Lessons from Yahoo hack

epa05675985 A file picture dated 23 September 2016 shows the Yahoo logo pictured on a computer monitor in Taipei, Taiwan. Yahoo reported on 14 December 2016 that it has identified a security breach that occured in August 2013 in which data associated with one billion user accounts was stolen. On 23 September 2016, Yahoo reports around 500 million Yahoo account users information had been stolen or hacked on its network in 2014. EPA/RITCHIE B. TONGO

 

NEW YORK / AP

Many people are still not taking routine precautions to safeguard their email accounts — and hackers are exploiting that. According to US officials who filed charges in a massive Yahoo break-in, Russian hackers didn’t have to work very hard to break into people’s email accounts, even those belonging to government officials or powerful executives. You can make yourself less of a target. There are a few simple ways to help safeguard your email account from hackers.

DON’T REUSE PASSWORDS
Many online break-ins result when people have reused a password across, say, their email, social and financial accounts. If it’s compromised at any one of those services, the others are suddenly vulnerable. One simple way to avoid this problem is to start with a base password you can remember, and then add on letters and numbers that reference where you’re using it.

PICK A STRONGER PASSWORD
You can make things harder for attackers by making your base password stronger. The more complicated and lengthy a password is, the harder it will be for hackers to guess. The downside: Tougher passwords are also harder to remember. But there are some ways around that. Don’t include your kids’ names, birthdays or references to any other personal details. Hackers routinely troll Facebook and Twitter for clues to passwords like these.

HAVE YOUR PASSWORDS MANAGED FOR YOU
Of course, you can make things easier on yourself by using a password-manager service such as LastPass or Dashlane, which keep track of multiple complex passwords for you. Some web browsers such as Apple’s Safari
and Google’s Chrome also have built-in password
managers; these work if you switch devices, but not if you switch browsers.
After you create a strong password for your password manager, it can create random passwords for your other accounts — and will remember them for you as well. “It’s more secure and it makes your life easier,” said Jamie
Winterton, director of strategy at the Global Security Initiative at Arizona State University.

MULTIFACTOR AUTHENTICATION IS A MUST
The next line of defense is two- or multifactor authentication, which asks users to enter a second form of identification, such as a code texted to their phone, when they log in. It’s now commonplace for many email and social media accounts. That way, even if hackers manage to get your password they still need your phone with the texted code.
“Having another way for that account to say ‘Hey, is that really you?’, and give veto authority is really important,” Winterton said.

KEYWORDS MATTER
According to the indictment, the Russian hackers searched email accounts for keywords like “passwords” to find people’s passwords for other accounts. They also searched for “credit card” ‘‘visa,” among other terms. So think twice before you use common key words that can serve as a road map to sensitive information for hackers. And don’t save passwords in old emails.

Leave a Reply

Send this to a friend