Do you run one of the 33 million Twitter accounts whose passwords were hacked recently?
Did you once have a MySpace account, and are one of the 360 million whose passwords have been hacked?
Those figures all came to light in the last fortnight, and should be a wake up call for any journalists still using the same password for more than one account.
A significant number of journalists — 1 in 5 based on my research — fail to use different passwords for different accounts. It’s basic security practice, but too many news organisations are oblivious.
Of course it doesn’t matter whether you are one of those users whose passwords were hacked. The point is that these hacks are now a regular occurrence, and it’s safe to assume that at some point one of your passwords will be compromised. The important thing is to be confident it’s not being used for more than one site.
Meanwhile, if your employer does encourage good password behaviour, let me know: I’d love some good news!
UPDATE (June 17): Stolen passwords from LinkedIn and other sources may have been used to access GitHub accounts.
- Research: regional publishers may be risking their sources and their brands
- Security for journalists: a curated Flipboard magazine
- 3 problems with source protection, and 3 things we can do about it
- Web security for journalists – takeaway tips and review