Select Page

Password Safety and Best Practice

by | Sep 25, 2017 | Security

password

Is your password safe?

How many times have you needed a password online and where? Stop don’t answer that question. Because already you are giving away information which may lead to a breach of your online security. It’s not an uncommon practice of one password to rule them all, which is just bonkers. The number of people who use ‘password’ or a derivation such as ‘pa55w0rd’, and birthday combinations of ‘ddmmyy’ and ‘telephone numbers’ for their pin number is remarkably high. If that’s you stop doing it right now. It’s not enough that you need to be responsible for using a secure password and changing them on a regular basis. The would-be hacker is intent on accessing your personal information for their own financial gain and is using a plethora of sophisticated methods to access it. The more upper and lower case letters, numbers and special characters e.g. $?!* you can use the better. It can be difficult to remember all the ones you need. A phrase can act a mnemonic to assist your memory. e.g. “2vast&Trunklesslegs” But don’t tell anyone Ozymandias is your favourite poem. Sadly you can’t stick with one password for the rest of your online life, so change it every 60-90 days.
Data breaches have become commonplace in the news. Some have been well documented in the media Yahoo, LinkedIn, Adobe, MySpace and DropBox are the most high profile which have affected millions of accounts. The total across all reported breaches is estimated last time I looked at 4,729,225,727. DropBox alone confirmed in September last year that they had been hacked in 2012 exposing some 68 million email addresses and passwords which have subsequently been placed for sale online in the dark recesses of the world wide web.

Hacking is the criminals new weapon

Such is the extent of this type of focussed attack on our privacy, it’s important to know whether your details are out there. Thankfully, there’s a quick, easy way to see if you’re at risk from the many recent data breaches and it’s free.
Check out the HaveIBeenPwned? website (‘pwned’ is computer-nerd speak for ‘being defeated’; it’s pronounced ‘poned’) it allows anyone to check if their accounts have been compromised. Breaches at LinkedIn, MySpace, Adobe and Ashley Madison are all included, as is the recently reported breach at Tumblr.
It’s probably fair to say that at this point, you may justifiably be feeling a little anxious and perhaps have many questions about what to do next. Visit the HaveIBeenPwned? and enter any email address you suspect may have been compromised.
If affected you will be shown a list of breaches, with some background relating to the hack, and information as to what data was compromised. The site is well maintained and once information relating to a data breach becomes publicly available online, the site’s owner locates it and uploads it to the database. Passwords and sensitive data aren’t stored, only email addresses or usernames.

What should you do if your accounts have been compromised?

Change any passwords, you use relating to that account. Not only on the password on the site that has been subjected to a hack but also on any site where you have used the same login information e.g. email address as a username.password
If your financial details have been exposed, check for fraud. If an account of yours with financial details was breached, or any details taken could have been used to access your financial info, check all financial services you use. If there is anything out of the ordinary, contact your bank and Action Fraud online or on 0300 123 2040
Watch out for spam emails. If your email address has been used as a service logon the hackers may try to illicit more information via spam email. Never open spam emails or click on links within them – adjust your filters to try and prevent them. For Gmail or Outlook check the links
Do not disclose any personal data to anyone contacting you via a cold call or email, it may be a scam. No reputable company will contact you in this way.