Back in 2014, more than 500 million Yahoo account credentials were stolen, but nobody knew about it until just a few weeks ago. This is the largest data breach yet discovered, and it’s nothing new – many other businesses and organizations such as Target and LinkedIn have had their networks compromised in recent years. The issue is even worse than you might realize because most breaches are not made public, let alone reported in media. Smaller breaches happen all the time (more than 700 in 2015), and many more are never disclosed or even discovered.
To help protect yourself against people who are invading computer networks at large businesses and organizations, you need to have strong passwords. Every day, people use passwords to log into as many as a dozen websites, and it’s not uncommon to have over 100 accounts (many long-forgotten) out on the Internet. Old forums, old support sites and old schools all hold onto your login information. Any one of them could be hacked and you might never hear about it.
These security breaches are a serious problem because almost everyone reuses passwords. In fact, password re-use is the easiest way to get your account stolen.
It’s especially important to have unique passwords on high-value sites, such as ones that control your assets (online banking, loans, investment, employee benefits) and email (work, school and personal). Email logins are almost as important as bank accounts because malicious people can use your account to reset your other passwords. For example, after compromising an email address, a hacker could gain access to redirect calls made to your phone. With your email address and phone number, it’s only one more step to tap into your bank account. Such sophisticated attacks are unlikely, but hackers commonly use stolen accounts to send spam or to register lines of credit, resulting in identity theft.
There is no way to remember a unique, strong password for every site you visit and every account you have. Instead, I recommend using a tool like LastPass to keep track of your passwords. You can put LastPass on your phone, tablet, and PC and keep your passwords safe on all of them. Of course, you need to make sure to choose (and remember) one good, unique password for LastPass itself. But that’s the only password you have to remember ever again. LastPass on one device (such as your phone) is free. If you want to sync your passwords on every device it costs $12 a year.
While LastPass is a very good choice, there are other password remembering tools, both free and paid. Try to avoid using password remembering tools that do not store your passwords encrypted, and online. This means you shouldn’t rely on your built-in browser password tools because none of them (for Chrome, Firefox, or Internet Explorer) store your passwords in a way that is both portable and secure.
Interested in a degree in technology? Learn more here.
Myrddin Emrys is the Herzing IT Help Desk lead, and has been with Herzing University for more than six years. He came to Herzing with more than 15 years of experience as a system administrator and technical support specialist at several Wisconsin Internet providers