Are you worried that this weeks leak of LinkedIn/last.fm/eHarmony will compromise your employees' passwords?

jlister

Whenever I learn about another password hack, I just send out my stock "password hack" email. Essentially, it says, "Hey, I know none of you little angels would use your work account passwords for personal stuff, but...." So that went out Monday for LinkedIn, Wednesday for eHarmony, then again today for last.fm. I limit it to major breaches, but all three of this weeks were what I would consider major. I am certain that some people use the same password for everything. So it doesn't take long for me to start thinking of someone looking at a LinkedIn account, seeing that John Doe works at Acme Corp, then using John's password to access his corporate email, etc. Maybe I'm overly cautious, I don't know. How much of an issue do you think this is?

Topic: Security
Answer this Question

Answers

2 total
jack12
Vote Up (17)

Better safe than sorry.  Without a doubt, unless you are at a very small company, there are people that are using the same ID and password across multiple sites and your network if username/password restrictions don't prevent it.  I'm sure a lot of passwords that are being used, assuming you didn't assign them, are the same absurdly weak choices that you see again and again: qwerty, password, 12345asdf, john316, etc.  Anytime you can use self-interest about things employees care about (oh, noes, my eHarmony account!!!!) to reenforce the importance of basic security practices, you might as well take advantage of it.  

jimlynch
Vote Up (12)

Just make sure they all change their passwords, and it probably won't be a problem. It's also a good idea to include information on how to set up strong passwords. Many people are utterly clueless about how easy it is for common passwords to make accounts vulnerable.

Ask a question

Join Now or Sign In to ask a question.
Almost 500,000 patient records have been hacked from the servers of the Harley Medical Group, the plastic surgery firm which has clinics across the UK.
Security researchers have found that many satellite communication systems have vulnerabilities and design flaws that can let remote attackers intercept, manipulate, block and in some cases take full control of critical communications.
The U.S. commercial drone industry is still struggling to get off the ground more than two years after President Obama signed into law a bill that permits the civilian use of unmanned aerial vehicles (UAV) over the country's airspace.
Sure, you’ve changed a bunch of passwords, but are you doing all you can to protect yourself?
About 2.6 million payment cards at Michaels Stores and another 400,000 at subsidiary Aaron Brothers may have been affected in a card skimming attack that compromised its point-of-sale systems, the retailer said Thursday.
National security may be at stake as private businesses try to manage a growing number of cyberthreats, but IT professionals shouldn't have to bear that burden alone.
Worried about how the Heartbleed vulnerability may affect your personal accounts? A new tool may be of help.
Whether it's the first time you've picked up an iPad or the seventeenth time you've pulled out your iPhone today, there are probably still some iOS 7 features and functionality that you're not familiar with. Don't sweat it: We're here to help. We've collected some of our favorite and most useful tips and compiled them here, just for you.
The Tor Project has flagged 380 Tor relays vulnerable to the critical Heartbleed flaw to be rejected from the Tor anonymity network, reducing the network's entry and exit capacity.
Cybercriminals have started using a sophisticated Android Trojan app designed for e-banking fraud to target Facebook users, possibly in an attempt to bypass the two-factor authentication protection on the social network.

White Papers & Webcasts

See more White Papers | Webcasts

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness