By now, you all have likely heard Yahoo! confirmed 500 million accounts were stolen from the company in 2014, releasing names, email addresses, personal records and more. While we are waiting on FBI to find out who is behind this massive breach, it’s an important reminder for how necessary it is to have a secure password, why password security continues to be a problem and what we can do to reduce our chances of being on cybercriminals’ target list.
Password reuse is a human problem. Remembering a new, secure password for every login we have can be difficult. With the rise in breaches, the character count minimum for a secure password continues to rise (depending on the source, it should be between 12-16 random characters). So it makes sense why we continue to reuse passwords with easy to remember, non-secure details such as our birthdate or sequential numbers. Additionally, the rise in mobile technology has trained us to create and use bad passwords because typing long passwords into a phone is a pain. Two recent technologies are taking the pain out of passwords: Apple’s Touch ID and password managers. Touch ID is available on many mobile banking applications and the popular payment sharing platform Venmo. Logging in to apps that support it is nearly seamless and – most importantly – seems to be secure with no wide-spread hacks yet. Password managers are an effective tool because they take the hassle out of creating and storing secure passwords. Most password managers support some sort of sync, so wherever you are, you have your passwords with you.
The Yahoo! compromise surely has exacerbated the password reuse problem for lots of users. The silver lining is the breach happened in 2014, so many of the stolen passwords are a little stale by now. However, not all users change their passwords frequently and many online services do not enforce password expirations. While any big data breach is scary, it is a good opportunity to review all your current passwords to make sure nothing is being reused. Additionally, it is useful to check in with your friends and family to remind them about the importance of password security, as they could be sharing your personal information unsafely and unknowingly. Remember, the more people aware about password security, the less chances hackers have to use our personal information in their advantage.
Here are a few quick steps to follow to get your passwords in order:
- Use a password manager. There are several good ones out there. I have had experience with 1Password, KeePass, Lastpass and others. They are easy to use and worth the small amount it takes to get it set up.
- Enable two-factor authentication on services that support it. At a minimum enable two-factor on your email (e.g. Gmail, Hotmail, Yahoo, etc.).
- Ensure your computer, phone and all software is up to date and you are running current anti-virus.
- Do not click on suspicious emails from unknown senders.
- Make sure to log out from all your accounts after using someone else’s computer.
The Yahoo! breach – and other breaking news – will probably be referenced many times during Cyber Security Awareness month, so be sure to keep an eye on the news for other security best practices to help keep your information secure.
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…