The Importance of updating your passwords

Passwords

Think your data isn’t valuable enough to make it worth a hacker’s time?

Think again.

While it might be obvious that a banking or PayPal account has value for hackers, over the past year, stories have emerged about hacked Airbnb, ride sharing and even food delivery accounts.

Verizon’s 2017 Data Breach Investigation Report found that 81 percent of hacking-related breaches leveraged either stolen and/or weak passwords. A password can be a goldmine for hackers looking to exploit that information to get access to other accounts, data and more. Whether it’s your banking login or even a long-forgotten login to a shopping site or rarely used employee site, your password is almost always valuable to a hacker.

This is why users should treat every account as unique. Be sure not to share credentials and log-in information across sites, no matter how seemingly unimportant the accounts may be. And don’t make it easy for hackers to guess your password.

Passwords should be lengthy and complex.  

Unchanged default passwords like “admin” or “password” can leave your information vulnerable to compromise. While these default passwords can be easy to remember for accounts we use every day like employee logins, these passwords can be a hacker’s go-to to gain access to your account.

Default passwords are also a risk for any hardware or software you use to keep your business operating, from routers to collaboration software.

The good news is, this is an easy fix.

You can change your password at any time. But if fear of forgetfulness is holding you back, consider using a passphrase instead of just a password. A passphrase is a string of words or phrases put together to create one long phrase that’s easy for you to remember, but difficult for anyone else to guess or crack. For example, you can use your dog’s birthday to create a passphrase such as “mydogmolly’sbirthdayis_october19.”

While long, complex passwords are important, they are not sufficient on their own. Many websites now offer two-factor authentication for added security.

Two-factor authentication means adding another login step when you’re signing into an account. It combines something you know (your password) with something else you have like your phone or fingerprint, or even your location that lets you approve a new login.

Whenever possible, turn on two-factor authentication with your accounts. The benefit with two-factor authentication is that should your password somehow be compromised -- perhaps in a phishing attack -- the attacker still won’t be able to get into your account without the two-factor authentication information.

As today’s hackers have access to more tools and exploits, and cyber threats become more advanced, threats to our data within accounts of all kinds are becoming a daily occurrence. Whether it’s your food delivery account or your payroll login, it’s critical that we treat passwords as the first line of defense. Making these quick fixes to your everyday password habits can help minimize risk of a compromise to your personal information and limit your business’s attack exposure.

CertNZ has recently published information on a recent threat involving Webcam's and a password blackmail scam

In summary - your password is a direct link to your Online Identity and should be protected as such. Review your passwords frequently and make them long and strong!