (that is, 28 with eighteen zeros at the end) chance of guessing this exact password.
For online services that prevent attackers from making very many guesses -- including Gmail -- a five-word Diceware password is much stronger than you'll ever need. To make it super easy, use this wordlist from the Electronic Frontier Foundation.
Do not use a weak password
So if that's a strong password, what does a weak password look like? "Runner4567."
Use a unique password for each application
The same day that Wikileaks published Podesta's email, his Twitter account got hacked as well. How do you think that happened? I have a guess: He reused a password that was exposed in his email, and someone tried it on his Twitter account.
Even if you use a strong password, it quickly becomes worthless if you use it everywhere. The average person has accounts on dozens of websites. For those who reuse passwords, all it takes is for any one of those sites to get hacked and your password to get compromised, and the hacker can gain access to your accounts on all of them.
You can avoid this by using different strong passwords for every account. The only way that this is possible is by using a password manager, a program that remembers all your passwords for you (in an encrypted database) so you don't have to. You should secure your password manager with an especially strong password. I recommend a seven-word Diceware passphrase.
There are many password managers to choose from: KeePassX, LastPass, 1Password, and many more. Shop around for whichever one fits your organization the best. It doesn't so much matter which you use, so long as you use strong, unique passwords for each account. Password managers also help you generate secure random passwords.
And there's more. Read the full article at The Intercept.
And so it begins...
Political revenge. Mass deportations. Project 2025. Unfathomable corruption. Attacks on Social Security, Medicare, and Medicaid. Pardons for insurrectionists. An all-out assault on democracy. Republicans in Congress are scrambling to give Trump broad new powers to strip the tax-exempt status of any nonprofit he doesn’t like by declaring it a “terrorist-supporting organization.” Trump has already begun filing lawsuits against news outlets that criticize him. At Common Dreams, we won’t back down, but we must get ready for whatever Trump and his thugs throw at us. As a people-powered nonprofit news outlet, we cover issues the corporate media never will, but we can only continue with our readers’ support. By donating today, please help us fight the dangers of a second Trump presidency. |
© 2023 The Intercept
There is probably no one more acutely aware of the importance of good cybersecurity right now than Hillary Clinton's campaign chairman John Podesta, whose emails have been laid bare by Wikileaks, are being mined for news by journalists (including at The Intercept), and are available for anyone with internet access to read.
So as a public service to Podesta and everyone else on Clinton's staff, here are some email security tips that could have saved you from getting hacked, and might help you in the future.
Use a strong password
There's a method for coming up with passwords that are mathematically unfeasible for anyone to ever guess by brute force, but that are still possible for you to memorize. I've written about it before, in detail, including an explanation of the math behind it.
But in short: You start with a long list of words and then randomly select one (by rolling dice), then another, and so on, until you end up with something like: "slinging gusty bunny chill gift." Using this method, called Diceware, there is a one in 28 quintillion (that is, 28 with eighteen zeros at the end) chance of guessing this exact password.
For online services that prevent attackers from making very many guesses -- including Gmail -- a five-word Diceware password is much stronger than you'll ever need. To make it super easy, use this wordlist from the Electronic Frontier Foundation.
Do not use a weak password
So if that's a strong password, what does a weak password look like? "Runner4567."
Use a unique password for each application
The same day that Wikileaks published Podesta's email, his Twitter account got hacked as well. How do you think that happened? I have a guess: He reused a password that was exposed in his email, and someone tried it on his Twitter account.
Even if you use a strong password, it quickly becomes worthless if you use it everywhere. The average person has accounts on dozens of websites. For those who reuse passwords, all it takes is for any one of those sites to get hacked and your password to get compromised, and the hacker can gain access to your accounts on all of them.
You can avoid this by using different strong passwords for every account. The only way that this is possible is by using a password manager, a program that remembers all your passwords for you (in an encrypted database) so you don't have to. You should secure your password manager with an especially strong password. I recommend a seven-word Diceware passphrase.
There are many password managers to choose from: KeePassX, LastPass, 1Password, and many more. Shop around for whichever one fits your organization the best. It doesn't so much matter which you use, so long as you use strong, unique passwords for each account. Password managers also help you generate secure random passwords.
And there's more. Read the full article at The Intercept.
There is probably no one more acutely aware of the importance of good cybersecurity right now than Hillary Clinton's campaign chairman John Podesta, whose emails have been laid bare by Wikileaks, are being mined for news by journalists (including at The Intercept), and are available for anyone with internet access to read.
So as a public service to Podesta and everyone else on Clinton's staff, here are some email security tips that could have saved you from getting hacked, and might help you in the future.
Use a strong password
There's a method for coming up with passwords that are mathematically unfeasible for anyone to ever guess by brute force, but that are still possible for you to memorize. I've written about it before, in detail, including an explanation of the math behind it.
But in short: You start with a long list of words and then randomly select one (by rolling dice), then another, and so on, until you end up with something like: "slinging gusty bunny chill gift." Using this method, called Diceware, there is a one in 28 quintillion (that is, 28 with eighteen zeros at the end) chance of guessing this exact password.
For online services that prevent attackers from making very many guesses -- including Gmail -- a five-word Diceware password is much stronger than you'll ever need. To make it super easy, use this wordlist from the Electronic Frontier Foundation.
Do not use a weak password
So if that's a strong password, what does a weak password look like? "Runner4567."
Use a unique password for each application
The same day that Wikileaks published Podesta's email, his Twitter account got hacked as well. How do you think that happened? I have a guess: He reused a password that was exposed in his email, and someone tried it on his Twitter account.
Even if you use a strong password, it quickly becomes worthless if you use it everywhere. The average person has accounts on dozens of websites. For those who reuse passwords, all it takes is for any one of those sites to get hacked and your password to get compromised, and the hacker can gain access to your accounts on all of them.
You can avoid this by using different strong passwords for every account. The only way that this is possible is by using a password manager, a program that remembers all your passwords for you (in an encrypted database) so you don't have to. You should secure your password manager with an especially strong password. I recommend a seven-word Diceware passphrase.
There are many password managers to choose from: KeePassX, LastPass, 1Password, and many more. Shop around for whichever one fits your organization the best. It doesn't so much matter which you use, so long as you use strong, unique passwords for each account. Password managers also help you generate secure random passwords.
And there's more. Read the full article at The Intercept.
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.