By Dan Conrad, Security team lead at One Identity
It is not a secret that passwords are not a particularly secure method of protection, furthermore in a world where multifactor authentication is becoming the norm, talking about password hygiene seems a little dated but still, according to the Verizon 2021 Data Breach Investigations Report, credentials are the route to data breaches in 61% of incidents.
In an ideal world, and increasingly in reality, any system or application that contains critical information such as banking information, healthcare, or corporate enterprise intellectual property are protected with multifactor. For those systems that are not, such as smaller non-critical businesses, or personal online accounts, good password hygiene is still very important.
A few years back, I received an opportunity to comment on an Instagram customer account breach where the attacker had gained access to some usernames and passwords. My first thought was…. “This is pointless.” Why do we care if a portion of the Instagram population has their usernames and passwords compromised? What could possibly happen? Then it occurred to me that most people reuse passwords. So, the same username or email address may be tied to a personal banking account or even a corporate/work system with intellectual property, VPN access, or even an Active Directory credential.
Therefore, it’s important to remember these password basics to ensure your personal and corporate data secured:
Tip #1: Never reuse passwords, or derivatives of the same password.
The concept of frequently changing passwords is fading. Many systems no longer require frequent changes, due ..
Support the originator by clicking the read the rest link below.
