Today’s hot news from the Washington Post:
“Marriott discloses massive data breach affecting up to 500 million guests. The hotel giant said an unauthorized party had accessed the reservations database for Starwood hotels, one of Marriott’s subsidiaries. The breach included names, email addresses, passport numbers and payment information.” (Nov. 30, 2018)
If that doesn’t motivate you to protect your data, nothing will.
The financial loss can be devastating, But, it’s worse than that. It’s not just your financial information at risk. You expose your entire life, reputation, friends, address, travel plans, health information and other private personal information to grievous harm.
The Internet opens up an entire new universe. However, it can also be a bad neighborhood. But, in any bad neighborhood a little caution goes a long way toward cutting down your chances of being mugged.
To paraphrase an old Navy saying, a data breach can ruin your whole day.. Even if you recover every cent, it will lead to months of aggravation.The threat is real, persistent, and menacing. You need to set your defenses.
It’s critical that you secure your data, but much easier than you think to do it. It’s not hard. Existing tools make it remarkably easy. Now would be a great time to get started.
Password management: The first step to building a moat around your data
It doesn’t take long to use a hundred different sites that require your log in. That’s for your security. But, nobody is going to remember 100 passwords. So, most people cheat, opening themselves up to unlimited mischief.
Right now get a good password manager that will sync across all your devices, and suggest really strong unique passwords like “or!MXY3$VLWw7eHD” for every one of your accounts. Of course, you are never going to remember this password but the application will, and it will open your sites directly from the password manager. So, you can have a different virtually unbreakable password for every site you log into. And, you will have secure access to them from any place in the world.
Password managers are available for all the major operating systems, easy to install, secure, synch data across all your devices and cheap. There just isn’t any excuse for not using them.
Browsers as password managers
Modern browsers like Google’s Chrome or Microsoft’s Edge will remember your passwords and sign you into any of your accounts once you are logged into either your Google or Microsoft account from any device in the world. Just remember to sign out any time you are not on one of your own devices.
Simple passwords won't hack it
Even very sophisticated professionals get lazy and use the same password for multiple sites and/or use something simple like 123456, or abcdefg. They might as well wear a target on their backs.
A remarkable number of people use simple passwords. Searching Google yields the most used passwords:
- 123456
- Password
- 12345678
- qwerty
- 12345
- 123456789
- letmein
- 1234567
Really? Any child can figure those our in a few seconds. But most hackers are sophisticated, highly motivated criminals. It won’t take them too much longer to try variations of your birthday, address or spouse’s name.
Let’s be honest, any self respecting hacker has programs that will grind through a million possibilities in a few seconds. So, long complex passwords are essential to keep them at bay. Sixteen digits with upper and lower case letters, numbers, and special characters are a reasonable standard.
Plan for the worst
Get used to the idea that sites you use will be breached. But when it happens you must contain the damage. Don’t reuse passwords.
If you use the same password on multiple sites, one data breach opens up your whole life on all your other sites like so many falling dominoes. So, if Marriott gets breached (it did) it could open up your password for Amazon and other sites that use the same password, no matter how strong it is. Not good.
You know better than to write down your passwords. But, half of you probably have them neatly typed under your keyboard or in your top drawer.
By using your browser’s password memory, and a good password manager gets you down to just two passwords you have to remember. Of course those two passwords are the keys to your kingdom, so use a little thought on them. It gets even simpler and more secure if your devices have fingerprint or facial recognition. But you have to make it exponentially harder for a bad actor to access your data.
Start now
It’s going to take some time to change all your passwords. However, it will be well worth the effort. Just do a few a day, but get it done. Start with financial and credit card accounts. Then work your way down to the least important.
Once you are done your life will be a lot simpler, and secure.
There’s lots more to do before your moat is finished. But, if you don’t do these first steps, there isn’t much hope for you. Now would be a great time to get started.
The Internet is a jungle. Be safe out there.
https://www.forbes.com/sites/frankarmstrong/2018/11/30/get-paranoid-about-securing-your-data/?ss=cybersecurity#2deb3b56774e
