Using Different Passwords is Crucial

A traffic exchange owner recently emailed me asking why StartXchange wasn’t allowing it in rotation. After looking into it, his website was hacked and a malicious code was added. Looking into it further I found a couple of his sites have had this problem. About a month ago this same exchange was hacked, so clearly the problem wasn’t fixed.

The hack only inserted an iframe, which most anti-virus programs are good at keeping you from harm. But there is a much bigger security risk that seems to be ignored, or maybe just not thought of. That is your personal information.

If the hacker can access the pages to edit them, there is a good chance they can access the rest of the scripts. There is a good chance they can access the configuration files, which contain database logins. There is a good chance they can extract your email address and password. There is a good chance you are using the same logins on multiple exchanges, and even using the same password for your email address. And there is a good chance many are even using the same login information for Paypal.

Indeed, I fear this is a huge possibility, especially since I’ve seen a huge increase in stolen Paypal account purchases. So are you using unique passwords on every website? And do you have a Paypal Security Key? If not, you should stop everything until you do.

You can find the Paypal Security Key available in the Profile section on Paypal, under Account Information. It’s like 5 or 10 bucks, and it’s worth every penny!

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • bodytext
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google
:: (5) Comments :: Security :: Permalink

5 comments

  1. See my profile on MyBlogLog.com! gide83 (gide83) Says:
    February 27th, 2008 at 11:34 am

    Oups!
    Tim, i’m going to check out my PayPal data.
    I’m exactly in what you described above.
    Thx for reminding this security feature.

  2. See my profile on MyBlogLog.com! Phil (megaman) Says:
    February 27th, 2008 at 1:33 pm

    Great article Tim! Thanks for reminding me about the PP Security Key!LOL! I had it on the ToDo list but it was shuffled down the list so far it was out of site.

    ;o)

    Phil

  3. See my profile on MyBlogLog.com! Roman (roman1072601) Says:
    February 28th, 2008 at 11:39 am

    Tim, Thank you for this article. Many times we assume that everything is OK.
    Question, Do you know if using RoboForm is safe? Of course I have AntiVirus security - McAfee
    Regards,
    Roman

  4. See my profile on MyBlogLog.com! Tim Says:
    February 28th, 2008 at 11:58 am

    I’ve never used RoboForm personally, but I’ve heard it’s good. If there is an option to password protect the data and/or encrypt it, then make sure that is on. That way if someone manages to grab your computer, they don’t have all your passwords ;-)

  5. See my profile on MyBlogLog.com! Annuar Nordin (ninsaud) Says:
    March 1st, 2008 at 10:34 am

    Very useful article Tim. It is really a reminder to me !

    Thanks