Yahoo confirmed last week that hackers had gained login credentials (usernames and passwords) of some of their users. Apparently, this was not a direct breach of Yahoo security. Instead, it appears the hackers took advantage of people who use the same passwords on multiple sites and simply logged in to their accounts.
Password security is one of the most important and most neglected aspects of network security. It's also one of the easiest for hackers to exploit.
We've blogged about this, and other password-related risks in the past, and thought this would be a good occasion to repeat our suggestions about safe passwords.
Tips for Safer Passwords
Here are some tips for safer passwords. Following these simple steps will make it harder for thieves to gain access to your accounts.
- Use different passwords: Never use the same password with more than one account.
- Change passwords frequently: This is easy to do
- Use upper and lower-case letters, numbers, and symbols: That greatly increases the number of possible combinations. Also, use numbers that look like letters to thwart "dictionary" attacks. But don't make it too obvious, like "pa$".
- Use at least 10 Characters: Longer passwords take much longer for an automated system to crack. 10-character passwords have 4,000 times the number of possible variations than those with 8 characters. And that's only if you use numbers and letters.
- Store your passwords safely: If you can't remember all of your passwords, then you might want to store them in one safe, encrypted, password-protected file on your computer or a flash drive that you keep locked away or on you. You can do that pretty easily in Word and Excel. Here are instructions for encrypting Word files. Make sure you use a safe password to lock that file, but one that you can remember. If you forget it, you will not be able to open the file to see your other passwords.
For more details, you can read our blog about managing passwords here.
Watch Out for Phishing Scams
A "phishing scam" is an email from a thief with an important-sounding message urging you to check your online account or send some other information. As we've said many times before, don't ever click on links in such an email.
The links take you to what looks like a login page for your account. But it's really owned by the thief who's trying to steal your login credentials. Don't be fooled by such emails, even if they look legitimate.
Also, don't be fooled by phishing emails that use your real name. Thieves send these "spear phishing scams" after they have obtained your name some other way, to make the email look like it really came from a legitimate business.
If you need to check your account online, just browse directly to it by typing in the name rather than clicking on the link.
Secure Business Email and Collaboration
It might be time to consider moving to a secure Cloud-based business email service like ours that you can access anytime, anywhere from almost any device. Greenview Data's hosted email comes with important collaboration and security features and absolute privacy that you simply can't get with "free" email. And there's no "gotchas". Just secure business email.
We also provide policy-based email encryption, RestorEmail™ archiving and SpamStopsHere™ anti-spam / anti-virus (99.5% spam blocking and 0.001% false positives with no tuning or learning period).
All of our secure Cloud email services come with 24/7/365 live support.
If a conversation about secure email makes sense for your business or practice, give us a call, chat or email anytime. We're always here. 24/7/365.
www.GreenviewData.com | 800-458-3348 | 734-426-7500 |