Another Password Breach: HOW TO STAY SAFE & NOT ZUCK!
Kevin D. Turner
Brand to Land: Eliminating Personal Blanding? with the Sharpest Tools & Strategies for Your Professional Success. Branding ? LinkedIn Profile Optimization ? Trainer ? Career Coach ? Speaker ? ? Verified Profile
?? DATA BREACH: PLEASE CHANGE YOUR PASSWORDS IMMEDIATELY! ??
53K+ incidents and 2,200-odd Data Breaches in only 12 months, according to the *2018 Data Breach Investigations Report (DBIR). Leading up to 2018, at least 50M+ Facebook, Google, Twitter, Yahoo and LinkedIn Usernames with Passwords discovered for sale on the dark web (for pennies per identity). Yesterday, May 3rd, 2018, Twitter uncovered a bug that stored our passwords unmasked in an internal log, they fixed it and announced it on the blog with the statement that there is "no indication of a breach or misuse." The line "No Indication" didn't quite make me feel safe, so I changed my Twitter Password immediately, and then I Wrote this Article. Its inevitable, as the value and volume of personal data within our internet-based accounts continue to increase, the focus of the hackers will also, and more breaches are on the way.
So, while you are updating your Twitter Password (PW) today (and hopefully all your accounts), please consider enabling Login Verification (AKA 2 Step Verification). Then if someone nefarious attempts to hack into your account, change your password and highjack your account, you will be notified (with a 6 digit Security Code & Alert Message via email or text, that the hackers won't get) and their hack-in will fail. What follows are my best practices on how to stay safe and mitigate the chances that your information and accounts will fall victim to cybercrime.
STAY SAFE & DON'T ZUCK:
?? Change All PWs at least Quarterly
?? Activate 2 Step Verification
?? Never use the same PW for All Accounts (like Facebook CEO, Marc Zuckerberg did in 2016, BTW the Zuck's PW was dadada ! )
PASSWORD CREATION BEST PRACTICES
?? Create Unique PWs using a combination of Numbers, Symbols, & Letters (Both Upper & Lower-Case)
?? Complexity is Nice, but Length is Key, Try to use 13+ Spaces
?? Avoid Actual Words, Phrases, Names or Personally Identifiable Info (like your Favorite Team, Birthday or your Dog's Name)
?? Don't use Adjacent Keyboard Combinations like “qwerty”, “asdzxc” & “123456”
?? If You must write your PWs down, use Clues instead of the whole PW or Split the PWs onto 2 Pages/secured seperately & never leave it out to be found, lock it up.
Enjoy Your Surf Safely!
Kevin
Kevin D Turner, a Managing Partner at TNT Brand Strategist LLC, is a Technology and Business Savvy Sales, Marketing and Branding Expert.
Link to the *2018 Data Breach Investigations Report (DBIR) courtesy of Verizon and noted in my intro: https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en_xg.pdf
If you found this article useful PLEASE SHARE to Keep Others Safe & Drive those Hackers Crazy.
Please Add Your Best Practices or Resources for Managing/Creating Solid PWs in the Comments.
Marketing Expert, Efficacious Visionary leader, Passionate about Ethics and Integrity, ASQ Expert, Mandarin Speaker
6 年Great nice article to save self from hacker’s threat
Brand to Land: Eliminating Personal Blanding? with the Sharpest Tools & Strategies for Your Professional Success. Branding ? LinkedIn Profile Optimization ? Trainer ? Career Coach ? Speaker ? ? Verified Profile
6 年Just got this email from Twitter on the Breach, this Saturday morning, 3 days after their discovery: Twitter Hi @MrKevinDTurner, When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone. Out of an abundance of caution, we ask that you consider changing your password on all services where you’ve used this password. You can change your Twitter password anytime by going to the password settings page. About The Bug We mask passwords through a process called hashing using a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter's system. This allows our systems to validate your account credentials without revealing your password. This is an industry standard. Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again. Tips on Account Security Again, although we have no reason to believe password information ever left Twitter's systems or was misused by anyone, there are a few steps you can take to help us keep your account safe: 1. Change your password on Twitter and on any other service where you may have used the same password. 2. Use a strong password that you don't reuse on other services. 3. Enable login verification, also known as two factor authentication. This is the single best action you can take to increase your account security. 4. Use a password manager to make sure you're using strong, unique passwords everywhere. We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day. Team Twitter