Story image

Frequent password changes crucial to prevent data breaches

13 May 16

Last week played host to World Password Day and there couldn’t be a better time to make sure your passwords are fresh and up-to-date.

Yesterday micro-blogging website Tumblr announced that it was the victim of a security breach, with users’ data being accessed from as far back as 2013, prior to when Yahoo! Took over operations. Tumblr says that this data does not seem to have been used, but advised users to change their passwords and security settings immediately.

Occurrences like this have happened over and over again – a sure sign that password security and frequent changes are important to keep hackers at bay. An estimated 450 million passwords have been stolen from various websites, opening the doors to potentially disastrous situations.

Nick FitzGerald, Senior Research Fellow at ESET, suggests using a password 14-16 characters long with numbers, symbols and capitals if possible. It doesn’t even to be that difficult – a phrase works just as well.

Don’t use the same password across multiple websites. While it may be easier for your memory, it will also be easier for hackers to get access to every site you use.

If remembering passwords across your home or business is a daunting prospect, password managers are a good option, FitzGerald says. Password managers are commonly designed to work only on one registered device, protecting even your master password from being hacked and passwords change with each and every login.

Two-factor authentication is another way of making sure nobody else gets access to your account. While this may seem tedious for those who prefer simplicity over security, it is well worth the effort. 

"This increases security with an extra layer of protection that requires entering a unique code sent to another email address or mobile, or some other action involving a token carried by the account owner,” FitzGerald says.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”