Found this article today over at Seculert about the Ramnit worm. It has been discovered that it has stolen over 45,000 Facebook logon credentials. It is suspected that the attackers are logging in to victims' Facebook accounts to transmit malicious links to their friends to spread the worm. The attackers are gathering all of this data in an attempt to compromise other web based services.
I bring this up to make a point about passwords and their effectiveness. As people become more connected and use more sites and services they tend to accumulate log on names and passwords. In an attempt to cut through the clutter and make it easier most people use the same name and password. They know about using stronger passwords, 8 characters or greater, upper and lowercase mixed with numbers, and nothing easy to figure out based on the person like birthdays or favorite foods but they don't think about the fact that if someone gained access to one site they could gain access to all sites.
Take a look at your password inventory and see how secure you really are. Is your user name/password the same for your hotmail account and your bank account? I know it can be a pain to have lots of different usernames and passwords. Where I work I have several, that get changed every 60 days and have to be unique for 8 times before being used again. I also have accounts for all sorts of things as well. I find that a theme is very helpful in creating and remembering these. You do have to be careful though that the theme isn't too easy to decipher, much in the same way using your birthday for a password is a bad idea. My last bit of advice is to change them often. Even if your password has been compromised at some point a dead password is a useless password.
Here is a great article to help you get started:
Create Strong Passwords
