On May 21st, 2014, eBay asked 145 million of its users to change their passwords after a cyber attack compromised customer data. And as recently as December 2013, popular online services like Facebook, Gmail, Google+, YouTube, Yahoo, Twitter and LinkedIn were also hacked [source]. CNN Money reported that the passwords weren’t actually leaked by those services but harvested from individual computers infected by a malicious keylogging virus. Once a user entered his or her username and password, those credentials were then sent to proxy servers controlled by hackers.
Studies of the stolen password databases have shown that a majority of user passwords are too basic, with “123456” topping the list. “123456789” came in second while over half of the hacked passwords used a single character type like all numbers or all upper-case letters.
So what can you do to keep your personal and business accounts safe from password hacks? ROSE IT Services Limited recommends the following five tips:
1) Change your passwords. If you use the same password for multiple websites and services, you are precisely the user that cyber-criminals love to target. To ensure that you create strong and unique passwords, add upper and lower-case letters, numbers and symbols to a string of characters eg. use “P@ssw0rd#33” instead of “password33″. Additionally, the longer the password, the stronger it is, ensure that your password is at least eight characters long and not easy to guess.
2) Utilize two-factor authentication. Facebook has highlighted its two-factor authentication tool, which requires a passcode entered from your mobile device as well as a standard password. Twitter, Yahoo, Google, and other major services also offer this option. Make sure to explore it in your account settings.
3) Ensure that anti-virus software and security patches are up to date. This task is best left to your IT professional. That’s where proactively managed IT services and solutions, like those offered by ROSE ITSL, come in. Our hosted anti-virus monitoring software can stop malicious viruses from compromising your business.
4) Use Password Managers. Keeping track of the huge number of passwords and credentials that belong to your IT portfolio can be a harrowing task. As part of our service offering, ROSE ITSL maintains a secure, confidential and up-to-date record of its clients’ IT credentials however there are online tools that can allow you to do the same. Password managers like LastPass and KeePass can encrypt and store passwords and also generate random passwords making your information even more secure.
5) Setup Password Recovery Options. If you forget your password or get locked out, you need a way to get back into your account. Many services will send an email to you at a recovery email address if you need to reset your password, so make sure your recovery email address is up-to-date and an account you can still access. Sometimes you can also add a phone number to your profile to receive a code to reset your password via text message. This is one of the easiest and most reliable ways to help keep your account safe.