Late yesterday, we learned from TechCrunch that social application site RockYou had suffered a data breach that resulted in the exposure of over 32 million user accounts. One of the most disturbing things about this breach was the fact that RockYou was storing all user account data in plain text in their database. On top of that, the data also shows that they stored credentials to other social networks and partner sites. The TechCrunch article does a good job highlighting the major security issues.

As more details come to light, the importance of having strong, unique passwords for each of your sites becomes even more relevant.

Security For All Websites Is Not Equal.  Using Different Passwords is Essential

Unfortunately, RockYou is a poster child for bad security practices, one of which is to store sensitive information in clear text.  In this digital age, storing user information such as account information and passwords unencrypted is unacceptable.

It’s situations like this that illustrate the importance of using different passwords for each of your websites. By using different, strong passwords, a data breach on one site (i.e. RockYou) should stay isolated to that site. In this scenario, if your RockYou password was different than your other passwords, your exposure would be much more limited. Not all websites practice strong security priciples like Mitto -  in fact many don’t use any.

At Mitto your passwords are always stored encrypted using security standards approved by the National Security Agency (NSA) for top secret documents. So even in the extremely unlikely event that there is unauthorized access to our database, the information available is unintelligible because it is encrypted. The only person who can see your information is you with your Mitto password. We take a layered approach to security so that multiple protection mechanisms are always in place to protect your sensitive information. We also take great care in constantly monitoring our security, both internally, and by use of third party services such as McAfee.

Change Your Passwords Now. Make Them Unique. Store Them in Mitto

First, if you have a RockYou account, we recommend that you change your password for that site immediately, and also for any partner sites that you may have associated with your RockYou account (i.e. Myspace, Bebo, etc.). Second, if you were using that same password for any other site, now is the time to go through all of those sites, change each of your passwords to something strong and unique, and store them in Mitto so that you don’t forget. Finally, take the opportunity to make all of your passwords strong and unique. There is no sense in waiting for the next security breach. Be proactive.

Remember, you should never use your Mitto password for any other service or website. But after reading this post, you should already know that.


Some of you may remember that October was National Cyber Security Awareness month, and that Mitto officially endorsed cyber security awareness in partnership with the National Cyber Security Alliance (NCSA).  Security is a year-round shared responsibility, and from time we like to remind our users of various ways to protect themselves and their companies.

Check out this humorous video (courtesy of the NCSA) which gives tips on how to stay safe online. As a Mitto user, you are already well on your way to a safer online experience. By storing unique, strong passwords for each of your sites, you are protecting yourself and contributing to a safer Internet.

In the online retail industry world, Green Monday is traditionally the 2nd Monday of December, and is a term coined by eBay to describe their to describe their best sales day in December. As with Cyber Monday, when buying online, shoppers should be careful with their sensitive personal information avoid identity theft and fraud, and one of the best ways for you to add extra layers of protection this holiday is to use Mitto.

To learn more about how Mitto can keep you safe this Green Monday, see our post about Cyber Monday.

Today, Monday, November 30, 2009 millions of people will go online to find deals on their holiday shopping for what has become to be known as Cyber Monday, the busiest day of the online shopping season, and according to shop.org, 87.1% of retailers are expected to have special promotions. When buying online, shoppers should be careful with their sensitive personal information avoid identity theft and fraud, and one of the best ways for you to add extra layers of protection this holiday is to use Mitto.

Use Mitto To Keep You Safe

Using our safe and secure password manager can help keep you safe on Cyber Monday, through the holiday season, and all throughout the year. Here are just a few ways that using Mitto helps to protect you:

• Mitto helps you to use different passwords for all the sites you shop on. By using different, strong passwords for each site you visit, you significantly reduce the chance of someone accessing your other accounts if one of those is compromised. Your bank may use strong security practices with your passwords, but what about that forum you participate in? Do the right thing and use strong, unique passwords for each site.

• Avoid phishing by having Mitto log you in. Expect a lot of fake specials, coupons, etc. such to come through your email this year leading you to sites that look like the places you want to be, but are actually fraudulent sites that steal your information. Since Mitto always logs you in to the sites that you are trying to go to, you never have to worry about handing over your information to a fraudulent site.

Stay safe and happy shopping!