Are you worried that this weeks leak of LinkedIn/last.fm/eHarmony will compromise your employees' passwords?

jlister

Whenever I learn about another password hack, I just send out my stock "password hack" email. Essentially, it says, "Hey, I know none of you little angels would use your work account passwords for personal stuff, but...." So that went out Monday for LinkedIn, Wednesday for eHarmony, then again today for last.fm. I limit it to major breaches, but all three of this weeks were what I would consider major. I am certain that some people use the same password for everything. So it doesn't take long for me to start thinking of someone looking at a LinkedIn account, seeing that John Doe works at Acme Corp, then using John's password to access his corporate email, etc. Maybe I'm overly cautious, I don't know. How much of an issue do you think this is?

Topic: Security
Answer this Question

Answers

2 total
jack12
Vote Up (20)

Better safe than sorry.  Without a doubt, unless you are at a very small company, there are people that are using the same ID and password across multiple sites and your network if username/password restrictions don't prevent it.  I'm sure a lot of passwords that are being used, assuming you didn't assign them, are the same absurdly weak choices that you see again and again: qwerty, password, 12345asdf, john316, etc.  Anytime you can use self-interest about things employees care about (oh, noes, my eHarmony account!!!!) to reenforce the importance of basic security practices, you might as well take advantage of it.  

jimlynch
Vote Up (18)

Just make sure they all change their passwords, and it probably won't be a problem. It's also a good idea to include information on how to set up strong passwords. Many people are utterly clueless about how easy it is for common passwords to make accounts vulnerable.

Ask a question

Join Now or Sign In to ask a question.
Mozilla has added a defense in its latest version of Firefox that would help prevent hackers from intercepting data intended for major online services.
Traffic is chaotic enough in major cities, but imagine how much worse it would be if a criminal hacker got control of the traffic lights.
In what could turn out to be another huge data breach, Home Depot on Tuesday confirmed that it is investigating a potential compromise of credit card and debit card data belonging to an unspecified number of customers.
Apple has issued a statement regarding the hacking of dozens of celebrities' cellphones that exploded over the weekend.
AlienVault Labs has discovered a watering hole attack that's using a framework developed for reconnaissance as the primary infection vector.
Home Depot said Tuesday it was investigating a possible breach of its systems holding customer payment information tied to credit and debit cards.
Better than 2013 but still not good enough.
That software-defined networking (SDN) is a coming reality is starting to gain traction in IT security circles, with some vendors arguing it could lead to a level of interoperability in security largely missing at present.
It's not ready for prime time yet, but the early builds of a new privacy-focused chat client are promising.
If photos were stolen during a cloud hack, enterprises may be more skittish over cloud use.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+