Alongside the big news that Zac Efron and Vanessa Hudgens broke up (we jest), yesterday's big online news was the breach of Gawker Media's servers by hackers. 1.3 million emails and their connected passwords were possibly revealed in the process, making this one big headache not only for Gawker, but for their readers who might be worrying whether the same email they use to leave snarky comments on Jezebel might compromise their online banking information. There are a couple of ways to determine whether you need to update your info below, one super geeky and one more user-friendly.
First thing is to determine whether your email that you might have used for any of the Gawker sites was compromised; this step might be important if you're like us and don't remember if you've ever signed up to leave a comment on their network of sites (we suspect in our younger, more foolish years, we did partake in some commenting on Gizmodo). Here's what HD Moore, chief security officer at Rapid7, recommended over at ComputerWorld, a "clunky" but effective 2-step process to determine whether your love of Lifehacker (or Fleshbot) has left you exposed to possible vulnerability over at other sites that may share the same email/password combination.
HD Moore's 2-Step Process
Step 1: Go to this secure hash algorithm site, enter an e-mail address in the 'Input' field, click the 'MD5' button, then copy the hash from the 'Result' field.
Step 2: Go to this Google Docs page, click 'Show Options' near the top left of the spreadsheet, then paste the already-obtained hash code into the field to the right of the '=' symbol. Change the left-most field to 'MD5.' Click 'Apply.'
If your email pops up in the spreadsheet it means your email/password were compromised. If that sounds too geeky and ridiculously complicated (it's not) and you're more apt for quick, easy and clear, we've noted Slate has released a more user friendly widget which only requires you to enter your email address to check for the same email/password breach. As you can see our own email brought up a positive result. No bueno.
Now to get to the nitty-gritty part of revamping your passwords. Of course you'll want to change your passwords over at Gawker immediately; if you use online banking and purchase via the internet, it would be unwise not to change those passwords. We've been recommending all affected to read over Lifehacker's s>How to Audit and Update Your Passwords tutorials, which led us to adopt a secure password manager. A free version with integration with most every modern browser makes LastPass worth a try; it may take you a day or two to get all your various accounts sorted if you're registered for the plethora (yes, plethora) of sites like we are, but you'll sleep more soundly knowing you've made the update to your online security.