Tumblr is the most recent victim of hacking. It has been reported that a third party has somehow acquired access to 65 million email addresses with salted and hashed passwords. The credentials were from before 2013 when Tumblr was acquired by Yahoo.
The announcement was made on the Tumblr staff blog. They said that as soon as the team got wind of the breach, their security team investigated right away. The conclusion was that there is no real reason to be alarmed. However, as a matter of precaution, Tumblr users are being asked to change their passwords anyway.
The data breach is listed on Have I Been Pwned as the third largest ever following the hack of 164 million LinkedIn accounts and 152 million Adobe accounts, Motherboard reported.
When it comes to password security, you cannot be too sure. Here are 5 pro tips to make sure your passwords are strong and difficult to crack:
1. Make A Sentence Password
A strong password can be a sentence at least 12 characters long. Stay Safe Online states that focusing on positive sentences or things you already like makes the password easy to remember but remains strong as a password. In many sites, passwords can even contain spaces.
2. Unique Passwords for Unique Accounts
The nature of data breaches makes having separate accounts with different passwords a good idea. If this is too much of a bother, at the very least make different passwords for work and personal accounts. It is also important to note that more important accounts like bank passwords require the strongest passwords.
3. Create Acronyms
Microsoft suggests that you make acronyms from meaningful phrases. For example, “My son's birthday is 12 December, 2004” could become Msbi12/Dec4.
4. Substitute Characters and Numbers
Substituting numbers and characters can be a quick trick to make weak passwords stronger. Also, mis-spelling can come in very handy when trying to keep accounts safe. Using the same example above, a possible password could be Mi$un's Brthd8iz 12124.
5. Two Step Verification
If a website offers two-step authentication, then take it. Also known as two-step verification, this option lets sites send a text message to your mobile phone or even a biometric token like a fingerprint as authorization of this account access.
