GoComputek Blog

All about Gocomputek

Password Security is Security

Password insecure alert, unrecognizable computer hacker stealing

If you’ve used Dropbox or LinkedIn in the past few years, chances are your password is out there in the underbelly of the dark web. Last January, Troy Hunt published what he called Data Collection #1, a list of hacked emails and passwords. These contained 772,904,991 email addresses and 21,222,975 passwords. Later that same month, other researchers obtained and analyzed an additional vast database called Collections #2–5. The total was 845 gigabytes of stolen data and 25 billion records in all. At the end of the day, analysts at the Hasso Plattner Institute in Potsdam, Germany, found that the total haul is close to three times the size of the Collection #1 batch.

How is this relevant to me?

Most of the emails and passwords are collections of old data breaches. The breaches typically come from Yahoo!, LinkedIn, and Dropbox. This information got circulated over 1,000 times. The immediate threat associated with a particular email address is low. However, individuals who use the same password for multiple sites are at risk. Then, hackers will use the same stolen password to break into multiple accounts. Credential stuffing is the name for using passwords for various sites. Unfortunately, this is true even when the type of account is varied (social media to mobile banking). You can use Hasso Plattner Institute’s tool to check if your username and passwords have been leaked.

What Should I do?

Protecting your passwords by using multi-factor authentication wherever possible has never been more important. The strongest passwords are random strings of letters, numbers and symbols of eight or more characters. In addition, unique passwords are essential. Using a unique passwords means that you use a different password for every site. It is equally important to Keep track of these passwords. Additionally, we recommend using a password manager, like Lastpass and Enpass. These apps and other like them, create random, unique passwords for every site you use and store them securely.

The same tactics for personal password safety apply to large organizations as well. A recent attack on a large firm by a new ransomware called “LockBit” illustrates this point. ArsTechnica reports that “the attackers […] used a list of words in hopes of gaining access to one of the [firm’s] accounts. Eventually, they hit the jackpot: an administrative account that had free rein over the entire network. Then, the weak account password, combined with the lack of multifactor authentication protection, gave the attackers all the system rights they needed.” Unfortunately for the company in question, they had not done a recent back up. They were forced to either pay out the ransom or lose all their data. They chose the former. This attack highlights the absolute need for unique, strong passwords and multifactor authentication.

The Solution is Clear

The cautionary reality of this recent attack sends a clear message: strong, unique passwords and multi-factor authentication can save an organization’s data. As a result, it preserves their profit margin. No one person and no company, no matter how big, is immune to cyberattacks. Password protection is the front line of defense for cyber security. For your convenience, Managed Service Providers (MSPs) and in-house IT departments should ensure that all users are abiding by the highest possible password safety standards.

Don’t wait until it’s too late. If you would like to schedule a free security assessment for your organization, give us a call. Keeping data safe and systems operational is our passion! We look forward to hearing from you.

Related posts

26 May. 2021

Information Technology makes the world go round, but it can also teach you about life. Our Office Manager shares some parting wisdom about what she's learned working in IT.

26 May. 2021

Microsoft Teams is an interactive communication system that is a viable option for your business's telephony needs. Find out more here!

8 Apr. 2021

Information Technology continues to change the way people do everything. From business, to healthcare to education, every aspect of human endeavor is constantly shifting according to developments in technology. Manufacturing is no exception. The future of manufacturing is digital, automated, and full of possibilities.