A Reminder From Yahoo: Change (And Improve) Your Passwords

A Reminder From Yahoo: Change (And Improve) Your Passwords

YahooLogo

On January 31, 2014, Yahoo announced that a major theft of mail account passwords had compromised an “ undisclosed number” of accounts. Writing from the Yahoo Tumblr blog, senior vice president in charge of Yahoo’s platforms and personalization products, Jay Rossiter, pointed out the attack was a result of a third-party database being compromised, and not from Yahoo’s own systems directly. In addition to explaining the steps Yahoo was taking to protect its members, Mr. Rossiter reiterated the importance of individuals adopting better password security habits as a general rule.

Such password thefts have become a regular occurrence, and often happen when thieves discover a weakness in the overall system – anything from a misplaced laptop to a weak password owned by a system administrator.

In January 2013, for example, a number of US banks suffered a cyber-attack known as a “Distributed Denial of Service (DDoS)“, in which zombie computers repeatedly and continually connected to the banks’ websites many times a second, making them inoperable to any other users. In the case of the bank attack, the technicians from security firm Incapsula [www.incapsula.com] were able to detect it and close it down before any damage was done. In tracking its source, they found that the DDoS instructions were relayed to a number of infected computers – the type that many millions of people use every day – through an innocent small business website located in England, and an overly simple password, “admin” was at the root of the problem. Click here to read the full CloudTweaks article.

With technology getting increasingly more sophisticated and instantaneous, it remains a permanent horserace between those who wish to use the Internet for business, entertainment and life, and those who wish to use it to create destruction, or to fuel crime. To the bad guys, everything is an opportunity. Consider online payments, for example. Most ordinary online consumers, when preparing to pay with their credit card, carefully check to ensure the presence of the “https://” marker at the beginning of a page’s address, which signifies sufficient encryption, and they then carefully type their credit card number into the panel reserved for just such a purpose.

Bad guys, however, see that credit card number window as something much more: it’s an open channel to a much bigger matrix. By entering a different set of code into that same space, they are able to convince the computers on the other side that they should be let in to distribute their payload. It’s known as an SQL injection. Where most people see a single-purpose form, they see a doorway. That is the difference, and it is something that must remain top of mind for all managers, not just those in IT. Passwords, much like bicycle locks, tend only to keep the good guys and amateur thieves away.

This doesn’t mean that average people are without resources, but it does mean that additional effort must be expended to make hacking more difficult, as thieves, by nature always seek the easiest route. One of the best ways to do this is to make passwords more difficult for them to guess. The most common password in use in offices across the country is still the word “password,” and the next most popular is “123456.”

People generally find it annoying to have to remember many dozens of passwords. They find it even more annoying to have to change them regularly, and even more annoying when the password requires complicated combinations of letters, words and punctuation. However, regular change, and complicated strings are essential. It makes no sense to use easily-guessed passwords such as your child’s name, or easily-deduced challenge/answer questions such as “what is your mother’s maiden name,” since these facts can be easily looked up online.

As a manager it is essential to encourage all staff – including system admins – to create passwords that are extremely difficult to crack, and which are not left lying around. This can be done through the use of password encryption software such as LastPass, (www.lastpass.com) or through specific software supplied by the IT department, or simply by encouraging people to use longer sentence strings that have meaning only to them.

Password security is a necessity. Most people would never leave their homes or cars unlocked when leaving for work in the morning, and they are unlikely to leave the door-key and alarm code under the doormat. Increased sophistication in the creation and maintenance of passwords is a small price to pay for increased security not only on a personal level, but on a global one as well.

By Steve Prentice

About Steve Prentice

Steve Prentice is a project manager, writer, speaker and expert on productivity in the workplace, specifically the juncture where people and technology intersect. He is a senior writer for CloudTweaks.

Find out more
View All Articles

Sorry, comments are closed for this post.

Increasing Efficiency and Reducing Cost with Managed Printing Services

Increasing Efficiency and Reducing Cost with Managed Printing Services

Managed Printing Services This is a sponsored post written on behalf of HP MPS.  Today’s business leaders recognize the value of shared services, significantly providing a wide range of enterprises with the sophisticated tools they need to compete with big business, while additionally driving costs down. But an area often overlooked in our tech-savvy world…

Curing Cancer With Big Data

Curing Cancer With Big Data

Cancer & Big Data The fight against cancer has been going on for centuries. Many leaders have tried and failed to bring about change to cancer treatment. Richard Nixon famously declared a War on Cancer with the National Cancer Act of 1971, and while the Nixon administration certainly increased research funding, they ultimately fell short…

IoT & Predictive Analytics In Healthcare

IoT & Predictive Analytics In Healthcare

IoT & Predictive Analytics In a report by Grand View Research Inc., it’s predicted that the global Internet of Things (IoT) healthcare market will reach nearly $410 billion by 2022, with mobile penetration, software automation, and innovation medical devices promising rapid testing, greater accuracy, portability, and user-friendliness. Chronic diseases such as obesity, diabetes, heart failure,…

What Do You Do With A Drunken Sailor? Look To The Cloud

What Do You Do With A Drunken Sailor? Look To The Cloud

Saferide App Petty officer Michael Daigle of the US Navy has rolled out an app to curb drunken driving in the Navy ranks. His Saferide ride-sharing service runs on Voxox’s Cloud Phone service which costs just $15 a month and is popular among US Service members abroad, where mobile phones are not permitted for use…

Red Hat Offers Container Native Persistent Storage for Linux Containers

Red Hat Offers Container Native Persistent Storage for Linux Containers

Red Hat Offers Container Storage Latest Red Hat Gluster Storage release enables greater agility and efficiency for OpenShift developers deploying application containers in production SAN FRANCISCO – RED HAT SUMMIT – June 28, 2016 – Red Hat, Inc. (NYSE: RHT), the world’s leading provider of open source solutions, today announced new storage innovations designed to enable developers to…

How Your Startup Can Benefit From Cloud Computing And Growth Hacking

How Your Startup Can Benefit From Cloud Computing And Growth Hacking

Ambitious Startups An oft-quoted statistic, 50% of new businesses fail within five years. And the culling of startups is even more dramatic, with an estimated nine out of ten folding. But to quote Steve Jobs, “I’m convinced that about half of what separates the successful entrepreneurs from the non-successful ones is pure perseverance.” So while…

Cloud Infographic: IoT For Automotive Deconstructed

Cloud Infographic: IoT For Automotive Deconstructed

IoT For Automotive Deconstructed The IoT automotive industry is moving rapidly with many exciting growth opportunities available. We’ve written about some of the risks and benefits as well as some of the players involved. One thing for certain as that the auto industry is starting to take notice and we can expect the implementation of a…

Cloud Computing – The Real Story Is About Business Strategy, Not Technology

Cloud Computing – The Real Story Is About Business Strategy, Not Technology

Enabling Business Strategies The cloud is not really the final destination: It’s mid-2015, and it’s clear that the cloud paradigm is here to stay. Its services are growing exponentially and, at this time, it’s a fluid model with no steady state on the horizon. As such, adopting cloud computing has been surprisingly slow and seen more…

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology Profiling 600 companies and including 553 supporting tables and figures, recent reports into the M2M, IoT and Wearable Technology ecosystems forecast opportunities, challenges, strategies, and industry verticals for the sectors from 2015 to 2030. With many service providers looking for new ways to fit wearable technology with their M2M offerings…

Consequences Of Combining Off Premise Cloud Storage and Corporate Data

Consequences Of Combining Off Premise Cloud Storage and Corporate Data

Off Premise Corporate Data Storage Cloud storage is a broad term. It can encompass anything from on premise solutions, to file storage, disaster recovery and off premise options. To narrow the scope, I’ve dedicated the focus of today’s discussion to the more popular cloud storage services—such as Dropbox, Box, OneDrive—which are also known as hosted,…

Digital Marketing Driven by Cloud, Big Data and IoT

Digital Marketing Driven by Cloud, Big Data and IoT

Digital Marketing Successful digital marketing campaigns are being driven largely by trending technologies, specifically the Internet of Things (IoT), Big Data, and The Cloud. These may be used for a huge number of marketing applications, from optimizing the performance of sports teams to improving science and research, even helping to aid law enforcement. Amazon Web…

Infographic Introduction – Benefits of Cloud Computing

Infographic Introduction – Benefits of Cloud Computing

Benefits of Cloud Computing Based on Aberdeen Group’s Computer Intelligence Dataset, there are more than 1.6 billion permutations to choose from when it comes to cloud computing solutions. So what, on the face of it, appears to be pretty simple is actually both complex and dynamic regardless of whether you’re in the market for networking,…