It’s Time to Cancel Your Forgotten Internet Accounts

From the Wall Street Journal:

Yahoo Inc.’s revelation of a massive 2014 security breach might have reminded you of an old account or two you haven’t logged into for years.

No good comes from leaving details of your identity—alternate email addresses, date of birth and, yes, passwords—floating around the backwaters of the internet. Hackers who find their way into one account, dormant or still in use, can exploit details such as PINs or security-question answers to get into other accounts. That’s right, your old AOL Instant Messenger account could compromise your Facebook account.

It’s best to reduce your overall exposure. Think of it as a pruning exercise.

Before you start shuttering accounts, consider a few things. You might lose access to services you never knew were related. Your Yahoo account, for example, gets you into the popular photo site Flickr. Your Hotmail email address could be your login for Xbox Live, Office 365 or Skype.

Respect the finality of your decision—when you’re out, you’re out. But canceling isn’t always easy.

GRC's Interactive Brute Force Password “Search Space” Calculator

Every password you use can be thought of as a needle hiding in a haystack. After all searches of common passwords and dictionaries have failed, an attacker must resort to a “brute force” search – ultimately trying every possible combination of letters, numbers and then symbols until the combination you chose, is discovered.

If every possible password is tried, sooner or later yours will be found.
The question is: Will that be too soon . . . or enough later?

This interactive brute force search space calculator allows you to experiment with password length and composition to develop an accurate and quantified sense for the safety of using passwords that can only be found through exhaustive search.