Password Safety In A Connected World
It has become increasingly common for personal and professional social media accounts to become ‘hacked’, or taken over by someone who doesn’t own the account. Twitter’s help center points out that this occurs from weak passwords, a pre-existing password-collecting virus on your computer or by entrusting your login credentials to malicious third-party websites and applications. Usually these incidents are an inconvenience to the user, as cybercriminals use the account to send out malicious links and unwanted social content updates. However, these simple hacks can also cause huge problems in our ever-connected society.
Last week we saw an example of the impact of an account hack. On April 23rd, the official Associated Press Twitter account (@AP) became compromised and sent out the following tweet at 1:07pm ET:
By 1:08pm ET the Dow Jones Industrial Average had plummeted by 150 points, losing more than $137 billion. Market turmoil lasted for approximately 5 minutes before representatives from The Associated Press and the White House confirmed that the tweet was a hoax and a result of the account being hacked. After the hack was debunked, the Dow Jones regained all of its losses; however, the incident casts a spotlight on the influence of robot traders (computers programmed to make stock trading decisions based on real-time data) and the weight of social media updates.
The attack also shows an evolution in the way cybercriminals can exploit technological weaknesses by manipulating social updates from influential accounts or profiles. Now, more than ever, it is imperative that you take an active approach to your online security. Here are a few tips to ensure that your social accounts remain yours:
- Use Strong Passwords
Get out of the habit of easily identifiable passwords. Keep in mind that the top 5 online passwords are:
If your password is on the above list or even similar, it’s time to update it immediately. Unsure if your password is strong enough? Run it through Intel’s password tool (plus you could win an Ultrabook!).
- Change Your Password Often
Try to change your login passwords at least 2 times a year. A good habit is to sync this up with changing your clocks and smoke detector batteries during the Daylight Savings Time switch. By changing your passwords regularly, you’re limiting the time that a hacker might have access to your account, if it were compromised without your knowledge.
- Use Different Passwords for Each Site Login
It can be tempting to use the same password for your Facebook, Twitter, email, online banking etc. accounts—especially if you’re prone to forgetting your passwords. Don’t do it! You should always have a separate password for each website login. At the very least, you should have different passwords for your non-commercial accounts (Facebook, Twitter, etc.) and your online financial accounts. If your passwords are the same and a hacker manages to steal the password for one account, then they now have access to all of your online accounts.
- Monitor Your Apps and Keep Them Updated
Having third-party apps connected to your social account can be a huge convenience, by allowing you to quickly log into websites using your social credentials. However, be sure to verify that a site or app is trustworthy before you allow authorization. Routinely check your list of connected apps to ensure you recognize them. Finally, if there are ever updates—accept them! Most app updates address bug fixes and security concerns.
- Keep Updated on Password Safety Best Practices
Staying informed of best practices will keep you security savvy. Join us for a Twitter chat on May 7th at 3pm ET as we discuss password safety with Intel, the Department of Homeland Security and STOP.THINK.CONNECT. Attend the event and participate by using the hashtag #ChatSTC.
If you’re worried about forgetting or losing your passwords, check out our McAfee All Access product. It features the new McAfee SafeKey, allowing you to easily and securely store all of your usernames and passwords to various sites, while also offering one-click logins.