420,000 Formspring Accounts Hacked
420,000 people awoke to the frightening realization that their Formspring accounts have been compromised are now floating around the web. The breach is believed to be the largest one of its kind for Formspring which is basically a social question and answer website.
That was the bit of bad news for those users. The good news is that Formspring is no slacker when it comes to how it handles the security encryption on its servers. Unlike most websites online, Formspring uses the SHA-256 encryption method with Salting. This means that although a hacker may have broken into the server, the additional layer of encryption will at least protect users whose accounts have strong passwords.
Despite this layer of security however, Formspring duly forced its users to change their passwords—all 20 million of them that the company garnered since starting out back in 2009. The lesson here I suppose is that no-one is safe, even with SHA-256 encryption. Hackers are a lot more brazen now and operate with remarkable stealth and agility.
Users are advised also to change their passwords for other services if they are similar to the one used in Formspring. This makes sense and should help combat a chance of this breach spreading to other servers.
Do you use password managers to handle your online accounts? Share your best practice below.