At HootSuite, security is our utmost concern. Today we identified unauthorized attempts to gain access to a small number of HootSuite accounts (less than 1000 affected). The unauthorized users appear to have obtained a list of user IDs and passwords from a compromised 3rd party social network or service, and are attempting to login to HootSuite using that information.
It is important to note that HootSuite itself has not been compromised and there is no vulnerability identified in our system, nor has any sensitive account or credit card information been affected. Rest assured, we have taken immediate action to restore the integrity of the compromised accounts and identify the source of these attempts.
This is a lesson that no matter how safe your house is, if you leave your keys in the door, intruders can get in. So here are some essential tips to keep your password secure.
Select a unique password that is longer than 7 characters
The longer your password is, the harder it is for people to decode. These days hackers can build bots capable of trying multiple variations of letters in very little time, so the longer, the better, as they won’t waste time on long digit passwords. Have you thought of a catchy 64 character sentence?
Include both upper and lower case characters
Passwords are case sensitive. Which means having both upper and lower case letters makes it even trickier to guess what the exact combination of characters your password contains.
Include at least one number
Try swapping out letters for numbers. This makes the word very hard to guess.
Never use the same password for multiple accounts
If a hacker gains access to one account, chances are they’ll try to get into all of them. With the high interconnectivity of the social web, it’s easy to find all of your social presences, and for hackers, it takes next to no time to try to unlock them all.
Change passwords often
Just to be safe, change your passwords at least once a year. Twice a year is even better. The more often you change it, the safer it is.
(Hint: You may want to consider checking your HootSuite password is safe and secure)
To help you out, here is a list of the top 10 most commonly used passwords from gizmodo, which are sure to be on any hacker’s hit-list.
For further security information, we also have numerous articles dedicated to social media security on the HootSuite blog, like our 7 Ways to Hack-Proof Your Company’s Social Media, as well as HootSuite University courseware on social media etiquette to help prepare you and your team.
To learn more about how HootSuite can work with you to protect your organization, visit our HootSuite Security Services page.