By: HNS Staff/ Posted on 19 August 2014.
1.2 billion passwords reportedly stolen by Russian hackers. Before that it was Heartbleed.
After a widespread, nonspecific data breach, the conventional wisdom is that people should change all their passwords. But, there’s a better way. With the right password management habits, you won’t need to change all your passwords every time you hear about an online attack.
Changing all one’s passwords won’t hurt, but it is cumbersome. Not only that, it’s a Band-Aid fix that stops short of offering a stronger and more long-term solution, says Sean Sullivan, Security Advisor at F-Secure Labs. Data breaches are the new reality, and it’s no longer a question of if it happens to you, but when. Sullivan says rather than being told to change all their passwords, consumers need practical advice worth following. So when the next breach is disclosed, they will be in control and will only need to change those passwords they know are affected.
“The dirty little secret of security experts is that when there’s a data breach and they recommend to ‘change all your passwords,’ even they don’t follow their own advice, because they don’t need to,” says Sullivan. “Unless I find out about a breach with a specific account, I don’t worry about my passwords. That’s because I use a tool to remember my passwords for me, and a few simple techniques that help to manage my accounts so as to minimize the risk.”
So what are the successful strategies to avoid the hassle of changing passwords constantly? Sullivan points out a few key things:
Help Net Security/ Full Article Here/ http://www.net-security.org/secworld.php?id=17270
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.