Recently, Facebook announced that an internal security review found the passwords of hundreds of millions of users had been stored on company servers without encryption, but that no passwords were leaked and the company has found no indication the sensitive data was improperly accessed.
The issue was first brought to light by Brian Krebs, a security researcher who detailed the concern over password security in a blog post detailing that Facebook employees built applications that captured the passwords of users and stored them as plain text, meaning a password would be readable just the same as it is entered to log in. As a result, Facebook said it will be notifying all affected users as a precaution.
While, most companies encrypt passwords to prevent them from being stolen in the event of a data breach or used for nefarious purposes by company employees, it raises an important question. How protected is your information?
Here are a few simple tips to keep your password perfectly protected to ensure the safety and security of your personal information:
Hackers use sophisticated software that can run millions of combinations of letters and symbols in a short time. Your defense: longer passwords with passwords that are 20 characters or longer. The trick is to use a sentence or phrase you create, such as “My Aunt Esther has loved me since I was a child.” It’s ultra-hard to hack but easy to remember. For even more security, add a number or symbol at the end, along with a capital letter or two or punctuation.
Factor in Two-Factor Authentication
Two-factor authentication services add an extra layer of protection to your most vital digital accounts. First, you log in to an account using your usual password. Next, the two-factor authentication site sends your phone a six-digit code that you must enter before gaining access. It’s an extra step but worth the added layer of security.
Safeguard Your Passwords in a Vault
Never store passwords in a file on your computer. Instead, use password manager apps that store passwords in a well-protected digital space. A good password manager creates strong, unique passwords for all of your accounts. That means that if one of your passwords does get caught up in a data breach, criminals won’t have the keys to the rest of your online services. The best ones sync across desktop and mobile, and have autocomplete powers. Now, rather than having to memorize dozens of meticulously crafted passwords, you just have to remember one master key. All you need is a master password to access the list. Popular versions that use cloud technology include LastPass, Dashlane and 1Password. Apps that put the vault on your hard drive include RoboForm, Password Safe or KeePass.
Several times a year, change the passwords on all your important accounts. With hackers stealing data on millions of accounts at a time, this will help keep you protected if their focus turns toward you. Also change your password if you’re notified by a website that its security has been breached.
Mix it Up!
That’s the golden rule, cybersecurity experts say: Why let one key unlock every one of your digital doors?
Got questions about cyber security? Give us a call at 303-721-1145.