Lesson learned from the Zappos hackers: Make strong passwords!

Many of you, like us, received an email from Zappos yesterday asking you to reset your password due to a security breach. And after determining that the email wasn’t phishing spam (thanks, Twitter!), I headed to the Zappos site, clicked the “reset password” button and changed it immediately.

Thanks to Zappos’ vigilance and swift attention to the problem, they did a great job alerting customers, being responsive on Twitter, and made changing passwords pretty simple. (At least for US users.) They also assure us that the database where credit card info is stored was not compromised.

That said, something like 24 million (!!) customers were affected. And when something like this happens, it’s always a good time to reevaluate your online passwords. Here’s what we suggest you do to make the strongest passwords and keep yourself protected.
1. Change your password. Now.
If your password was compromised, it’s recommended that you change your info on any other sites that use the same password. We’d suggest starting with Amazon, which owns Zappos, though reports have yet to confirm whether that database was hacked into as well.


2. Diversify!
Experts recommend using different passwords everywhere–though realistically we know that’s a hassle. Especially for those of us with mommy brain.

Easier might be to use one set of passwords with variations (see below) for the retail sites you frequent, and a totally different set of passwords for financial institutions like credit cards, banks, and investment accounts. Those are the places you really don’t want someone getting access.


3. Familiar words = good for life, bad for passwords
It used to be that people would create passwords using familiar words like their kids, dogs, and  husband’s birthday, which is almost like handing over your information to a hacker wrapped up in a bow. However, using completely random letter and number sequences is not only challenging for you to remember–i’ts not all that hard for hackers to crack. Many spam bots are programmed to spit out random letters and numbers just like that.

The best, tried and true method for a good password is a string of common words that only have meaning to you, like your favorite ice cream flavor, college nickname and favorite shoe designer put together. Add in a number that you’ll remember and get a cap letter in there too. This makes them tough to hack and easy to recall, which is the perfect combination
for those of us with mom brain.


4. Use variations on a theme
Of course you can’t have 100 totally different passwords for every single website that requires them. But you can come up with variations on the theme–change up the order of the words or numbers for different sites. Like perhaps your Zappos password is like your Facebook password, but one ends with a Z and the other with an F.


5. Write it down!
Keep track of all your passwords on some protected cloud site or Google doc so you always have access to it if your accounts are compromised. Then it’s simple to go down the list and make changes where you need to. Even better: Do it manually somewhere safe, like this Password Log Book or your own binder or journal. We’ve yet to hear of hackers making their way into the sketchbook in your desk drawer.

If you still have questions or concerns, both Zappos and 6pm.com have been pretty responsive on Twitter. You can tweet them or check the site for an email address.  And for more handy tips like this, make sure you’re a Cool Mom Tech subscriber and follow us on Twitter!

Kristen is CEO/Co-Founder of Cool Mom Picks and a busy mom of four kids who lives in the Philly 'burbs. Though really, what mom isn't busy?

1 Comment

  • Christina
    Reply January 17, 2012


    I bought a Password Log from Buttoned Up. My husband thinks I’m crazy insane to have my passwords written down in one book b/c if someone breaks in to my house and steals it, ALL my passwords are in one place.

    I think he’s overreacting—someone who breaks into my house is more likely to steal the laptop and look for fast cash, not search for a little booklet of passwords to then use at a later date!

    Oh, and if any thieves are reading this comment and know where I live: I have a big dog in my house. B-I-G.

Reader Comments