Story image

Frequent password changes crucial to prevent data breaches

13 May 16

Last week played host to World Password Day and there couldn’t be a better time to make sure your passwords are fresh and up-to-date.

Yesterday micro-blogging website Tumblr announced that it was the victim of a security breach, with users’ data being accessed from as far back as 2013, prior to when Yahoo! Took over operations. Tumblr says that this data does not seem to have been used, but advised users to change their passwords and security settings immediately.

Occurrences like this have happened over and over again – a sure sign that password security and frequent changes are important to keep hackers at bay. An estimated 450 million passwords have been stolen from various websites, opening the doors to potentially disastrous situations.

Nick FitzGerald, Senior Research Fellow at ESET, suggests using a password 14-16 characters long with numbers, symbols and capitals if possible. It doesn’t even to be that difficult – a phrase works just as well.

Don’t use the same password across multiple websites. While it may be easier for your memory, it will also be easier for hackers to get access to every site you use.

If remembering passwords across your home or business is a daunting prospect, password managers are a good option, FitzGerald says. Password managers are commonly designed to work only on one registered device, protecting even your master password from being hacked and passwords change with each and every login.

Two-factor authentication is another way of making sure nobody else gets access to your account. While this may seem tedious for those who prefer simplicity over security, it is well worth the effort. 

"This increases security with an extra layer of protection that requires entering a unique code sent to another email address or mobile, or some other action involving a token carried by the account owner,” FitzGerald says.

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.