Strictly Business: Hi. Now change your passwords

By Brooks Johnson, Columbian Business Reporter



Brooks Johnson

As the newest voice in The Columbian’s business section, I thought I’d use part of my first Strictly Business column for a little icebreaker.

Me: I arrive at this paper with the work ethic of a native North Dakotan educated at the University of Montana and reared at The Daily News in Longview. I make important things interesting and look always for the human element behind all of our successes and failures.

You: Deserving of the fiercely independent and compelling journalism you’ve come to expect in our coverage of Clark County and its businesses and economy. As a reader of many interests, you want the big story, not insider-focused fluff.

Well then, I think this could be a match made in heaven.

But enough with the introductions. Let’s get to work.

While sipping a beer at Loowit Brewing downtown recently, I found myself scrolling through my emails waiting for a friend.

Hey, my iTunes account couldn’t process a payment. This looks legitimate. I’ll just click here, sign in … Oh. I must have messed up the password. I’ll try again. Huh. Still no luck.

Wait a second.

After all my chuckling at those who fell for the overseas lottery scams from the “prince of Nigeria,” I’d finally, myself, been had. Compromised. Phished.

Checking my account, I saw three new charges for $10.97 I definitely didn’t authorize. I filed a claim with my bank right away and had my debit card shut down.

Sigh. I thought I was good at this Internet thing. Better, at least, than users of the Ashley Madison extramarital affairs website.

What I found out is that I’m just as good at online security as everyone else, which is to say, bad.

I called a local self-described “security weirdo,” Eric Olmsted, who co-owns Vancouver’s On Line Support.

I told him the story of my recent security slip and was glad he didn’t laugh, since I realized upon my retelling I was being way too careless.

What I should have done was go directly to iTunes instead of trusting what turned out to be a sneaky doppelganger of Apple’s email styles.

I called Olmsted because I don’t want this or any other breach to happen to you, even though he said it probably has, whether you know it or not. So I asked for cybersecurity 101. His first advice: Never use the same password at two sites.

Oops. Though my initial reaction to getting hacked was to change all my (very, very old) passwords, I now need to be proactive, not reactive.

Yeah, dozens of passwords might be impossible to remember, especially when you change them all the time. But there are apps that help keep passwords together. And consider the consequences of online carelessness and the time and money spent on recouping losses.

Just that layer of security consciousness should put you ahead and convince hackers to go after lower-hanging fruit. It doesn’t hurt to add more layers, such as multiple anti-virus applications — even if they’re not free — and a stronger firewall or multifactor authentication.

So for those still looking for New Year’s resolutions: Be a security weirdo, or at least meet with one.