News reports that vice presidential candidate Sarah Palin's personal email was hacked and posted on the Internet brings national attention to the growing problem of online security. The group who invaded Palin's Yahoo account likely gained access through an attack on Yahoo's password recovery system. It's estimated that more than 21 million passwords are stolen every year. For those who aren't celebrities, cyber snooping is likely to be done by somebody you know; 47% of all identity theft is perpetrated by friends, neighbors, fellow employees, family members or significant others.

How Are Passwords Hacked?

1. Brute Force: hacking software available to anyone online, these services attempt to guess your password over and over until they break in.
2. Challenge/Response: to recover a password, you're asked questions you answered when you set up your account, usually easily attained information.
3. Social Engineering: such as "phishing", the user is tricked into divulging his password through an email or phone call.
   

"Even the most secure website is only as strong as the password you create; your best defense is to create unique, complicated passwords and to utilize a password manager," says Tara Kelly, Co-Founder of Passpack, a free online password manager. "A brute force attack can guess a weak password within minutes," she said.

Passpack offers these tips for password security:

1. Use as many characters as a site allows: uppercase, lowercase, numbers, symbols, sentences. Don't use personal information: names, telephone numbers, addresses, favorite movies, etc. If you can't choose a long or complex password, change it often.
2. Use a password manager like Passpack to create and store super-strong passwords. Be aware that some "password recovery" sites are phishing schemes, so only use sites recommended by authorities like cNet and PC Magazine.
3. Use trusted online software, it's more resistant to brute force attacks than software on your hard drive.
4. Give false answers no one else can figure out to online security questions to avoid challenge/response attacks.
5. Never write down your passwords anyplace someone could have access: post-its, computer files, cell phones, laptops.
6. Never respond to an email or phone call asking for your passwords or personal information.
7. Avoid these common passwords:
• 123456
• qwerty
• abc123
• letmein
• monkey
• myspace1
• password1
• link182
• (your first name)
  

Passpack stores your passwords in an online vault only the user has access to through a strong password phrase: the packing key. No need to remember individual passwords, just your packing key -- so use stronger, unique passwords for each online account. Passpack gives you a password generator, and resists all three types of password attacks. Passpack is a free service, accessible from any online connection. Learn more at http://www.Passpack.com

About Passpack
Rome, Italy based Passpack was founded in December 2006 by Francesco Sullo and Tara Kelly. More can found be at http://www.Passpack.com/media.