Page 24 - aruba-today-20180714
P. 24
A24 TECHNOLOGY
Saturday 14 July 2018
How to pick a new password, now that Twitter wants one
By ANICK JESDANUN naming the file “pass-
AP Technology Writer words.” Call it “badmovies”
NEW YORK (AP) — Yet an- or something innocuous.
other service is asking you ___
to change your password. RESET AND REFRESH
Twitter said Thursday it dis- Some security experts rec-
covered a bug that stored ommend that you change
passwords in an internal log your passwords frequently,
in plain text, without the though treat that advice
usual encryption. Though with caution. When there’s
Twitter says there’s no in- a breach, it doesn’t mat-
dication that anyone has ter whether that password
stolen or misused those is two weeks or two years
passwords, the company is old. And if you change
recommending a change passwords too often, you
as a precaution. risk forgetting them and
Here are some tips on com- falling back on simpler, less-
ing up with a new password secure passwords.
and safeguarding your ac- ___
count — even if your pass- A BETTER SAFEGUARD
word is compromised. You can ignore much of
___ this advice if you just do
COMPLEXITY COUNTS one thing: Turn on two-fac-
Don’t even think of using This April 26, 2017, file photo shows the Twitter icon on a mobile phone, in Philadelphia. tor authentication, which
“password” as your pass- Associated Press Twitter calls “login verifica-
word. Picking any com- etcalendar” becomes KEEP PASSWORDS FRESH and Facebook gets tion.” You’ll get a text with
mon word as your pass- “rocket44!calendaR.” (But Each service should have “rocket44!calendaRfac.” a code each time you try
word should be avoided don’t use that one; the fact its own password. If you You can turn to a pass- to log in from a new device
because it’s easily guessed that it’s in this article means use “rocket44!calendaR” word-manager service or web browser. So even if
using software that tries out hackers probably already on Twitter, don’t use it on to help you keep track of hackers get your password,
every word in the diction- have it in their databases.) Facebook. Once hack- various passwords, though they can’t do much unless
ary.However, you can get a Some services will even ers get your password on make sure the one you use they have your phone — or
good password by combin- require your passwords to one service, they’ll try it on hasn’t had its own security some other way to inter-
ing two or more words, such have certain character- other services, too. Out- problems . If you’re storing cept the code.
as “rocketcalendar.” Sprin- istics. As you type a new smart them by using a fresh passwords in a spreadsheet Of course, this makes it
kle in some numerals and password on Twitter, the ser- password each time. It can or other document on your even more important to
punctuation marks, and vice will tell you whether it’s be as simple as adding the computer, be sure to pro- protect your phone with a
make some of those letters “Too Obvious” or “Weak.” first three letters of the ser- tect it with its own pass- passcode, so that no else
in caps, and you’ve got a Go for “Very Strong.” vice’s name, so Twitter gets word (Microsoft Office lets can get these texts if your
strong password. So “rock- ___ “rocket44!calendaRtwi” you encrypt files). Avoid phone is lost or stolen.q
Rights group questions DEA exploit of encrypted cellphones
By FRANK BAJAK on the Drug Enforcement one way or the other, espe- for the wiretapping until af- The company did not re-
AP Cybersecurity Writer Administration to explain cially with ongoing cases ter the booby-trapped de- spond Friday to an emailed
In the first known case of its whether the technique — awaiting adjudication.” vices had been delivered request for comment or a
kind, U.S. drug agents sup- employed in a 2012 south- Court papers indicate un- in exchanges typically oc- phone message.
plied unwitting cocaine- ern California case involv- dercover federal agents curring in parking lots in The FBI has recently re-
trafficking suspects in Cali- ing a Canadian operat- first supplied Krokos’ group southern California. newed its push to persuade
fornia with smartphones ing out of Puerto Vallarta, with compromised Black- Sparks would not comment technology companies
they thought were encrypt- Mexico — is still being em- berry cellphones in 2010. on the issue: “The courts will to give it a back door into
ed but had been rigged to ployed and whether its use Encrypted emails and oth- determine that. That’s why encrypted devices for use
allow eavesdropping, Hu- is widespread. er communications that the courts exist,” in criminal investigations.
man Rights Watch reported The Canadian, John Krokos, the defendants thought The DEA also prevented Companies led by Apple
Friday. pleaded guilty in 2015 to were private were instead the defendants from buy- have resisted the cam-
The advocacy group said related felony charges with intercepted by law officers ing non-compromised en- paign, noting that such
it feared the technique Los Angeles-based associ- because they had decryp- crypted BlackBerry devices back doors can also be ex-
could be abused to violate ates. He was sentenced to tion keys. from other sellers, including ploited by data thieves.q
the privacy of non-crimi- 138 months in prison. “I believe that, since the by arranging for their inter-
nals. DEA spokesman Wade (Blackberries) had encryp- ception in Mexico, court
“I think there are real de- Sparks in Washington, D.C., tion technology on them, papers show.
bates to be had as to said at least one defendant Krokos felt relatively safe Human Rights Watch said
whether that is lawful or is still awaiting trial. in communicating over Blackberry, the phone’s
should be lawful,” said “We can’t comment on the devices,” a DEA agent maker and service provid-
HRW researcher Sarah St. the case or any of the tech- who provided the phones er, said it had no involve-
Vincent. “They could use niques used until the case is to ring members said in an ment in the DEA operation
this on peaceful protest- fully adjudicated,” Sparks affidavit. and no ability to decrypt
ers, (though) there’s no evi- said, adding that the DEA Available court documents the encrypted phones
dence of that.” was not going to “give out suggest the DEA may not used because the keys are
Human Rights Watch called investigative techniques have obtained court orders controlled by the customer.
