by Fred Godlash, Marketing Specialist, Business Wire
Many large businesses, including Business Wire, mandate password changes on a regular basis to ensure corporate security, a practice that has yet to catch on with the average internet user. In fact, not only do most people NOT change their passwords on a regular basis, they use the same password for all of their online portals, leaving them and their accounts in a vulnerable position. So what can you do to protect your password and what do you do once your account has been compromised? What is the proper password etiquette going into 2014?
The latest line of defense against hacking used by sites like Apple, Google and Twitter include password authentication systems too sophisticated for hackers to infiltrate using encryption software. While Twitter and Google send passwords directly to the users’ cell phone via text, Apple is introducing two additional ways to utilize passwords. The first protection is a password generating system that creates a sophisticated password stored in the cloud that auto fills when the user is prompted for a password. The second protection layer Apple introduced was fingerprint technology for mobile phones. Other systems are using USB password devices that unlock the authentication process by using a key. Each of these processes were designed to increase security without increasing work on the customer’s end.
Of course, all of the new technologies have some issues. One of the problems with Apple’s icloud system is that you cannot access your passwords unless you are connected to the cloud network and the passwords the system creates are too complex for memorization. USB keys can be stolen and there have been reports of iPhone users not being able to set up the fingerprint reader properly on their phone. So what are some simple tricks that you can use to create a complex password without purchasing a new technology?
Ideally you want to have a variety of complex passwords that can’t be hacked. Many people have weak passwords that contain readable words that can be figured out once the hacker deciphers the first few letters. Instead design a system that is easy to remember yet creates very complex passwords. One method that is very useful for creating passwords is to use acronyms from a simple phrase. For example, if the simple phrase is “I drive a red Toyota at work” the password becomes IdarT@w. Another idea is to use symbols and numbers to add to the complexity of your password. Some people will create passwords in another language to add yet another layer of protection. Taking preventative measures like changing your password often will pay you back in the future.
What if you lose your password? Every company has a way of recovery if you have been compromised. This is where Gmail and Twitter’s two factor authentication becomes important. Update your security profile with a phone number or secure email address on file so that the provider can contact you in case of emergency before you are compromised. If email is not a safe option, have a text sent to you on your phone. Second, once you are aware of suspicious activity or if your account has been compromised, know how to quickly recover from a problem.
Here are some guidelines for some of the more often hacked social platforms:
- If you believe your Twitter account has been compromised change your password in the password tab in settings. Use the guidelines above for selecting a strong password. If you are unable to reset your password use Twitter’s Password Reset Form. If you feel your email has been compromised contact Twitter using Support Request and choose the option “hacked account.” Make sure to revoke all connections to third-party applications; to do this, after you have created a new password and logged in, visit “Apps” in your settings and revoke access. If you keep trusted third-party apps connected, don’t forget to update your password settings on each platform. Once you have regained full control of your account make sure to go back and delete any unwanted Tweets.
- Very similar to Twitter, start with the basics; change the compromised password to a strong password. If you are unable to change your password or feel your email has been compromised use the Secure It Here Link. Take steps to revoke third-party applications until you feel the situation is secure. Delete any questionable photos or use the hide from timeline option for photos not posted by you.
All Google Accounts including email
- Google has a network of sites that all tie in to the same password from email, analytics to social media and as a precaution Google lets you set an option in how you want to be contacted in case your account has been compromised. Make sure to keep this accurate and up to date. Google also provides a link to help you recover from a hack called Google Account Recover. Another resource is to go to the Google Apps Documentation and Support for recovering and resetting passwords.
When hackers compromise your email or social media their objective is almost always to gain bank account details. Sometimes accounts have been compromised and yet no action is taken for many months later due to the “lying in wait” attitude criminals have when stealing information. Here are some guidelines for bank and credit cards.
Bank Accounts and Credit Cards
- All the same recovery rules apply for your bank accounts and credit cards with one major exception; if your money was compromised there is a good chance your full identity has been as well. If you want to know how to steal from your account do this simple test; call the bank and ask them what they need to access your account so you can check your account balance. In most cases they need your name, address, date of birth, email address and the account number. These items are usually found with little effort on the internet. Many times the account number from debit cards can be compromised by knowing all of your personal information and contacting 3rd party vendors like restaurants, hotels, rent a car vendors, etc. for information. This is why protecting a simple thing like a social media site is so important. The more information a thief has about you the easier it is to steal from your bank account. If your bank account has been compromised it may become a police matter and is a federal offense.
Of course, before changing passwords, scan your computer for viruses and malware and update all the latest security patches for your computer. A proactive stance in password security is always a good thing but make sure to have a plan in case your password is compromised.
Have questions about Business Wire’s commitment to security or how you can create a secure password? Let us know in the comments below.