Another week, another breach! It seems like every week we’re hearing about another major website’s secure passwords being compromised. Personal information is either being leaked for malicious purposes, or hackers are showing off their prowess for accessing “secure” information.
Last week 3 major websites reported their customer passwords were compromised:
- LinkedIn.com – 6.5 Million customers affected
- eHarmony.com – 1.5 Million customers affected
- Last.fm – numbers not yet known
If you have an account on any of these sites, it is highly recommended that you change your password immediately. Also no funny business: make sure that you use a different password on each of them.
Imagine someone contacting your business relationships. Or using your identity to manipulate business relationships you have spent time building. Or just as bad, manipulating personal relationships you are developing. When you use the same password for most of your services (including work systems) you make it very easy for someone to get into many – or all – of them.
Here are my recommendations for password management best practices to reduce your risk of exposure.
Critical Best Practices for Passwords
- Use different passwords for every website you have an account with. While this can be difficult to manage, it is the safest way to protect your other accounts.
- Use a separate email address to create online accounts. This way you minimize the risk to your main email address, and also avoid unwanted spam.
- Keep personal and work passwords separate.
- Close old accounts you are no longer using. You would be surprised how many accounts you have out there!
- Don’t use common words or anything too simple for your password – here’s a list of the Web’s Worst Passwords.
Two Factor Authentications for Organizations
For organizations, protecting valuable corporate data assets is crucial to survival. When considering how to secure corporate passwords, we’ve found using a two-factor authentication system is the easiest and most effective solution. By using something you know (your username and a password you make up) along with something you have (a one-time password generator – a small token or an app on one of your devices) you mitigate a lot of the risk.
At Softchoice, we’ve worked with many customers helping them secure their data resources. There are several solutions in this space we have had success with. The best one for your organization depends on the other technology solutions you have in place. It also depends on whether you are looking for an on premise or SaaS solution.
Unfortunately, organizations wait until a critical event takes place prior to taking action on their underlying security issues. We’ve determined that organizations that proactively act on assessing their security issues before a critical incident occurs generally have better outcomes, mitigating threats before they can become a problem.
Please feel free to contact me by leaving a comment below, or connect with your Softchoice Account Manager to discuss this or any other challenges in data protection.
Here’s the email that our own Information Security Officer Mark Sebastian sent to all our employees when it happened. Feel free to use it!
Good Morning, Last week 3 major websites reported their customer passwords were compromised: LinkedIn.com – 6.5 Million customers affected eHarmony.com – 1.5 Million customers affected Last.fm – numbers not yet known If you have account on any of these websites, it is highly recommended that you change your password immediately. As a reminder, if you follow these best practices, you can mitigate the risk of exposure when creating accounts on the Internet. Use different passwords for every website you have an account with. While this can be difficult to manage, it is the safest way to protect your other accounts. Use a separate email address to create online accounts. This way you minimize the risk to your main email address, and also avoid unwanted spam. Keep personal and work passwords separate. Close old accounts you are no longer using. You would be surprised how many accounts you have out there!