So, Internet Archive is one of my go-to resources for older books (along with Google and Gutenberg). During COVID, they apparently stopped keeping track of how many copies of newer, still-copyrighted books they were allowing people to browse at the same time. This led to a copyright lawsuit they lost--in case you haven't been following the news. So about three days ago, I decided to create a free account to be able to officially lend some of these books.
...And then they were hacked. I normally use different passwords for just about everything I have an account for and these are randomized letters numbers and symbols. However, I am getting a little lazy in my old age, and although my G-mail account has a different password, I decided to link the Internet Archive account to my G-mail. So, although the password itself wasn't a big deal, I was concerned that the hackers might have been able to find a way into my G-mail account.
This meant, that I immediately changed my password for my G-mail.
The irony is that I was actually musing about a week ago that I was surprised our government (or any government) has not hacked into Internet Archive and gotten rid of some of the data stored there, but I digress. Allegedly, a pro-Palestinian group did this.
There are two important lessons you should learn from this (1) the Wayback Machine (run by Internet Archive) is an amazing resource for saving web page history. I frequently use them for citations I put in my books. If you are looking for a charity to support, I recommend supporting them so they can upgrade their security and keep this valuable resource protected. (2) Don't use the same passwords for different accounts and don't link one account to another. I believe the hackers just wanted to make the news and probably wouldn't have gone any further, but they did publish what they found. If I had the same password for my G-mail account, it might already have been compromised.
For some freelancers, a compromised account might be nothing more than a headache. However, I frequently work under NDAs (non-disclosure agreements). I take the security of those who hire me seriously. That means that don't store their projects on the cloud, and I follow other best practices--especially if they hired me and requested an NDA. If, however, I had been more lax in using the same passwords and in storing stuff on my Google account, I could have had a security breach as well.
I encourage writers who deal with this sort of work to make sure your passwords for different accounts are truly different. There are free online password generators you can use if you have trouble thinking up random ones, I would just change them up a bit before using them to be safe. I then keep password hints (without writing out the full password) and the accounts each belongs to on a list in a drawer.
No comments:
Post a Comment