A Blonde and Chrome Passwords
It was just another day in Blondeville ā a computer for this, another one for that, one for fun. You know, the usual.
And then ā what? What? A scary-looking message from something called āPassword Checkerā on Chrome (my browser of choice lately, though perhaps not forever) saying ā70 Passwords Compromised,ā and advising me to take immediate action. 70 passwords? To what? How? When?
First, Chrome has offered, as most browsers do now, a password ālockerā that keeps track of your username and passwords. Some sites, notably credit card and banking sites, will also offer a two-step verification (which I highly recommend, though what do I know) which sends a code to your phone āor email, though that seems somewhat iffy as a process if someone has potentially broken into your passwordsā so that you have to retrieve a short string of code from your phone and enter it into your logon within a short period of time. But for the majority of passwords to non-lethal platforms, the password storage is handy and useful.
First, I verified that there was in fact a breach warning issued by the browser (there was), because, in fact, this warning could have simply been another phishing attempt: hey user, your passwords have all been compromised, reset them here (with a handy link to the phisherās own spurious versions of desirable platforms). Once that was assured, I scanned down the list of ācompromisedā platforms and also checked out the recommended steps to take.
Fortunately for me, the majority of problem passwords were to sites I havenāt visited in, quite literally, years. The few that required attention were easily dealt with, including (just for safetyās sake) a phone call to a customer service number obtained from a bill to allow the representative to manage the changes.
I also followed the link to the recommended set of steps, which suggested that I had devices that had not been connected to āWindowsā in a while. āYou havenāt used Google on Windows in 166 days. Remove this device so it no longer has access to your account.ā This cryptic bit of information simply meant that there was a device (it might be a tablet, a phone, or any other device that could use Windows) that had not been logged on to Windows, though I might still be using it to read or play games or something offline. So, no problem there.
However, as weāve discussed a time or ten in this column, online security is never to be taken lightly. As noted, when available, the two-step process is a good one to put in place. Yes, itās annoying to have to get the code from a text, but itās reassuring. And the beginning of the year, while predictable, is a good time to at least be thinking about resetting passwords. A number of years ago, I recommended the advice of a very computer savvy friend: find a formula that isnāt obvious, then use it to āgenerateā a password which wonāt require you to remember the password ā just your formula. Each siteās password will be unique based on your formulaās adaptation to that siteās specifics, and the only āproblemā that can occur is when the site has a requirement for a combination of letters, characters, and capitalizations that donāt readily match your formula.
As alarming as the notice was, it was a good reminder to revisit passwords and practices.
Oh, and by the way, if you get a call from a Texas phone number saying āSocial security number has been suspected for criminal activities to get more information on this case please call us on our department number 940-304-xxxx. I repeat it 940-304-xxxx. Thank you,ā donāt call them. Itās a Robocall.
