It should go without saying at this point, but here it is in plain English one more time: don't use dictionary words for your password. If you're a member of the technical staff of a prominent web 2.0 entity like Twitter, you really ought to know better.

Furthermore, if you're part of the security team for a site like Twitter, you should have some kind of basic measures in place to prevent brute force hacking attempts. It's just common sense.

GMZ, the hacker who compromised several celebrity accounts randomly targeted "Crystal," a Twitter user he just thought to be fairly popular, and he hit the jackpot. She turned out to have access to Twitter's technical tools, and had chosen a password so horribly simple it could have been mentioned in the list from Hackers: happiness.

If you weren't already in doubt about the safety of your various web accounts, this incident should serve as a wake-up call. Since it's not always a priority for a web service to provide protection, do yourself a favor and use a nice, complex password.

And please, for the love of humanity, try not to use dictionary words.

[ via Threat Level ]