While T-Mobile tries to sort out the mess following the hacking of Paris Hilton's T-Mobile account, the comany has issued a press release urging that customers take some steps to protect themselves.
While the pointers are sensible, I am surprised that none of the big online services force consumers to do this. I know that when I have to change my password at work, it cannot be fewer than X characters, it has to be a mix of uppercase and lowercase, it must contain a specified number of non-alphanumeric characters and it cannot be a password that I've already used. Services like T-Mobile, Gmail, Yahoo, Hotmail, etc. can easily be configured to require the same, I am sure. Perhaps they are concerned that customers will balk at not being able to set their passwords as "password"?
T-Mobile Statement on Security and Privacy:
"Along with the considerable resources T-Mobile has and will continue to dedicate to customer security, there are some specific actions we recommend customers take to help protect their mobile phone accounts and personal data.
-- T-Mobile customers should ensure they utilize passwords and change them frequently to safeguard personal information in the following three areas:
-- On my.t-mobile.com - the Web self-service tool.
-- Attached to their account, when calling a Customer Service Representative.
-- On their voicemail box.
-- Be sure the password to access my.t-mobile.com has a combination of letters and numbers.
-- Change passwords at least every 60 days; never give out passwords, even to friends or family; and memorize passwords.
-- If a device is lost, or notice suspicious activity on an account, call T-Mobile immediately.
If a T-Mobile customer has a question about service, or would like further password assistance, simply visit my.t-mobile.com; or a T-Mobile representative can help you by dialing 611 from a T-Mobile phone, or calling 1-800-937-8997."