Password hackers propel identity theft

If you repeat passwords and make them easy to guess, you’re vulnerable

FREE VIDEO

Password laxity eases identity theft
June 29: Taking the easy route with your passwords can make it easy for hackers to steal your identity. NBC’s Rehema Ellis reports.

Nightly News

NBC NEWS SPECIAL SERIES

Is it the unstoppable crime?

Hackers easily crack passwords

Password do's and don'ts

How will you know if you're a victim?

What to do when your ID's been stolen

10 ways to protect your ID

Recent frauds, scams and mishaps

Tone control

Going downtown

Tell it to the Marines

The 'King Salmon' Senator's trial

It's debatable ...

Most popular

• Most viewed

• Top rated

• Most e-mailed

Congressman: McCain ‘sowing seeds of hatred’

All that money you've lost — where did it go?

IMF chief warns of global financial meltdown

Mexican pot cartels sully U.S. forests, parks

Billy Graham out of hospital after fall at home

Most viewed on msnbc.com

By Rehema Ellis

Correspondent

NBC News

updated 8:00 p.m. ET June 29, 2005

Rehema Ellis
Correspondent
• Profile
NEW YORK - Charlie Cookston responded to what looked like a legitimate e-mail from PayPal, an online payment service. It asked for his user name and his password — and he gave them.

Turns out it wasn't PayPal, it was a scam.

“When they got into the PayPal account, they got the charge card and the checking account and the routing number for the checking account,” says Cookston.

Story continues below ↓

And there was more.

“I had all my accounts, insurance, vitamins, whatever I buy on the Internet with the same user name and password,” he says.

Internet security experts say millions of Americans like Cookston are vulnerable to identity theft because they use only one password for multiple accounts.

Hackers count on that pattern.

“This absolutely is the threshold to identity theft,” says MSNBC.com technology writer Bob Sullivan.

Sullivan says it's all too easy. There are places people can go on the computer to get your password.

“We just typed ‘password cracker’ into Google,” demonstrates Sullivan. “And you get back all sorts of results. Some are written by good guys, and some are written by bad guys. [There are] tons of Web sites devoted to figuring out what people's passwords are so that they can break into their accounts.”

There are ways to protect yourself, including using longer passwords and ones that combine numbers, letters and punctuation. Another effective approach is to not use your real name when you log on — make one up.

“When you're logging onto newspaper sites, recipe sites, other sites that don't have any kind of critical components, use a fake name, use a fake address,” says Sullivan. “Save really strong passwords and your personal information for the sites that matter.”

And if you think it can't happen to you, remember Charlie Cookston — he's a computer programmer, and it happened to him.

“I have now gone through all my logon information,” he says. “They all have a unique password.”

That means more work, remembering more passwords, but also more protection for you and your identity.