Forbes is reporting that “hackers are targeting Microsoft Office 365 accounts with a worrying degree of success.” The culprit? Passwords that are re-used between multiple accounts and passwords that are too simple.

These collections of stolen credentials are valuable to cybercriminals because all too often people reuse them across multiple accounts and services. This leads to a snowball effect with criminals being able to access further accounts using the same compromised login details. The Barracuda report points out, for example, how hackers often use stolen passwords from personal email accounts to gain access to business email. Then there’s the problem of simplistic passwords which can be “brute-forced” using applications that use dictionary lists and variations to quickly crack them with relative ease.

So please, please mind your passwords.

  • Password length is more important than randomness. A silly pass-phrase is best, like “Goose feathers tickle 4”. Two words is OK; I usually use three.
  • Stop using the same password for all of your services, and definitely do not use the same password for your CASE account as you use for your personal accounts.
  • Too many passwords? Keep them in an Excel spreadsheet and password-protect the spreadsheet. On the spreadsheet, click “File” -> “Protect Workbook” -> “Encrypt with Password”.

    Or use a password management tool. You can use the free “LastPass” or the very cheap “1Password” tools and keep all of your passwords secure. Just don’t lose your main password!